grype
Vulnerability scanner
A tool for detecting vulnerabilities in container images and filesystems
A vulnerability scanner for container images and filesystems
9k stars
77 watching
580 forks
Language: Go
last commit: 2 months ago
Linked from 3 awesome lists
container-imagecontainerscyclonedxdockergogolanghacktoberfestociopenvexsecuritystatic-analysistoolvexvulnerabilitiesvulnerability
rootsongjc/awesome-cloud-native
jakobthedev/awesome-devsecops
funkmyster/awesome-cloud-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
 future-architect/vuls | A tool to automatically scan and report on vulnerabilities in software systems. | 11,021 |
 aquasecurity/trivy | A comprehensive security scanner that identifies vulnerabilities and misconfigurations in various targets such as containers, code repositories, and infrastructure | 24,010 |
 dustyfresh/php-vulnerability-audit-cheatsheet | A collection of grep commands to help find potentially vulnerable PHP code | 348 |
 deepfence/secretscanner | A tool that scans container images and file systems for sensitive data such as passwords and keys. | 3,146 |
 projectdiscovery/nuclei | A fast and customizable vulnerability scanner built on a YAML-based DSL. | 21,054 |
 cve-search/git-vuln-finder | Automates CVE vulnerability detection from Git commit messages | 402 |
 1ndianl33t/gf-patterns | A toolset for identifying potential security vulnerabilities and patterns in web applications | 1,232 |
 edersonbrilhante/vilicus | An open-source tool that orchestrates security scans of container images and centralizes the results into a database for analysis and metrics. | 85 |
 m0nad/hellraiser | Scans networks to identify vulnerabilities by correlating CPEs with CVEs using an API | 562 |
| aquasecurity/trivy-action | Automates vulnerability scanning of Docker images using Trivy | 848 |
 kost/dockscan | Automated vulnerability scanner for Docker installations | 220 |
 belane/linux-soft-exploit-suggester | A script to identify vulnerabilities in software packages on Linux systems | 222 |
 sonatype-nexus-community/auditjs | Tools to scan npm packages for known vulnerabilities and outdated dependencies. | 223 |
| aquasecurity/kube-hunter | Detects security weaknesses in Kubernetes clusters to increase awareness and visibility of potential vulnerabilities. | 4,774 |
 emo-crab/scap-rs | A collection of Rust libraries for working with vulnerability data from various sources. | 17 |