Go Vulnerability

Open-source Go projects categorized as Vulnerability
Edit details
Security Golang Docker Go security-tools
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

Top 17 Go Vulnerability Projects

Go logo
Vulnerability

  1. trivy

    Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

    Project mention: trivy VS onequery - a user suggested alternative | libhunt.com/r/trivy | 2026-06-01

  2. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo

  3. SafeLine

    SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

    Project mention: SafeLine WAF running on Rootless Docker | dev.to | 2026-04-08

    In today’s post we’ll get going at getting SafeLine excellent WAF (Web Application Firewall) to agree at running on Rootless Docker setup.

  4. grype

    A vulnerability scanner for container images and filesystems

    Project mention: Performance Test: Grype 0.70 vs Trivy 0.50 Scan Times – 15% Faster for Alpine Images | dev.to | 2026-04-28

    After 120+ benchmark runs across 6 Alpine image variants, 2 hardware configurations, and 3 CI environments, our verdict is clear: Grype 0.70 is 15% faster than Trivy 0.50 for Alpine-based container images, with identical vulnerability detection parity. For teams scanning Alpine images at scale, this speedup translates to thousands of dollars in CI compute savings and hundreds of engineer hours reclaimed per month. If you're only scanning Alpine images, migrate to Grype today—the 15% speedup is worth the migration effort for any team with more than 100 daily scans. For heterogeneous image stacks, Trivy remains the better all-in-one option. We recommend running the benchmark script we provided earlier on your own images to validate the speedup for your specific workload.

  5. dockle

    Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

  6. osv.dev

    Open source vulnerability DB and triage service.

    Project mention: I scanned 8 popular open-source repos for outdated dependencies and CVEs. Here's what I found. | dev.to | 2026-05-31

    I built ScanReq, a VS Code extension that scans dependency files, checks versions against public registries in real time, and queries OSV.dev for known CVEs. It supports 8 ecosystems: Python, Node.js, Rust, Go, PHP, Ruby, and Java (both Maven and Gradle).

  7. bearer

    Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

  8. reverse-shell

    Reverse Shell as a Service

    Project mention: Reverse Shell as a Service | news.ycombinator.com | 2026-01-11

  9. copacetic

    🧵 CLI tool for directly patching container images!

  10. guac

    GUAC aggregates software security metadata into a high fidelity graph database.

  11. Terrapin-Scanner

    This repository contains a simple vulnerability scanner for the Terrapin attack present in the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".

  12. dnstake

    DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover

  13. octoscan

    Octoscan is a static vulnerability scanner for GitHub action workflows.

    Project mention: ci-doctor vs octoscan: when to use which | dev.to | 2026-04-28

    name: ci-audit on: pull_request permissions: contents: read security-events: write jobs: octoscan: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - run: | curl -fsSL -o octoscan https://github.com/synacktiv/octoscan/releases/latest/download/octoscan_linux_amd64 chmod +x ./octoscan ./octoscan scan . > octoscan.json || true - uses: github/codeql-action/upload-sarif@v3 if: always() with: sarif_file: octoscan.sarif category: octoscan ci-doctor: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: depmedicdev-byte/ci-doctor-action@v1

  14. fortiscan

    A high performance FortiGate SSL-VPN vulnerability scanning and exploitation tool.

  15. vimp

    Aggregate vulnerability scans from multiple container image scanners to identify discrepancies and get comprehensive exposure analysis. (by mchmarny)

  16. urlhawkscanner

    Blazing-fast URL security scanner in Go. Discover exposed headers, misconfigurations & vulnerabilities.

    Project mention: Built a Blazing-Fast OSINT Scanner in Go | dev.to | 2026-02-22

    ⭐ Drop a star on the repo and try it out: https://github.com/DhanushNehru/urlhawkscanner

  17. go-euvd

    Comprehensive and zero dependency Go library for the ENISA EU Vulnerability Database (EUVD) API. Instantly access real-time vulnerability data, security advisories, CVSS scores, and more.

    Project mention: Go-EUVD: Go Library for Interacting with Enisa EU Vulnerability Database (EUVD) | news.ycombinator.com | 2025-07-10

  18. gvs

    Analyze Golang-based code for vulnerabilities

    Project mention: Stop triaging Go CVEs that don't affect you | dev.to | 2026-05-05

    I built GVS to automate that. Give it a repo URL and a CVE ID, and it does call graph analysis to determine whether the vulnerable symbols are actually reachable from your code.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Go Vulnerability discussion

Log in or Post with

Go Vulnerability related posts

  • I scanned 8 popular open-source repos for outdated dependencies and CVEs. Here's what I found.

    1 project | dev.to | 31 May 2026

  • Grype: Fast and Accurate Vulnerability Scanner for Containers and Filesystems

    1 project | news.ycombinator.com | 4 Oct 2024

  • How to secure Terraform code with Trivy

    3 projects | dev.to | 14 Aug 2024

  • A vulnerability scanner for container images and filesystems

    1 project | news.ycombinator.com | 24 May 2024

  • Suas imagens de container não estão seguras!

    4 projects | dev.to | 20 Mar 2024

  • Terrapin SSH Attack: An Overview

    1 project | dev.to | 12 Jan 2024

  • Distroless images using melange and apko

    8 projects | dev.to | 22 Dec 2023
  • A note from our sponsor - SaaSHub
    www.saashub.com | 7 Jun 2026
    SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source Vulnerability projects in Go? This list will help you:

# Project Stars
1 trivy 35,597
2 SafeLine 21,460
3 grype 12,344
4 dockle 3,258
5 osv.dev 2,730
6 bearer 2,674
7 reverse-shell 2,042
8 copacetic 1,635
9 guac 1,501
10 Terrapin-Scanner 991
11 dnstake 853
12 octoscan 261
13 fortiscan 162
14 vimp 83
15 urlhawkscanner 11
16 go-euvd 9
17 gvs 4

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
Loading...