John Scott's starred repositories
tag-security
🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
rose
Developed at Lawrence Livermore National Laboratory (LLNL), ROSE is an open source compiler infrastructure to build source-to-source program transformation and analysis tools for large-scale C (C89 and C98), C++ (C++98 and C++11), UPC, Fortran (77/95/2003), OpenMP, Java, Python and PHP applications.
flawfinder
a static analysis tool for finding vulnerabilities in C/C++ source code
BenchmarkJava
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
SParts
The Software Parts (SParts) lab delivers a Sawtooth-based ledger that provides both accountability and access to the open source components used in the construction of a software part. A software part is any software component (e.g., library, application, container or an entire operating system runtime) that is comprised of between 0% and 100% open source.
governance
TODO Group Governance
cve-search
cve-search - a tool to perform local searches for known vulnerabilities
sha1collisiondetection
Library and command line tool to detect SHA-1 collision in a file
archive-ddf-parent
DEPRECATED: This repository has been moved into ddf. You may only submit Bug Fixes to the appropriate branch.
mcollective-openscap-agent
An OpenSCAP Agent for running distributed scans using MCollective.
fossology-spdx
FOSSology plugin for SPDX
occupyhongkong
Photos of Occupy Hong Kong, October 1
open-source-policy
This repository contains the official Open Source Policy of 18F
l2bf.github.io
The Rise of CrossFit and the Primal Future of Fitness
OpenMDAO-Framework
OpenMDAO is an open-source Multidisciplinary Design Analysis and Optimization (MDAO) framework, written in Python. It helps users solve complex problems by allowing them to link together analysis codes from multiple disciplines at multiple levels of fidelity. The development effort for OpenMDAO is being led out of the NASA Glenn Research Center in the MDAO branch. The development effort is being funded by the Fundamental Aeronautic Program, Subsonic Fixe Wing project. The ultimate goal is to provide a flexible common analysis platform that can be shared between industry, academia, and government.