Audit.NET is a Visual Studio extension that highlights NuGet package dependencies with security vulnerabilities
Serving Open Source Components Since 2002
OWASP Dependency-Check is a utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities.
Dependency-Track is an intelligent Software Composition Analysis (SCA) platform that allows organizations to identify and reduce risk from the use of third-party and open source components.
Sonatype DepShield is a GitHub App used by developers to identify and remediate vulnerabilities in their open source dependencies.
Open-source, cross-platform, multi-purpose security auditing tool
Dependency audit plugin for Gradle
Dependency audit plugin for Maven
Use Maven-Enforcer plugin to ban vulnerable dependencies from inclusion project builds.
A tool to check for vulnerabilities in your Golang dependencies
Audit Python packages for known vulnerabilities