You must be logged in to sponsor prabhu
Become a sponsor to prabhu
I am building several application security and threat intelligence tools under the umbrella "AppThreat". Some of my work includes
- dep-scan - Fully open-source security audit based on known vulnerabilities and advisories for project dependencies. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI, and Google CloudBuild. No server is required!
- cdxgen - a tool to effortlessly produce software bill-of-materials and submit to a suitable server such as dependency-track for open-source scanning (OSS) scanning
Featured work
-
CycloneDX/cdxgen
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submissio…
JavaScript 592 -
AppThreat/vulnerability-db
Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers.
Python 101 -
AppThreat/cpggen
Generate CPG for multiple languages for code and threat analysis
C# 9 -
AppThreat/joern-lib
Python library for code analysis with CPG and Joern
Jupyter Notebook 13