oxdef.info is the personal homepage of Taras Ivashchenko. Its main content lists his security-related projects and talks. From a developer tooling perspective, the core projects focus on software supply chain security and Web security, including a CycloneDX SBOM generator for Go projects, an OWASP Dependency Track API client, and tools for CSP testing and log parsing.
CycloneDX for Go can create CycloneDX Software Bill-of-Materials files from Go projects that use modules, and can be used together with OWASP Dependency Track to monitor security issues in third-party Go modules. It is suitable for teams that want to bring dependency inventory and vulnerability management into their engineering workflow. dtrack-audit is described as an OWASP Dependency Track API client, positioned for integration into a CI/CD pipeline. CSP Tester helps site owners verify whether a Web application still works correctly after enabling Content Security Policy 2.0, while CSP Reporter is used to parse CSP logs.
The page explicitly mentions Go modules projects and also covers Web application CSP scenarios, but it does not specify supported operating systems, installation methods, command-line options, or a particular browser extension platform. The content does not provide licenses, source repository links, version status, or maintenance cadence, so it is not possible to determine whether the projects are open source or closed source. Based on the captured content, the documentation appears limited: each project has only a one-line description, with no quick start, examples, or API reference.
The page does not mention pricing, commercial services, payment methods, or support channels, and only provides an email contact. If these tools are in fact distributed as open-source projects, they may have a low cost of use, but this cannot be confirmed from the current text. As a result, value for money can only be rated as moderate based on potential usefulness, while the support score is relatively low.
The strengths are practical topic selection and close alignment with DevSecOps: SBOM, Dependency Track, CI/CD, and CSP are all common requirements in modern security engineering. The projects also show clear connections to ecosystems such as OWASP and CycloneDX. The downside is that the site provides too little information, so users will need to further search for source code, documentation, and usage instructions. It is suitable for Go backend teams, security engineers, DevSecOps leads, and Web maintainers who need to test CSP policies.
The captured text does not provide any information about access from mainland China, mirrors, or network availability, so this remains unknown; payment information is also absent. Alternative tools include Syft, Trivy, CycloneDX CLI, OWASP Dependency-Track, Snyk, and GitHub Dependabot.
β This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on oxdef.info official site.
oxdef.info is an Ukraine Dev Tools provider. TG4G tracks its product information, an overall rating of 5.0/10, and a China-accessibility score of China direct-connect friendly. Click "Visit Official Site" to reach oxdef.info directly.