#

sbom-tool

Here are 94 public repositories matching this topic...

RetireJS / retire.js

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

javascript chrome-extension security scanner grunt-plugins firefox-extension build-tool vulnerabilities software-composition-analysis vulnerable-libraries insecure-libraries sbom sbom-generator sbom-tool

Updated Apr 17, 2026
JavaScript

ossf / cve-bin-tool

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

python security vulnerability vulnerabilities cve hacktoberfest cvss security-automation security-tools devsecops system-tools sbom swrepo sbom-tool

Updated Apr 17, 2026
Python

ARPSyndicate / puncia

Panthera(P.)uncia - Official CLI utility for Osprey Vision, Subdomain Center & Exploit Observer.

exploit subdomain vulnerability sbom cyclonedx arpsyndicate sbom-tool cyclonedx-sbom

Updated Jun 29, 2025
Python

trailofbits / it-depends

A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.

dependency-analysis dependency-graph hacktoberfest vulnerability-scanner sbom hacktoberfest2021 sbom-generator sbom-tool

Updated Apr 10, 2026
Python

cyclonedx-python

CycloneDX / cyclonedx-python

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

python environment poetry conda owasp python3 pip bom spdx hacktoberfest requirements bill-of-materials software-bill-of-materials purl package-url sbom cyclonedx sbom-generator sbom-tool

Updated Apr 18, 2026
Python

interlynk-io / sbomqs

sbomqs: The Comprehensive SBOM Quality & Compliance Tool

go golang spdx security-tools sbom cyclonedx devsecops-pipeline supply-chain-security sbom-examples sbom-tool sbom-quality sbom-score sbom-samples

Updated Apr 6, 2026
Go

tiiuae / sbomnix

A suite of utilities to help with software supply chain challenges on nix targets

python security nix static-analysis dependencies cpe software-supply-chain vulnerability-scanners bill-of-materials software-bill-of-materials purl sbom cyclonedx sbom-generator software-supply-chain-security spdx-sbom sbom-tool

Updated Apr 17, 2026
Python

snyk / parlay

Enrich SBOMs with data from third party services

snyk sbom cyclonedx sbom-tool

Updated Apr 9, 2026
Go

sbom-tools

sbom-tool / sbom-tools

Semantic SBOM/CBOM diff, quality scoring, and TUI analysis tool for CycloneDX/SPDX — covering component changes, dependency shifts, license conflicts, vulnerabilities, cryptographic inventory grading, and PQC compliance (CNSA 2.0, NIST IR 8547).

vex spdx appsec post-quantum-cryptography vulnerability-management sarif oss-compliance licence-management security-compliance sbom pqc cyclonedx software-supply-chain-security sbom-tool sbom-quality cbom cryptographic-inventory cyber-resilience-act

Updated Apr 18, 2026
Rust

cyclonedx-node-module

CycloneDX / cyclonedx-node-module

creates CycloneDX Software-Bill-of-Materials (SBOM) from Node.js-based projects

nodejs node dependency-graph bom metapackage meta-package software-bill-of-materials sbom cyclonedx sbom-generator sbom-tool

Updated Apr 18, 2026

sbom-utility

CycloneDX / sbom-utility

Utility that provides an API platform for validating, querying and managing BOM data

owasp bom vex vdr spdx spdx-license hacktoberfest bill-of-materials software-bill-of-materials purl package-url sbom cyclonedx obom mbom saasbom spdx-sbom sbom-tool sbom-quality

Updated Jan 2, 2026
Go

cyclonedx-node-npm

CycloneDX / cyclonedx-node-npm

Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.

nodejs npm node dependency-graph owasp bom hacktoberfest bill-of-materials software-bill-of-materials sbom cyclonedx sbom-generator sbom-tool

Updated Apr 18, 2026
JavaScript

trailofbits / deptective

Deptective automatically determines the native dependencies required to run any arbitrary program or command.

dependency-analysis sbom sbom-tool

Updated Apr 8, 2026
Python

relizaio / rearm

ReARM - Release Governance Platform for the Agentic Era

security supply-chain release vulnerability release-automation release-management software-supply-chain security-tools supply-chain-management release-engineering sbom cyclonedx supply-chain-visibility sbom-distribution software-supply-chain-security sbom-tool hardware-supplychain software-transparency cyclonedx-sbom

Updated Apr 19, 2026
Java

interlynk-io / sbomasm

sbomasm: The Complete SBOM Management Toolkit

go golang security oss spdx devsecops sbom gomodule cyclonedx sbom-generator sbom-tool

Updated Apr 15, 2026
Go

cbomkit / cbomkit

A toolset for dealing with Cryptography Bill of Materials (CBOM)

cryptography post-quantum-cryptography quantum-safe post-quantum sbom sbom-tool crypto-scanner cbom cryptographic-inventory cbom-tool cryptography-bom cbomkit

Updated Apr 7, 2026
Java

spdx / ntia-conformance-checker

Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.

compliance spdx software-bill-of-materials sbom sbom-tool ntia

Updated Apr 6, 2026
Python

cyclonedx-php-composer

CycloneDX / cyclonedx-php-composer

Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects

php composer dependency-graph owasp bom composer-plugin spdx hacktoberfest bill-of-materials software-bill-of-materials purl package-url sbom cyclonedx sbom-generator sbom-tool

Updated Apr 18, 2026
PHP

trailofbits / vendetect

A tool to automatically detect copy+pasted and vendored code between repositories

program-analysis plagiarism-detection sbom sbom-tool

Updated Apr 15, 2026
Python

cbomkit / sonar-cryptography

This repository contains a SonarQube Plugin that detects cryptographic assets in source code and generates CBOM.

cryptography sonarqube sonar post-quantum-cryptography quantum-safe post-quantum sbom sbom-tool crypto-scanner cbom cryptographic-inventory cbom-tool cryptography-bom cbomkit

Updated Apr 18, 2026
Java

Improve this page

Add a description, image, and links to the sbom-tool topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the sbom-tool topic, visit your repo's landing page and select "manage topics."