AppThreat's repositories
dep-scan
OWASP dep-scan is an open-source security audit based on known vulnerabilities and advisories for project dependencies. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI, and Google CloudBuild. No server is required!
vulnerability-db
Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers.
dep-scan-action
Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. No server required!
blint-action
Action to run BLint, the binary linter.
cve-annotations
UNUSED: Community powered annotations for CVE to identify source, sink, exploits and other information.
depscan-bin
Binary builds for dep-scan - The Dependency Scanner
scan-reports
Library for producing gorgeous html reports from AppThreat scan results. Compatible with SARIF and grafeas format.
cpggen-action
Generate CPG for multiple languages for use with joern
vuln-list-update
Collects vulnerability data from a range of sources.