scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

SBOM quality score - Quality metrics for your sboms

creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects

A suite of utilities to help with software supply chain challenges on nix targets

Enrich SBOMs with data from third party services

Utility that provides an API platform for validating, querying and managing BOM data

Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.

Check SPDX SBOM for NTIA minimum elements

Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects

SBOM Assembler - A tool to compose your various sboms into a single sbom.

A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements, and has the SBOM to show it!

Create CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.

This tool compares two Software Bill of Materials (SBOMs) and reports the differences.

SBOM Grep - search through SBOMs

Transform SBOM contents into a formatted document including markdown and PDF formats

Create CycloneDX Software Bill of Materials (SBOM) from Node.js Yarn projects.

Find & pull public SBOMs

Library to ingest and generate SBOMs