Top 15 Go vulnerability-scanner Projects

• trivy

  82 21,316 9.7 Go

  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

  

Project mention: A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons | dev.to | 2024-04-16

Trivy Owner/Maintainer: Aqua Security Age: First released on GitHub on May 7th, 2019 License: Apache License 2.0 backward-compatible with tfsec

• vuls

  3 10,671 8.8 Go

  Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

  

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• tfsec

  28 6,544 5.5 Go

  Security scanner for your Terraform code

  

Project mention: A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons | dev.to | 2024-04-16

tfsec Owner/Maintainer: Aqua Security (acquired in 2021) Age: First released on GitHub on March 5th, 2019 License: MIT License tfsec project is no longer actively maintained in favor of the Trivy tool. But because many people still use it and it's quite famous, I added tfsec to this comparison. However, I recommend against using it for new projects.

• scan4all

  1 5,231 7.7 Go

  Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

  

• SecretScanner

  7 2,956 7.3 Go

  :unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:

  

• trivy-operator

  2 1,038 9.6 Go

  Kubernetes-native security toolkit

  

• go-dork

  4 975 3.3 Go

  The fastest dork scanner written in Go.

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• clair-scanner

  2 837 0.0 Go

  Docker containers vulnerability scan

• bomber

  4 453 7.1 Go

  Scans Software Bill of Materials (SBOMs) for security vulnerabilities

  

• LogMePwn

  1 379 0.0 Go

  A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.

• lazytrivy

  4 267 5.1 Go

  Vulnerability scanning just got lazier

• vesta

  1 170 6.3 Go

  A static analysis of vulnerabilities, Docker and Kubernetes cluster configuration detect toolkit based on the real penetration of cloud computing (by kvesta)

  

• udpx

  1 165 1.6 Go

  Fast and lightweight, UDPX is a single-packet UDP scanner written in Go that supports the discovery of over 45 services with the ability to add custom ones. It is easy to use and portable, and can be run on Linux, Mac OS, and Windows. Unlike internet-wide scanners like zgrab2 and zmap, UDPX is designed for portability and ease of use.

• vmclarity

  4 86 9.9 Go

  VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities

  

Project mention: An Overview of Kubernetes Security Projects at KubeCon Europe 2023 | dev.to | 2023-05-22

VMClarity works similarly, but within the context of VMs used by cloud services to host containers and clusters. Compared to containers, VMs may be as (or even more) vulnerable to threats and they typically need complex tools for analysis. Following a similar pattern to KubeClarity, VMClarity supports aggregating multiple tools into one UI and CLI.

• log4shelldetect

  3 44 0.0 Go

  Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

• SaaSHub

  www.saashub.com sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Go vulnerability-scanners related posts

• Docker image vulnerabilities scanning trivy vs synk.io
  1 project | /r/docker | 30 Apr 2023
• Docker image vulnerabilities scanning trivy vs synk.io
  1 project | /r/cybersecurity | 30 Apr 2023
• How to scan and control the K8 objects are being created against security threats?
  4 projects | /r/kubernetes | 24 Mar 2023
• Is there a dashboard for the trivy-operator
  3 projects | /r/kubernetes | 7 Feb 2023
• Improving your CI/CD Pipeline: Helm Charts Security Scanning with Trivy and GitHub Actions
  2 projects | dev.to | 2 Dec 2022
• Find secrets and passwords in container images and file systems
  1 project | news.ycombinator.com | 27 Oct 2022
• v0.33.0 · Discussion #3077 · aquasecurity/trivy
  1 project | /r/devopsish | 25 Oct 2022
• A note from our sponsor - InfluxDB
  www.influxdata.com | 26 Apr 2024

  Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

Do not miss the trending Go projects with our weekly report!