PyRank
  • Insights
  • PyPI
  • GitHub
  • Search
  • Compare
  • Advisories
  • Ecosystem
  • About

Sbom Python Packages

Python packages with the GitHub topic sbom. Sorted by relevance, with stars and monthly downloads.
CycloneDX
cyclonedx-python-lib

Functionality and DataModels of OWASP CycloneDX for Python

29.8M 113 67
CycloneDX
cyclonedx-bom

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

1.9M 386 94
fsfe
reuse

This is a mirror of https://codeberg.org/fsfe/reuse-tool

474K 580 163
anthonyharrison
lib4sbom

Library to ingest and generate SBOMs

361K 44 21
nexB
commoncode

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet, the Google Summer of Code, Azure credits, nexB and other generous sponsors!

154K 3K 743
anthonyharrison
distro2sbom

Generates SBOM files from system packaging information

149K 40 17
aboutcode-org
scancode-toolkit

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet, the Google Summer of Code, Azure credits, nexB and other generous sponsors!

97K 3K 742
CycloneDX
cyclonedx-py

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

96K 386 94
anthonyharrison
lib4vex

Library to ingest and generate VEX documents

66K 20 4
anthonyharrison
csaf-tool

CSAF generator and validator

61K 9 3
duriantaco
ca9

CA9 is a local evidence engine for Python AppSec triage. It sits after scanners and before engineers waste time, proving which findings matter.

60K 5 0
intel
cve-bin-tool

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

45K 2K 634
BambooGap
skills-orchestrator

Open-source SkillOps / instruction-supply-chain control plane for AI-agent teams: policy packs, registry diff, evidence bundles, SARIF/SBOM, adapters, and MCP runtime.

39K 4 1
trusera
ai-bom

AI Bill of Materials — discover every AI agent, model, and API in your infrastructure

27K 276 75
spdx
ntia-conformance-checker

Validate SPDX 2 and 3 SBOM against NTIA, CISA, and other minimum element requirements.

22K 89 24
anthonyharrison
sbom2doc

Transform SBOM contents into a formatted document including markdown and PDF formats

20K 42 9
nightlark
anchore-syft

Python wheels for installing Anchore's Syft tool for generating a Software Bill of Materials

17K 1 1
Rul1an
assay-it

Policy-as-code for MCP agents: deny risky tool calls before they run, prove what ran with verifiable evidence, and enforce egress in the kernel (eBPF/LSM, Linux). Deterministic, offline-first, bounded claims.

17K 9 1
anthonyharrison
sbomdiff

This tool compares two Software Bill of Materials (SBOMs) and reports the differences.

15K 45 8
owasp-dep-scan
blint

blint is a Binary Linter that checks the security properties and capabilities of your executables. It can also generate a Software Bill-of-Materials (SBOM) for supported binaries.

15K 448 47
owasp-dep-scan
owasp-depscan

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

14K 1K 131
msaad00
agent-bom

AI supply-chain & cloud security scanner and self-hosted control plane — agents, MCP, packages, cloud estate, non-human identities, and LLM cost. SBOM/SARIF, graph attack-paths, runtime enforcement, and compliance evidence.

13K 25 7
anthonyharrison
sbom4python

A tool to generate a SBOM (Software Bill of Materials) for an installed Python module

12K 39 11
anthonyharrison
sbom2dot

Create a dependency graph of the components within a SBOM

11K 21 0
    • Data from PyPI, GitHub, ClickHouse, and BigQuery