一个漏洞扫描工具,可用于扫描容器镜像、系统文件、Git仓库、以及配置和硬编码密钥等
The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.
A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles
Support CI generation of SBOMs via golang tooling.
SBOM quality score - Quality metrics for your sboms
GitHub Action for creating software bill of materials using Syft.
Graphing SBOM's Fast.
Generate a score for your sbom to understand if it will actually be useful.
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
Creates CycloneDX Software Bill of Materials (SBOM) from Go modules
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
Catalogue all images of a Kubernetes cluster to multiple targets with Syft
CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructure
A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-...