Pinned repositories

  1. deployment

    SWAMP-in-a-Box

    Perl 27 6

  2. swamp-eclipse-plugin

    This plug-in allows Java and C/C++ Eclipse users to perform static code assessments in the SWAMP and to view the results within the Eclipse Integrated Development Environment. The plug-in can also …

    Java

  3. swamp-jenkins-plugin

    This plug-in allows projects using Jenkins to perform static code assessments in the SWAMP as part of a build. Trend data and results are viewable directly in Jenkins. The plug-in can be found in t…

    Java 1 3

  4. swamp-scms-plugin

    This script is a Git and Subversion hook. Any commit or push of a new version will upload that version of code in the SWAMP. Results are viewable from the SWAMP website.

    Perl

  5. java-cli

    The Java CLI is a Java library and a command line interface that provides many common operations to a SWAMP instance: get a list of projects, packages (versions), assessments, tools, & platforms. U…

    Java 1 2

  6. resultparser

    The SWAMP Result Parser is a program that converts results for all the tools supported in the SWAMP from their native tool output to the SWAMP Common Assessment Result Format (SCARF).

    Perl 1

  • Tool to convert SCARF files to SARIF files

    Perl Updated Oct 17, 2018
  • Library to write SARIF files from Perl

    Perl Updated Oct 17, 2018
  • The script-assess framework enables assessments of Python, PHP, JavaScript, HTML, CSS, and XML software packages in the SWAMP. It helps to analyze the following packages types or build systems: npm (Javascript), composer (PHP), pear (PHP), wheels (Python), setuptools (Python), and packages that do not use any build system in the SWAMP.

    Python Updated Oct 17, 2018
  • The Java-assess framework enables assessments of Java software packages in the SWAMP. It has build monitoring capabilities to monitor builds that use the following build systems: Apache Ant, Apache Maven, and Apache Gradle. It also enables the analysis of Java bytecode packages and Java packages that do not use any build system in the SWAMP.

    Python Updated Oct 16, 2018
  • The Ruby-assess framework enables assessments of Ruby software packages in the SWAMP. It helps to analyze ruby source packages that use the following build systems: bundler+rake, bundler+other, rake, and other. It can also analyze Ruby gems.

    Python Updated Oct 16, 2018
  • database and database upgrade paths

    PLSQL Updated Oct 3, 2018
  • SWAMP web server

    PHP 1 Updated Oct 3, 2018
  • web front end code

    JavaScript Updated Oct 3, 2018
  • Java and Perl code for assessments

    Perl 1 Updated Oct 3, 2018
  • SWAMP-in-a-Box

    Perl 27 6 Updated Oct 3, 2018
  • The C-assess framework enables assessments of C/C++ software packages in the SWAMP. It has build monitoring capabilities to monitor builds that use Make, Cmake, or any other build systems, and it runs the software assurance tools with the exact files and options used during the build step.

    Perl Updated Oct 2, 2018
  • The Java CLI is a Java library and a command line interface that provides many common operations to a SWAMP instance: get a list of projects, packages (versions), assessments, tools, & platforms. Users can also create/upload packages (versions), configure/start an assessment, check the status of an assessment, & download SCARF results.

    Java 1 2 Apache-2.0 Updated Sep 28, 2018
  • This plug-in allows Java and C/C++ Eclipse users to perform static code assessments in the SWAMP and to view the results within the Eclipse Integrated Development Environment. The plug-in can also be found in the Eclipse Marketplace as SWAMP Eclipse Plug-in.

    Java Updated Sep 27, 2018
  • Script to compare SCARF files and display differences.

    Perl Updated Aug 31, 2018
  • The SWAMP Result Parser is a program that converts results for all the tools supported in the SWAMP from their native tool output to the SWAMP Common Assessment Result Format (SCARF).

    Perl 1 Updated Aug 21, 2018
  • SWAMP Java API

    Java 1 2 Apache-2.0 Updated Jul 13, 2018
  • This script is a Git and Subversion hook. Any commit or push of a new version will upload that version of code in the SWAMP. Results are viewable from the SWAMP website.

    Perl Apache-2.0 Updated Mar 29, 2018
  • This plug-in allows projects using Jenkins to perform static code assessments in the SWAMP as part of a build. Trend data and results are viewable directly in Jenkins. The plug-in can be found in the Jenkins Plugins Index or on GitHub.

    Java 1 3 Apache-2.0 Updated Mar 29, 2018
  • SWAMP runs software assurance tools & converts the results of each tool into a common format called SCARF (SWAMP Common Assessment Result Format). The scarf-io repository contains a set of libraries that allows a client to read & write SCARF data from programs written in Perl, Python, C, C++, & Java (read-only). SCARF is an XML-based file format.

    HTML 1 2 Updated Mar 7, 2018
  • Scripts and utilities maintained by and for the security team.

    Shell Updated Jan 18, 2018
  • Script to assist developers with creating an archive of their source code that is useful with the SWAMP from an active development directory.

    Perl Updated Oct 20, 2017
  • The SWAMP runs software assurance tools and converts the results of each tool into a common format called SCARF (SWAMP Common Assessment Result Format). The scarf-db program uploads SCARF results into a NoSQL database (MongoDB) or SQL databases (PostgreSQL, MySQL, MariaDB, or SQLite3).

    Perl 1 Updated May 15, 2017
  • Summary data of assessments run on SWAMP curated packages

    HTML 1 Updated Jan 31, 2017
  • Using the SWAMP API with curl

    2 Apache-2.0 Updated Sep 30, 2016
  • Top languages

    Loading…

    Most used topics

    Loading…