PyRank
  • Insights
  • PyPI
  • GitHub
  • Search
  • Compare
  • Advisories
  • Ecosystem
  • About

Sca Python Packages

Python packages with the GitHub topic sca. Sorted by relevance, with stars and monthly downloads.
nexB
commoncode

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet, the Google Summer of Code, Azure credits, nexB and other generous sponsors!

154K 3K 743
cycodehq
cycode

Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning

130K 98 64
aboutcode-org
scancode-toolkit

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet, the Google Summer of Code, Azure credits, nexB and other generous sponsors!

97K 3K 742
duriantaco
ca9

CA9 is a local evidence engine for Python AppSec triage. It sits after scanners and before engineers waste time, proving which findings matter.

60K 5 0
appthreat
appthreat-vulnerability-db

Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and vers.

26K 145 23
owasp-dep-scan
owasp-depscan

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

14K 1K 131
owasp-dep-scan
ds-analysis-lib

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

10K 1K 131
aboutcode-org
aboutcode-pipeline

ScanCode.io is a server to script and automate software composition analysis with pipelines. This project is sponsored by the European Commission, NLnet NGI0, the Google Summer of Code, nexB and others generous sponsors!

10K 205 192
owasp-dep-scan
ds-xbom-lib

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

10K 1K 131
owasp-dep-scan
ds-reporting-lib

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

10K 1K 131
appthreat
appthreat-depscan

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

5K 1K 131
aboutcode-org
aboutcode-api-auth

Automate open source license compliance and ensure software supply chain integrity

3K 48 23
aboutcode-org
scancode-toolkit-mini

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet, the Google Summer of Code, Azure credits, nexB and other generous sponsors!

3K 3K 742
prancer-io
prancer-basic

prancer platform is an IaC Security engine + Continuous Compliance for your cloud (Azure, AWS, GCP) and Kubernetes environment

2K 122 30
aboutcode-org
scancodeio

ScanCode.io is a server to script and automate software composition analysis with pipelines. This project is sponsored by the European Commission, NLnet NGI0, the Google Summer of Code, nexB and others generous sponsors!

2K 205 192
appthreat
appthreat-vulndb

Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and vers.

2K 145 23
trustsource
ts-scan

TrustSource Packages Scanner

2K 8 4
rohaquinlop
immunipy

A Python SCA tool that acts as a watchdog, keeping an eye out for security vulnerabilities and reporting them promptly.

1K 10 2
FiniteStateInc
finite-state-sdk

Python SDK for the Finite State Platform API

1K 4 1
nexB
licensedcode-index

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet, the Google Summer of Code, Azure credits, nexB and other generous sponsors!

932 3K 743
nexB
licensedcode-data

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet, the Google Summer of Code, Azure credits, nexB and other generous sponsors!

859 3K 743
awslabs
vehlo-ash

Automated Security Helper for GitHub Actions

836 659 84
noumenon-ai
cve-guard

Scan projects for CVEs in AI-generated dependencies. Zero API calls. Works offline.

777 2 1
J08nY
pyecsca

Python Elliptic Curve Side-Channel Analysis toolkit.

775 64 17
    • Data from PyPI, GitHub, ClickHouse, and BigQuery