Full-Stack Actionable Application Threat Intelligence.

Empower your agile teams to deliver secure and exceptional software with ease.

Projects that became independent and open-source from AppThreat.

From AppThreat with ♥️

OWASP depscan

OWASP depscan is an open-source security audit based on known vulnerabilities and advisories for project dependencies. Supports both local repos and container images. Integrates with various CI environments such as GitHub Action, Azure Pipelines, CircleCI, Jenkins, and Google CloudBuild.

OWASP CycloneDX Generator

cdxgen is a cli tool, library, REPL, and server to create a valid and compliant CycloneDX Software Bill-of-Materials (SBOM) containing an aggregate of all project dependencies for c/c++, node.js, php, python, ruby, rust, java, .Net, dart, haskell, elixir, and Go projects in JSON format.


BLint is a Binary Linter to check executable binaries' security properties and capabilities.