UniSBOM is a tool to build a software bill of materials on any platform with a unified data format.

Related tags

Command-line unisbom
Overview

UniSBOM is a tool to build a software bill of materials on any platform with a unified data format.

Work in progress

Support

MacOS

Uses system_profiler to build a list of installed applications and kernel extensions.

Example JSON 
[{
		"kind": "OS",
		"name": "macOS",
		"id": "macOS",
		"version": "12.5.1 (21G83)",
		"path": "/",
		"modified": "1970-01-01T00:00:00Z",
		"publishers": [
			"Apple Code Signing Certification Authority",
			"Apple Root CA"
		]
  	},
	{
		"kind": "Application",
		"name": "UnmountAssistantAgent",
		"id": "UnmountAssistantAgent",
		"version": "5.0",
		"path": "/System/Library/CoreServices/UnmountAssistantAgent.app",
		"modified": "2022-08-11T06:44:38Z",
		"publishers": [
			"Software Signing",
			"Apple Code Signing Certification Authority",
			"Apple Root CA"
		]
	},
	{
		"kind": "Application",
		"name": "Google Drive",
		"id": "Google Drive",
		"version": "62.0",
		"path": "/Applications/Google Drive.app",
		"modified": "2022-08-25T12:50:40Z",
		"publishers": [
			"Developer ID Application: Google LLC (EQHXZ8M8AV)",
			"Developer ID Certification Authority",
			"Apple Root CA"
		]
	},
	{
		"kind": "Driver",
		"name": "VBoxDrv",
		"id": "org.virtualbox.kext.VBoxDrv",
		"version": "6.1.36",
		"path": "/Library/Application Support/VirtualBox/VBoxDrv.kext",
		"modified": "2022-07-19T22:00:36Z",
		"publishers": [
			"Developer ID Application: Oracle America, Inc. (VB5E2TV963), Developer ID Certification Authority, Apple Root CA"
		]
	},
	{
		"kind": "Driver",
		"name": "IOSCSIBlockCommandsDevice",
		"id": "com.apple.iokit.IOSCSIBlockCommandsDevice",
		"version": "456.140.3",
		"path": "/System/Library/Extensions/IOSCSIArchitectureModelFamily.kext/Contents/PlugIns/IOSCSIBlockCommandsDevice.kext",
		"modified": "2022-08-11T06:44:38Z",
		"publishers": [
			"Software Signing, Apple Code Signing Certification Authority, Apple Root CA"
		]
	}
]

Windows

Uses registry keys to build a list of installed applications and driverquery for the drivers.

Example JSON 
[{
		"kind": "OS",
		"name": "Microsoft Windows",
		"id": "Microsoft Windows",
		"version": "10.0.19042.1889",
		"path": "/",
		"modified": "1970-01-01T00:00:00Z",
		"publishers": [
			"Microsoft"
		]
  	},
	{
		"kind": "Application",
		"name": "Google Chrome",
		"id": "Google Chrome",
		"version": "105.0.5195.54",
		"path": "C:\\Program Files\\Google\\Chrome\\Application",
		"modified": "2022-09-02T13:45:10Z",
		"publishers": [
			"Google LLC"
		]
	},
	{
		"kind": "Application",
		"name": "Microsoft Azure Storage Emulator - v5.10",
		"id": "Microsoft Azure Storage Emulator - v5.10",
		"version": "5.10.19227.2113",
		"path": "C:\\ProgramData\\Microsoft\\VisualStudio\\Packages\\Microsoft.Azure.Storage.Emulator.Msi,version=5.10.19227.2113\\",
		"modified": "2021-02-15T08:37:36Z",
		"publishers": [
			"Microsoft Corporation"
		]
	},
	{
		"kind": "Driver",
		"name": "Intel(R) Serial IO I2C Driver v2",
		"id": "iaLPSS2i_I2C_CNL",
		"version": "30.100.1929.1",
		"path": "C:\\Windows\\system32\\drivers\\iaLPSS2i_I2C_CNL.sys",
		"modified": "2019-07-14T22:12:12Z",
		"publishers": []
	},
	{
		"kind": "Driver",
		"name": "Intel(R) Serial IO I2C Driver v2",
		"id": "iaLPSS2i_I2C_GLK",
		"version": "30.100.1820.1",
		"path": "C:\\Windows\\system32\\drivers\\iaLPSS2i_I2C_GLK.sys",
		"modified": "2018-05-15T22:46:02Z",
		"publishers": []
	}
]

GNU/Linux

TODO

Building

cargo build --release

Running

Print the SBOM as a textual summary:

./target/release/unisbom

Output all details as JSON:

./target/release/unisbom --format json

Other options

Run unisbom --help for the complete list of options.

License

This project is made with by @evilsocket and it is released under the GPL3 license.

You might also like...
A command line tool written in Rust and designed to be a modern build tool + package manager for C/C++ projects.

CCake CCake is a command line tool written in Rust and designed to be a modern build tool + package manager for C/C++ projects. Goals To be easily und

Boston Vanseghi 4 Oct 24, 2022
Build light & secure cross-platform applications with a web-based UI
Build light & secure cross-platform applications with a web-based UI

Millennium Icon by XFaon. *Stats are from Tauri and may not be fully accurate. Millennium is a cross-platform webview framework written in Rust. With

pyke 20 Dec 29, 2022
Databento Binary Encoding (DBZ) - Fast message encoding and storage format for market data

dbz A library (dbz-lib) and CLI tool (dbz-cli) for working with Databento Binary Encoding (DBZ) files. Python bindings for dbz-lib are provided in the

Databento, Inc. 15 Nov 4, 2022
An apocalypse-resistant data storage format for the truly paranoid.

Carbonado An apocalypse-resistant data storage format for the truly paranoid. Designed to keep encrypted, durable, compressed, provably replicated con

diba-io 30 Dec 29, 2022
PyO3's PyAny as a serde data format

serde-pyobject PyO3's PyAny as a serde data format Usage Serialize T: Serialize into &'py PyAny: use serde::Serialize; use pyo3::{Python, types::{PyAn

Jij 3 Nov 24, 2023
a simple, non-self-describing data-interchange format.

rust-fr 'rust-fr' (aka rust for real) is a simple, non-self-describing data-interchange format. installation You can use either of these methods. Add

Ayush 4 Feb 28, 2024
CLI tool that make it easier to perform multiple lighthouse runs towards a single target and output the result in a plotable format.

Lighthouse Aggregator CLI tool that make it easier to perform multiple lighthouse runs towards a single target and output the result in a "plotable" f

Polestar 1 Jan 12, 2022
A tool to filter sites in a FASTA-format whole-genome pseudo-alignment

Core-SNP-filter This is a tool to filter sites (i.e. columns) in a FASTA-format whole-genome pseudo-alignment based on: Whether the site contains vari

Ryan Wick 15 Apr 2, 2023
a command-line tool that transforms a Git repository into a minimal format for ChatGPT queries
a command-line tool that transforms a Git repository into a minimal format for ChatGPT queries

gprepo /dʒiːpiːˈɹi:pi:oʊ/ a command-line tool that transforms a Git repository into a minimal format for ChatGPT queries. Features Excludes LICENSE an

null 6 Apr 20, 2023
Owner
Simone Margaritelli
Simone Margaritelli
GitHub
Standard Graphics is a command-line tool for printing 2D graphics from any language to any screen.

2D graphics in any programming language with just print statements!

Caleb Winston 123 Nov 20, 2022
A comprehensive collection of resources and learning materials for Rust programming, empowering developers to explore and master the modern, safe, and blazingly fast language.

?? Awesome Rust Lang ⛰️ Project Description : Welcome to the Awesome Rust Lang repository! This is a comprehensive collection of resources for Rust, a

Shubham Raj 16 May 29, 2023
Given a set of kmers (fasta format) and a set of sequences (fasta format), this tool will extract the sequences containing the kmers.

Kmer2sequences Description Given a set of kmers (fasta / fastq [.gz] format) and a set of sequences (fasta / fastq [.gz] format), this tool will extra

Pierre Peterlongo 22 Sep 16, 2023
Work-in-progress software for managing the Azeron keypad on any operating system.

azeron-cli A small, unfinished CLI application intended to manage the Azeron Cyborg. The code is still in a very messy state and doesn't look very rus

cozyGalvinism 5 Nov 24, 2022
Kusa is a simple CLI tool that works on any platform and displays GitHub contribution graphs.

Kusa is a simple CLI tool that works on any platform and displays GitHub contribution graphs. Installation Homebrew (only macOS) $ brew tap Ryu0118/Ku

Ryu 103 Jun 18, 2023
Design token framework — adopt a unified design language across platforms, codebases, and teams

Palette Design tokens framework with atomic classes for React and Master CSS. Deliver a consistent visual identity across your apps with design tokens

Foretag 4 Aug 23, 2022
plonky2 recursion framework handling different circuits in unified way.

generic_recursion Version: 0.1.0 generic_recursion is a crate that allows to easily aggregate an unlimited amount of plonky2 proofs, generated with a

null 6 Mar 4, 2024
Get URL(s) title in any format 🐿️

Tyupy Get URL(s) title in any format. Features Get URL(s) title in any format*. Markdown Org-mode Fancy error message and colorful output. Cross-platf

Azzam S.A 7 Nov 27, 2023
Tight Model format is a lossy 3D model format focused on reducing file size as much as posible without decreasing visual quality of the viewed model or read speeds.

What is Tight Model Format The main goal of the tmf project is to provide a way to save 3D game assets compressed in such a way, that there are no not

null 59 Mar 6, 2023
That program use on platform windows. And if you write any text on uncorrect keyboard layout, that program for that.

?? This program is designed to translate text into the correct layout when typing is incorrect. ?? Example ghbdtn -> привет Just (by default) pressing

Gest Se 5 Jan 26, 2023