Alternatives and similar repositories for vuln-list

Users that are interested in vuln-list are comparing it to the libraries listed below

• aquasecurity / vuln-list-update
  ☆182Updated this week
• aquasecurity / trivy-db
  ☆266Updated this week
• facebookincubator / nvdtools
  A set of tools to work with the feeds (vulnerabilities, CPE dictionary etc.) distributed by National Vulnerability Database (NVD)
  ☆461Updated last year
• aquasecurity / fanal
  Static Analysis Library for Containers
  ☆198Updated last year
• aquasecurity / go-dep-parser
  Dependency Parser for Multiple Programming Languages
  ☆148Updated 11 months ago
• CloudSecurityAlliance / gsd-database
  Global Security Database
  ☆318Updated last year
• aquasecurity / linux-bench
  Checks whether a Linux server according to security best practices as defined in the CIS Distribution-Independent Linux Benchmark
  ☆171Updated 4 months ago
• Metarget / awesome-cloud-native-security
  awesome resources about cloud native security 🐿
  ☆317Updated last year
• brompwnie / botb
  A container analysis and exploitation tool for pentesters and engineers.
  ☆666Updated last year
• aquasecurity / defsec
  Trivy's misconfiguration scanning engine
  ☆218Updated 4 months ago
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆199Updated last week
• vulsio / go-exploitdb
  Tool for searching Exploits from Exploit Databases, etc.
  ☆282Updated last week
• ShiftLeftSecurity / sast-scan
  Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…
  ☆841Updated last year
• cyberark / kubesploit
  Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized en…
  ☆1,171Updated 4 months ago
• ossf / package-analysis
  Open Source Package Analysis
  ☆834Updated last month
• PaloAltoNetworks / rbac-police
  Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego
  ☆345Updated 2 months ago
• vulsio / go-cve-dictionary
  Build a local copy of CVE (NVD and Japanese JVN). Server mode for easy querying.
  ☆392Updated last week
• google / vulncode-db
  Vulncode-DB project
  ☆580Updated 3 years ago
• raesene / kube_security_lab
  ☆248Updated 8 months ago
• aquasecurity / harbor-scanner-trivy
  Use Trivy as a plug-in vulnerability scanner in the Harbor registry
  ☆223Updated 8 months ago
• ajinabraham / libsast
  Generic SAST Library
  ☆131Updated 6 months ago
• aquasecurity / docker-bench
  Checks whether Docker is deployed according to security best practices as defined in the CIS Docker Benchmark
  ☆215Updated 4 months ago
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆144Updated last year
• Metarget / k0otkit
  k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.
  ☆291Updated 3 years ago
• devops-kung-fu / bomber
  Scans Software Bill of Materials (SBOMs) for security vulnerabilities
  ☆569Updated 2 months ago
• RedHatProductSecurity / cvss
  CVSS2/3/4 library with interactive calculator for Python 2 and Python 3
  ☆99Updated last week
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆119Updated last week
• ossf / malicious-packages
  A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…
  ☆310Updated this week
• magnologan / awesome-sca
  A comprehensive list of software composition analysis tools.
  ☆147Updated last year
• srcclr / efda
  Evaluation Framework for Dependency Analysis (EFDA)
  ☆43Updated 3 years ago