trivy
Security Scanner
A comprehensive security scanner that identifies vulnerabilities and misconfigurations in various targets such as containers, code repositories, and infrastructure
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
24k stars
171 watching
2k forks
Language: Go
last commit: about 1 month ago
Linked from 9 awesome lists
containersdevsecopsdockergogolanghacktoberfestiacinfrastructure-as-codekubernetesmisconfigurationsecuritysecurity-toolsvulnerabilityvulnerability-detectionvulnerability-scanners
veggiemonk/awesome-docker
sbilly/awesome-security
fabacab/awesome-cybersecurity-blueteam
rootsongjc/awesome-cloud-native
jakobthedev/awesome-devsecops
appcypher/awesome-wasm-runtimes
funkmyster/awesome-cloud-security
jatrost/awesome-kubernetes-threat-detectionRelated projects:
| Repository | Description | Stars |
|---|---|---|
| aquasecurity/trivy-action | Automates vulnerability scanning of Docker images using Trivy | 848 |
| aquasecurity/kube-hunter | Detects security weaknesses in Kubernetes clusters to increase awareness and visibility of potential vulnerabilities. | 4,774 |
| aquasecurity/kube-bench | Automated security auditing tool for Kubernetes clusters | 7,129 |
| aquasecurity/tfsec | A tool for identifying potential misconfigurations in Terraform code during the software development process | 6,734 |
 anchore/grype | A tool for detecting vulnerabilities in container images and filesystems | 8,970 |
 edersonbrilhante/vilicus | An open-source tool that orchestrates security scans of container images and centralizes the results into a database for analysis and metrics. | 85 |
 mziyabo/argocd-trivy-extension | Enables visualization of Trivy vulnerability reports in Argo CD UI | 71 |
 linuxserver/docker-swag | An all-in-one web application gateway with Nginx, PHP, and security features | 2,941 |
 gitleaks/gitleaks | Detects sensitive information in version control systems and source code files | 18,165 |
 deepfence/secretscanner | A tool that scans container images and file systems for sensitive data such as passwords and keys. | 3,146 |
 quay/clair | Analyzes vulnerabilities in container images to improve security transparency | 10,409 |
 teamssix/container-escape-check | Detects potential vulnerabilities in Docker containers by checking for common escape methods | 560 |
 cve-search/git-vuln-finder | Automates CVE vulnerability detection from Git commit messages | 402 |
 gauravnarwani97/trishul | Automated vulnerability detection tool for web applications | 235 |
 owasp/nettacker | Automated tool for identifying vulnerabilities and gathering information about network services and systems. | 3,700 |