|13 days ago||5 days ago|
|MIT License||Apache License 2.0|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
GitHub - pwnesia/dnstake: DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
1 project | reddit.com/r/bag_o_news | 1 Sep 2021
DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
1 project | reddit.com/r/netsec | 28 Aug 20211 project | reddit.com/r/golang | 28 Aug 2021
Show HN: Releasing Vulnerabilities of Open Source Software
2 projects | news.ycombinator.com | 21 May 2022
Solution to rescan ecr images?
1 project | reddit.com/r/aws | 21 May 2022
GitHub - anchore/grype: A vulnerability scanner for container images and filesystems
1 project | reddit.com/r/devopsish | 16 May 2022
Java eclipse temurin:18.0.1_10-jre-alpine is out ! Now what ?
2 projects | dev.to | 4 May 2022
See below how we are aware of required maintenant on our own images... and how we double check it is well secured with grype :
Bench (and choose) Java-8 docker images with anchore/grype
2 projects | dev.to | 25 Apr 2022
We recently started to put grype and Anchore Container Scan in our (GH based) CI pipeline.
CVE-2022-21449 detector - Finds possibly vulnerable JAR/WAR files
2 projects | reddit.com/r/netsec | 20 Apr 2022
Would grype work for this as well? https://github.com/anchore/grype
Grype 0.35.0 new feature : Indicate location of vulnerability
1 project | dev.to | 13 Apr 2022
Previously when we were running grype on an image, we were could get vulnerabilities
About Java Bytecode, native binaries & security (short Grype benchmark)
3 projects | dev.to | 7 Apr 2022
grype Feature request : Optional External Data Source Reference for Maven Packages
How do you scan your docker images?
1 project | reddit.com/r/devops | 17 Feb 2022
Just use Grype. https://github.com/anchore/grype It is a CLI that can scan docker images and list vulnerabilities.
How to scan vulnerabilities for Docker container images
1 project | dev.to | 17 Jan 2022
A vulnerability scanner for container images and filesystems using Grype
What are some alternatives?
trivy - Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets
syft - CLI tool and library for generating a Software Bill of Materials from container images and filesystems
anchore-engine - A service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification
opencve - CVE Alerting Platform
clair - Vulnerability Static Analysis for Containers
falco - Cloud Native Runtime Security
kubescape - Kubescape is a K8s open-source tool providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer and image vulnerabilities scanning.
documentation - Kata Containers version 1.x documentation (for version 2.x see https://github.com/kata-containers/kata-containers).
kube-bench - Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
KubiScan - A tool to scan Kubernetes cluster for risky permissions
conftest - Write tests against structured configuration data using the Open Policy Agent Rego query language
oci-seccomp-bpf-hook - OCI hook to trace syscalls and generate a seccomp profile