Skip to content

@ossf Open Source Security Foundation (OpenSSF)

Change the repository type filter

All

    Repositories list

    67 repositories

    • fuzz-introspector

      Public
      Fuzz Introspector -- introspect, extend and optimise fuzzers
      testingsecurityfuzz-testingvulnerability-analysissecurity-researchfuzzing
      Python
      Apache License 2.0
      59391974Updated Jan 17, 2025Jan 17, 2025

    • scorecard

      Public
      OpenSSF Scorecard - Security health metrics for Open Source
      scorecardopenssf-scorecard
      Go
      Apache License 2.0
      5104.7k3423Updated Jan 17, 2025Jan 17, 2025

    • glossary

      Public
      JavaScript
      Apache License 2.0
      1102Updated Jan 17, 2025Jan 17, 2025

    • malicious-packages

      Public
      A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.
      Go
      Apache License 2.0
      25280124Updated Jan 17, 2025Jan 17, 2025

    • allstar

      Public
      GitHub App to set and enforce security policies
      Go
      Apache License 2.0
      1241.3k689Updated Jan 17, 2025Jan 17, 2025

    • scorecard-visualizer

      Public
      Tool for visualizing the Open SSF Scorecard Api data in a human friendly way
      openssfopenssf-scorecard
      TypeScript
      Apache License 2.0
      313121Updated Jan 17, 2025Jan 17, 2025

    • criticality_score

      Public
      Gives criticality score for an open source project
      Go
      Apache License 2.0
      1201.4k4132Updated Jan 17, 2025Jan 17, 2025

    • ossf-landscape

      Public
      Apache License 2.0
      262712Updated Jan 17, 2025Jan 17, 2025

    • security-baseline

      Public
      Go
      Apache License 2.0
      1212278Updated Jan 17, 2025Jan 17, 2025

    • oss-vulnerability-guide

      Public
      A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disclosure notifications.
      Creative Commons Attribution 4.0 International
      4711940Updated Jan 16, 2025Jan 16, 2025

    • security-insights-spec

      Public
      OPENSSF SECURITY INSIGHTS: Repository for development of the draft standard, where requests for modification should be made via Github Issues.
      CUE
      Other
      105632Updated Jan 16, 2025Jan 16, 2025

    • tac

      Public
      Technical Advisory Council
      Other
      601132410Updated Jan 16, 2025Jan 16, 2025

    • wg-best-practices-os-developers

      Public
      The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.
      JavaScript
      Apache License 2.0
      1398015713Updated Jan 15, 2025Jan 15, 2025

    • alpha-omega

      Public
      Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.
      securityopensourceopen-source-security
      Open Policy Agent
      Apache License 2.0
      5187522Updated Jan 15, 2025Jan 15, 2025

    • wg-dei

      Public
      The Diversity, Equity, and Inclusion Working Group mission is to increase representation and strengthen the overall effectiveness of the cybersecurity workforce.
      Apache License 2.0
      1651Updated Jan 14, 2025Jan 14, 2025

    • wg-globalcyberpolicy

      Public
      Global Cyber Policy Working Group
      Apache License 2.0
      3530Updated Jan 14, 2025Jan 14, 2025

    • package-analysis

      Public
      Open Source Package Analysis
      Go
      Apache License 2.0
      54806606Updated Jan 14, 2025Jan 14, 2025

    • scorecard-action

      Public
      Official GitHub Action for OpenSSF Scorecard.
      githubsecuritysupply-chaingithub-actionsopenssf-scorecard
      Go
      Apache License 2.0
      70276274Updated Jan 13, 2025Jan 13, 2025

    • scorecard-webapp

      Public
      Website and API for OpenSSF Scorecard
      openssf-scorecard
      HTML
      Apache License 2.0
      27233111Updated Jan 13, 2025Jan 13, 2025

    • osv-schema

      Public
      Open Source Vulnerability schema.
      Python
      Apache License 2.0
      881902812Updated Jan 8, 2025Jan 8, 2025

    • foundation

      Public
      OpenSSF Governance and Legal Docs
      Apache License 2.0
      197002Updated Jan 6, 2025Jan 6, 2025

    • si-tooling

      Public
      Python
      Apache License 2.0
      1301Updated Jan 4, 2025Jan 4, 2025

    • sbom-everywhere

      Public
      Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
      Vue
      Apache License 2.0
      2676252Updated Dec 15, 2024Dec 15, 2024

    • secure-sw-dev-fundamentals

      Public
      Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)
      CSS
      Creative Commons Attribution 4.0 International
      48187341Updated Dec 10, 2024Dec 10, 2024

    • census

      Public
      📜Automated review of open source software projects
      censusstatisticsossanalysismetrics
      HTML
      Other
      30116251Updated Dec 6, 2024Dec 6, 2024

    • Memory-Safety

      Public
      Apache License 2.0
      122160Updated Dec 4, 2024Dec 4, 2024

    • package-feeds

      Public
      Feed parsing for language package manager updates
      Go
      Apache License 2.0
      24762112Updated Dec 4, 2024Dec 4, 2024

    • wg-vulnerability-disclosures

      Public
      The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by helping mature and advocate well-managed vulnerability reporting and communication.
      Apache License 2.0
      41183260Updated Nov 25, 2024Nov 25, 2024

    • artwork

      Public
      OpenSSF Artwork
      Apache License 2.0
      8801Updated Nov 5, 2024Nov 5, 2024

    • wg-securing-software-repos

      Public
      OpenSSF Working Group on Securing Software Repositories
      Other
      199464Updated Oct 28, 2024Oct 28, 2024