Using OWASP dependency check on MacOS

This article documents the steps to use OWASP dependency check tool.

(1) Install the tool via homebrew

brew update && brew install dependency-check

(2) Obtain an NVD (National Vulnerability Database) API Key

https://nvd.nist.gov/developers/request-an-api-key

(3) Go to the directory you wish to scan (Usually the directory that contains your project files)

(4) Run the tool

dependency-check --out . --scan . --nvdApiKey XXXX

(5) Once completed, the report will be available, in html format (dependency-check-report.html).

(6) The supported analyzers include jars, apks, nugets, Gemfile, package.lock, etc. View full list here.

 


AI Summary
gpt-4o-2024-05-13 2024-08-23 19:45:31
This blog post provides a step-by-step guide on using the OWASP Dependency Check tool on macOS, including installation with Homebrew, obtaining an NVD API key, running the tool in your project directory, and accessing the generated HTML report. It also lists supported file analyzers.
Chrome On-device AI 2024-09-19 19:09:49

Share Article