grype
Vulnerability scanner
A tool for detecting vulnerabilities in container images and filesystems
A vulnerability scanner for container images and filesystems
9k stars
78 watching
573 forks
Language: Go
last commit: 6 days ago
Linked from 3 awesome lists
container-imagecontainerscyclonedxdockergogolanghacktoberfestociopenvexsecuritystatic-analysistoolvexvulnerabilitiesvulnerability
rootsongjc/awesome-cloud-native
jakobthedev/awesome-devsecops
funkmyster/awesome-cloud-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
 future-architect/vuls | A tool to automatically scan and report on vulnerabilities in software systems. | 10,994 |
 aquasecurity/trivy | Automatically scans software projects for vulnerabilities and misconfigurations to ensure security and compliance. | 23,679 |
 dustyfresh/php-vulnerability-audit-cheatsheet | A collection of grep commands to help find potentially vulnerable PHP code | 346 |
 deepfence/secretscanner | A tool that scans container images and file systems for sensitive data such as passwords and keys. | 3,134 |
 projectdiscovery/nuclei | A vulnerability scanner built on YAML templates to identify weaknesses in applications and networks. | 20,687 |
 cve-search/git-vuln-finder | Automates CVE vulnerability detection from Git commit messages | 397 |
 1ndianl33t/gf-patterns | A toolset for identifying potential security vulnerabilities and patterns in web applications | 1,216 |
 edersonbrilhante/vilicus | An open-source tool that orchestrates security scans of container images and centralizes the results into a database for analysis and metrics. | 85 |
 m0nad/hellraiser | Scans networks to identify vulnerabilities by correlating CPEs with CVEs using an API | 562 |
| aquasecurity/trivy-action | Automates vulnerability scanning of Docker images using Trivy | 831 |
 kost/dockscan | Automated vulnerability scanner for Docker installations | 218 |
 belane/linux-soft-exploit-suggester | A script to identify vulnerabilities in software packages on Linux systems | 222 |
 sonatype-nexus-community/auditjs | Tools to scan npm packages for known vulnerabilities and outdated dependencies. | 223 |
| aquasecurity/kube-hunter | Detects security weaknesses in Kubernetes clusters to increase awareness and visibility of potential vulnerabilities. | 4,763 |
 emo-crab/scap-rs | A collection of Rust libraries for working with vulnerability data from various sources. | 16 |