A simple tool to audit Linux system libraries to find public security vulnerabilities.

This page summarizes the projects mentioned and recommended in the original post on /r/netsec
Security Hardening security-tools linux-security Docker

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • master_librarian

    Discontinued A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities

  • apt2sbom

    apt2sbom python package generates SPDX or CycloneDX files from Ubuntu APT and Python packaging information

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • vulnture

    • I’d guess it’s likely due to the matching of a software product to a cpe dictionary is likely the hardest part when querying NVD, a more enterprise version: https://github.com/airbnb/vulnture

  • trivy

    Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

    • If you're looking for a good OS / library vulnerability scanner, I would recommend trivy.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts