syft
Software inventory tool
Generates detailed visibility into software packages and dependencies to manage vulnerabilities and license compliance.
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
6k stars
59 watching
585 forks
Language: Go
last commit: about 1 month ago
Linked from 5 awesome lists
containerscyclonedxdockergogolanghacktoberfestocisbomspdxstatic-analysistool
veggiemonk/awesome-docker
rootsongjc/awesome-cloud-native
teamssix/awesome-cloud-security
jakobthedev/awesome-devsecops
funkmyster/awesome-cloud-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
| anchore/grype | A tool for detecting vulnerabilities in container images and filesystems | 8,970 |
 future-architect/vuls | A tool to automatically scan and report on vulnerabilities in software systems. | 11,021 |
 edersonbrilhante/vilicus | An open-source tool that orchestrates security scans of container images and centralizes the results into a database for analysis and metrics. | 85 |
 albuch/sbt-dependency-check | Automatically monitors dependencies for known vulnerabilities and generates reports on security issues | 266 |
 hasherezade/pe-sieve | A tool for detecting and analyzing malicious code in executables | 3,157 |
 linuxserver/docker-swag | An all-in-one web application gateway with Nginx, PHP, and security features | 2,941 |
 kubescape/kubescape | A platform that analyzes and secures Kubernetes environments throughout the development and deployment lifecycle | 10,292 |
 zubux/drydock | Tools for assessing Docker daemon configuration and container security | 65 |
 aquasecurity/trivy | A comprehensive security scanner that identifies vulnerabilities and misconfigurations in various targets such as containers, code repositories, and infrastructure | 24,010 |
 deepfence/secretscanner | A tool that scans container images and file systems for sensitive data such as passwords and keys. | 3,146 |
 projectdiscovery/nuclei | A fast and customizable vulnerability scanner built on a YAML-based DSL. | 21,054 |
 diego-treitos/linux-smart-enumeration | A tool for gathering information about the security of a Linux system to help identify vulnerabilities and potentially escalate privileges. | 3,462 |
 dominicbreuker/stego-toolkit | A collection of steganography tools for solving CTF challenges | 2,425 |
 snyk/cli | A command-line tool that scans and monitors software development projects for security vulnerabilities. | 4,979 |
 zardus/ctf-tools | A collection of setup scripts and tools for security research. | 8,580 |