John Scott's starred repositories
dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
cve-search
cve-search - a tool to perform local searches for known vulnerabilities
tag-security
🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
sha1collisiondetection
Library and command line tool to detect SHA-1 collision in a file
BenchmarkJava
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
rose
Developed at Lawrence Livermore National Laboratory (LLNL), ROSE is an open source compiler infrastructure to build source-to-source program transformation and analysis tools for large-scale C (C89 and C98), C++ (C++98 and C++11), UPC, Fortran (77/95/2003), OpenMP, Java, Python and PHP applications.
flawfinder
a static analysis tool for finding vulnerabilities in C/C++ source code
open-source-policy
This repository contains the official Open Source Policy of 18F
OpenMDAO-Framework
OpenMDAO is an open-source Multidisciplinary Design Analysis and Optimization (MDAO) framework, written in Python. It helps users solve complex problems by allowing them to link together analysis codes from multiple disciplines at multiple levels of fidelity. The development effort for OpenMDAO is being led out of the NASA Glenn Research Center in the MDAO branch. The development effort is being funded by the Fundamental Aeronautic Program, Subsonic Fixe Wing project. The ultimate goal is to provide a flexible common analysis platform that can be shared between industry, academia, and government.
governance
TODO Group Governance
occupyhongkong
Photos of Occupy Hong Kong, October 1
SParts
The Software Parts (SParts) lab delivers a Sawtooth-based ledger that provides both accountability and access to the open source components used in the construction of a software part. A software part is any software component (e.g., library, application, container or an entire operating system runtime) that is comprised of between 0% and 100% open source.
fossology-spdx
FOSSology plugin for SPDX
mcollective-openscap-agent
An OpenSCAP Agent for running distributed scans using MCollective.
archive-ddf-parent
DEPRECATED: This repository has been moved into ddf. You may only submit Bug Fixes to the appropriate branch.
l2bf.github.io
The Rise of CrossFit and the Primal Future of Fitness