google / osv-scanner
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
☆6,533Updated this week
Alternatives and similar repositories for osv-scanner:
Users that are interested in osv-scanner are comparing it to the libraries listed below
- Open source vulnerability DB and triage service.☆1,741Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆6,604Updated this week
- A vulnerability scanner for container images and filesystems☆9,401Updated this week
- Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.☆2,193Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆4,773Updated this week
- Real-time HTTP Intrusion Detection☆3,042Updated last year
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆24,739Updated this week
- A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.☆1,569Updated 2 years ago
- A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for att…☆4,962Updated this week
- Supply-chain Levels for Software Artifacts☆1,602Updated last week
- A static analysis tool for securing Go code☆2,183Updated last year
- An HTTP toolkit for security research.☆6,198Updated 2 weeks ago
- RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…☆2,676Updated last week
- This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-…☆3,610Updated this week
- Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.☆11,743Updated this week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆11,164Updated this week
- httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.☆8,123Updated this week
- Anteon (formerly Ddosify) - Effortless Kubernetes Monitoring and Performance Testing. Available on CLI, Self-Hosted, and Cloud☆8,448Updated 3 months ago
- Open Source Package Analysis☆820Updated 2 weeks ago
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,326Updated this week
- Go security checker☆8,026Updated this week
- An enterprise friendly way of detecting and preventing secrets in code.☆3,946Updated 2 weeks ago
- A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communit…☆3,175Updated 2 months ago
- Find, verify, and analyze leaked credentials☆18,141Updated this week
- An OOB interaction gathering server and client library☆3,595Updated this week
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆2,872Updated this week
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆22,232Updated this week
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,200Updated this week
- Code signing and transparency for containers and binaries☆4,725Updated this week
- Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with h…☆8,350Updated last week