Skip to content
You must be logged in to sponsor prabhu

Become a sponsor to prabhu

I am building several application security and threat intelligence tools under the umbrella "AppThreat". Some of my work includes

  • dep-scan - Fully open-source security audit based on known vulnerabilities and advisories for project dependencies. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI, and Google CloudBuild. No server is required!
  • cdxgen - a tool to effortlessly produce software bill-of-materials and submit to a suitable server such as dependency-track for open-source scanning (OSS) scanning

Featured work

  1. CycloneDX/cdxgen

    Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submissio…

    JavaScript 588
  2. AppThreat/vulnerability-db

    Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers.

    Python 101
  3. AppThreat/cpggen

    Generate CPG for multiple languages for code and threat analysis

    C# 9
  4. AppThreat/joern-lib

    Python library for code analysis with CPG and Joern

    Jupyter Notebook 13

Select a tier

$ a month

A Public Sponsor achievement will be added to your profile.

$2,000 a month

Select

This tier would provide your organization up to 10 monthly hours for any supply-chain security consultancy and advice.