Become a sponsor to Caroline Russell
A few of the projects I'm working on at the moment:
OWASP-depscan/dep-scan: Fully open-source security audit based on known vulnerabilities and advisories for project dependencies. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI, and Google CloudBuild. No server is required!
CycloneDx/cdxgen: Creates CycloneDX Software Bill-of-Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI//CD pipeline with automatic submission to Dependency Track server.
AppThreat/atom-tools: Collection of tools for use with AppThreat/atom slices. Automated generation of OpenAPI specs, finding endpoints to match with SAST findings.
AppThreat/custom-json-diff: Tool to allow customizable diffing of json documents. Also offers analysis comparing two CycloneDx BOMs.
Featured work
-
CycloneDX/cdxgen
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submissio…
JavaScript 592 -
AppThreat/vulnerability-db
Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers.
Python 101 -
owasp-dep-scan/dep-scan
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container …
Python 1,041 -
owasp-dep-scan/blint
BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generator for binaries.
Python 348 -
AppThreat/atom-tools
Collection of tools for use with AppThreat/atom.
Python 4 -
AppThreat/custom-json-diff
A utility to compare json documents containing dynamically-generated fields.
Python