#Cyclonedx

Showing 16 of 16 repositories tagged #cyclonedx, ranked by stars

anchore
anchore
grype

A vulnerability scanner for container images and filesystems

Score
100
โ˜… 12.5k โ‘‚ 823 โ€”
Go
anchore
anchore
syft

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

Score
50
โ˜… 9.2k โ‘‚ 886 +22/day
Go
DependencyTrack
DependencyTrack
dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Score
100
โ˜… 4.0k โ‘‚ 775 +6/day
Java
guacsec
guacsec
guac

GUAC aggregates software security metadata into a high fidelity graph database.

Score
83
โ˜… 1.5k โ‘‚ 205 โ€”
Go
XmirrorSecurity
XmirrorSecurity
OpenSCA-cli

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.

Score
67
โ˜… 1.1k โ‘‚ 134 โ€”
Go
cdxgen
cdxgen
cdxgen

Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server

Score
100
โ˜… 1.0k โ‘‚ 254 +5/day
JavaScript
devops-kung-fu
devops-kung-fu
bomber

Scans Software Bill of Materials (SBOMs) for security vulnerabilities

Score
0
โ˜… 622 โ‘‚ 55 +2/day
Go
kdeldycke
kdeldycke
meta-package-manager

๐ŸŽ wraps all package managers with a unifying CLI

Score
100
โ˜… 602 โ‘‚ 49 +3/day
Python
chainloop-dev
chainloop-dev
chainloop

SDLC evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more

Score
50
โ˜… 568 โ‘‚ 53 โ€”
Go
CycloneDX
CycloneDX
specification

OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX

Score
0
โ˜… 521 โ‘‚ 88 โ€”
XSLT
CycloneDX
CycloneDX
cyclonedx-python

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

Score
0
โ˜… 386 โ‘‚ 95 +2/day
Python
sbom-tool
sbom-tool
sbom-tools

Semantic SBOM/CBOM diff, quality scoring, and TUI analysis tool for CycloneDX/SPDX โ€” covering component changes, dependency shifts, license conflicts, vulnerabilities, cryptographic inventory grading, and PQC compliance (CNSA 2.0, NIST IR 8547).

Score
0
โ˜… 231 โ‘‚ 13 โ€”
Rust
relizaio
relizaio
rearm

ReARM - Release Governance Platform for the Agentic Era

Score
33
โ˜… 122 โ‘‚ 9 โ€”
Java
omonien
omonien
DX.Comply

Generate CycloneDX SBOMs for Delphi projects โ€” EU Cyber Resilience Act compliance in one click

Score
17
โ˜… 52 โ‘‚ 9 +1/day
Pascal
apisec-inc
apisec-inc
AI-Surface

Find and govern AI attack surfaces in application code at PR time. Free, OSS, runs offline.

Score
0
โ˜… 44 โ‘‚ 8 โ€”
Python
droidsaw
droidsaw
droidsaw

Pure-Rust Android decompiler and security-audit suite. DEX โ†’ Java, Hermes โ†’ JavaScript. Cross-layer taint across the React Native bridge. CycloneDX SBOM + OpenVEX. CLI and MCP. Bytecode is not a security layer.

Score
0
โ˜… 21 โ‘‚ 2 โ€”
Rust
Related Topics
#sbom#spdx#security#devsecops#owasp#supply-chain#software-bill-of-materials#static-analysis#vex#bom#package-url

ยฉ 2026 GitRepoTrend ยท GitHub repositories by topic ยท Updated weekly