There are 3 repositories under sbom-tool topic.
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
SBOM quality score - Quality metrics for your sboms
creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
Utility that provides an API platform for validating, querying and managing BOM data
Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.
Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
SBOM Assembler - A tool to compose your various sboms into a single sbom.
A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements, and has the SBOM to show it!
Create CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.
This tool compares two Software Bill of Materials (SBOMs) and reports the differences.
SBOM Grep - search through SBOMs
Transform SBOM contents into a formatted document including markdown and PDF formats
Library to ingest and generate SBOMs
Find & pull public SBOMs
Create CycloneDX Software Bill of Materials (SBOM) from Node.js Yarn projects.
GitHub Action that installs and sets up the Microsoft SBOM Tool.
A tool for displaying historical metrics about a project's dependencies. Run the Freshli CLI on your project to see how its dependency freshness changes over time.
Manage collection of SBOMs (Software Bill of Materials)
Create CycloneDX Software Bill of Materials (SBOM) for Buildroot projects
SBOM-in-a-Box is a unified platform to promote the production, consumption, and utilization of Software Bills of Materials.
SBOM generator for files within a directory
Create a dependency graph of the components within a SBOM
Looks up package vulnerability info in OSV DB from SBOMs
PainKiller Security Tools
This repo hosts a github action to run parlay( which is used to Enrich SBOMs with data from third party services ) in piplines
Update Python modules in a project's VENV dir, update requirements.txt and also update the Software Bill of material (SBOM)