Top 7 Go Vulnerability Projects

• trivy

  25 16,637 9.8 Go

  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

  

  Project mention: Creating Safer Containerized PHP Runtimes with Wolfi | dev.to | 2023-03-03

  The combination of a smaller attack surface and up-to-date, patched packages in Wolfi results in less (always aiming for ZERO) CVEs. This can be demonstrated in the results obtained from Trivy when scanning the most popular PHP images on Docker Hub (with data from March 2, 2023) and comparing them with the Wolfi-based PHP image maintained by Chainguard:

• grype

  21 5,380 8.6 Go

  A vulnerability scanner for container images and filesystems

  

  Project mention: Show HN: Xeol – An End Of Life (EOL) package scanner for container images | news.ycombinator.com | 2023-02-02

  Hey everyone! I open-sourced a project that finds unsupported/End of Life software in container images, systems, and SBOMs.

  It's based on https://github.com/anchore/grype and uses https://endoflife.date/ as a data source for EOL packages.

• SonarLint

  www.sonarlint.org

  sponsored

  Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.

  

• dalfox

  1 2,402 7.1 Go

  🌙🦊 DalFox is an powerful open source XSS scanning tool and parameter analyzer, utility

  Project mention: xss waf bypass | reddit.com/r/hacking | 2022-07-24

  Dalfox is great: https://github.com/hahwul/dalfox

• dockle

  0 2,286 6.0 Go

  Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

  

• dnstake

  0 741 3.2 Go

  DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover

  

• fortiscan

  0 147 0.0 Go

  A high performance FortiGate SSL-VPN vulnerability scanning and exploitation tool.

• archer

  1 15 10.0 Go

  Distributed network and vulnerability scanner (by taythebot)

  Project mention: Show HN: Archer – open-source distributed network and vulnerability scanner | news.ycombinator.com | 2023-02-16

• InfluxDB

  www.influxdata.com

  sponsored

  Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.

  

Go Vulnerability related posts

• Looking for Recommendations for New Vulnerability & PHI/PII Scanner
  2 projects | reddit.com/r/sysadmin | 14 Feb 2023
• Is this Dockerfile ready for production? Is the container automatically secure?
  3 projects | reddit.com/r/dotnet | 22 Oct 2022
• Jetstack Paranoia: A New Open-Source Tool for Container Image Security
  3 projects | news.ycombinator.com | 18 Oct 2022
• What are the best tools for live container scanning?
  1 project | reddit.com/r/devsecops | 16 Sep 2022
• Grype
  1 project | reddit.com/r/devopspro | 6 Aug 2022
• 📢 Grype v0.40.1 released and php support
  1 project | dev.to | 24 Jun 2022
• Show HN: Releasing Vulnerabilities of Open Source Software
  2 projects | news.ycombinator.com | 21 May 2022
• A note from our sponsor - SonarLint
  www.sonarlint.org | 23 Mar 2023

  Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today. Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

Do not miss the trending Go projects with our weekly report!