Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 15 Go vulnerability-scanner Projects
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
-
SecretScanner
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
LogMePwn
A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.
-
vesta
A static analysis of vulnerabilities, Docker and Kubernetes cluster configuration detect toolkit based on the real penetration of cloud computing (by kvesta)
-
udpx
Fast and lightweight, UDPX is a single-packet UDP scanner written in Go that supports the discovery of over 45 services with the ability to add custom ones. It is easy to use and portable, and can be run on Linux, Mac OS, and Windows. Unlike internet-wide scanners like zgrab2 and zmap, UDPX is designed for portability and ease of use.
-
vmclarity
VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities
-
log4shelldetect
Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons | dev.to | 2024-04-16Trivy Owner/Maintainer: Aqua Security Age: First released on GitHub on May 7th, 2019 License: Apache License 2.0 backward-compatible with tfsec
Project mention: A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons | dev.to | 2024-04-16tfsec Owner/Maintainer: Aqua Security (acquired in 2021) Age: First released on GitHub on March 5th, 2019 License: MIT License tfsec project is no longer actively maintained in favor of the Trivy tool. But because many people still use it and it's quite famous, I added tfsec to this comparison. However, I recommend against using it for new projects.
Project mention: An Overview of Kubernetes Security Projects at KubeCon Europe 2023 | dev.to | 2023-05-22VMClarity works similarly, but within the context of VMs used by cloud services to host containers and clusters. Compared to containers, VMs may be as (or even more) vulnerable to threats and they typically need complex tools for analysis. Following a similar pattern to KubeClarity, VMClarity supports aggregating multiple tools into one UI and CLI.
Go vulnerability-scanners related posts
- Docker image vulnerabilities scanning trivy vs synk.io
- Docker image vulnerabilities scanning trivy vs synk.io
- How to scan and control the K8 objects are being created against security threats?
- Is there a dashboard for the trivy-operator
- Improving your CI/CD Pipeline: Helm Charts Security Scanning with Trivy and GitHub Actions
- Find secrets and passwords in container images and file systems
- v0.33.0 · Discussion #3077 · aquasecurity/trivy
-
A note from our sponsor - InfluxDB
www.influxdata.com | 26 Apr 2024
Index
What are some of the best open-source vulnerability-scanner projects in Go? This list will help you:
Project | Stars | |
---|---|---|
1 | trivy | 21,316 |
2 | vuls | 10,671 |
3 | tfsec | 6,544 |
4 | scan4all | 5,231 |
5 | SecretScanner | 2,956 |
6 | trivy-operator | 1,038 |
7 | go-dork | 975 |
8 | clair-scanner | 837 |
9 | bomber | 453 |
10 | LogMePwn | 379 |
11 | lazytrivy | 267 |
12 | vesta | 170 |
13 | udpx | 165 |
14 | vmclarity | 86 |
15 | log4shelldetect | 44 |
Sponsored