An open source tool focused on software supply chain security.
How it works:
1. MurphySec CLI obtains the dependency information of your project mainly by building the project or parsing the package manifest files.
2. The dependency information of the project will be uploaded to the server, and the dependencies with security issues in the project will be identified through the vulnerability knowledge base maintained by MurphySec.