Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: supply-chain-attacks

chainguard-dev/ghscan

Scan GitHub Actions Workflow logs for IOCs

Language: Go - Size: 82 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 15 - Forks: 2

bureado/awesome-software-supply-chain-security

A compilation of resources in the software supply chain security domain, with emphasis on open source

Size: 165 KB - Last synced at: 8 days ago - Pushed at: about 2 years ago - Stars: 314 - Forks: 28

Dentrax/cocert

Split and distribute your private keys securely amongst untrusted network

Language: Go - Size: 7.67 MB - Last synced at: 19 days ago - Pushed at: about 3 years ago - Stars: 203 - Forks: 13

phe-sto/AutoHTMLSRI

Compute SRI from an HTML file and generate a new HTML with the integrity attribute.

Language: C++ - Size: 2.49 MB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 0 - Forks: 0

vishalgarg-sec/Software-Supply-Chain-Security

A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the web.

Size: 587 KB - Last synced at: 9 months ago - Pushed at: about 1 year ago - Stars: 122 - Forks: 15

cugu/gocap 📦

List your dependencies capabilities and monitor if updates require more capabilities.

Language: Go - Size: 49.8 KB - Last synced at: 5 months ago - Pushed at: almost 2 years ago - Stars: 130 - Forks: 12

elliotwutingfeng/check-pip

Python script to check if any malicious pip packages listed in a text file have been installed.

Language: Python - Size: 3.91 KB - Last synced at: about 2 months ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0

Gao-Chuan/Union-under-Duress

New Android supply chain attack surface

Size: 1.51 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0

ossillate-inc/packj-github-action

Packj audits pull requests for malicious/risky open-source deps

Size: 102 KB - Last synced at: 23 days ago - Pushed at: over 1 year ago - Stars: 10 - Forks: 4

maweil/bidi_char_detector

Checks your files for existence of Unicode BIDI characters which can be misused for supply chain attacks. See CVE-2021-42574

Language: Rust - Size: 35.2 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 6 - Forks: 3

Related Keywords
supply-chain-attacks 10 supply-chain-security 6 security 3 sbom 2 security-tools 2 dependency-management 2 software-supply-chain-security 2 vulnerability-management 2 static-analysis 2 slsa 1 owasp 1 openssf 1 open-source-security 1 cncf 1 attestations 1 subresource-integrity 1 sri 1 maninthemiddle 1 integrity-tool 1 actions 1 unicode-characters 1 rust 1 docker 1 cve-2021-42574 1 vulnerability-scanner 1 security-audit 1 malware-analysis 1 infosec 1 android 1 pypi 1 package 1 malware 1 go 1 vex 1 software-transparency 1 software-security 1 software-bill-of-material 1 changed-files 1 detection 1 github-actions 1 ioc 1 logs 1 scanner 1 secrets 1 supply-chain 1 workflow 1 attestation 1 awesome-list 1 cve-scanning 1 dependencies 1 devsecops 1 oss-compliance 1 package-management 1 reproducible-builds 1 security-vulnerability 1 software-composition-analysis 1 software-supply-chain 1 vulnerability-scanning 1 public-private-key 1 secret-management 1 shamir 1 shamir-secret-sharing 1 split 1 tuf 1 ci 1 cicd 1