Alternatives and similar repositories for osv-scanner

Users that are interested in osv-scanner are comparing it to the libraries listed below

• google / osv.dev
  Open source vulnerability DB and triage service.
  ☆1,901Updated this week
• anchore / syft
  CLI tool and library for generating a Software Bill of Materials from container images and filesystems
  ☆7,223Updated this week
• anchore / grype
  A vulnerability scanner for container images and filesystems
  ☆10,022Updated this week
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆11,851Updated this week
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆4,931Updated this week
• securego / gosec
  Go security checker
  ☆8,305Updated this week
• BishopFox / cloudfox
  Automating situational awareness for cloud penetration tests.
  ☆2,130Updated 3 months ago
• corazawaf / coraza
  OWASP Coraza WAF is a golang modsecurity compatible web application firewall library
  ☆2,700Updated this week
• owasp-dep-scan / dep-scan
  OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …
  ☆1,123Updated last week
• DependencyTrack / dependency-track
  Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…
  ☆3,098Updated this week
• projectdiscovery / katana
  A next-generation crawling and spidering framework.
  ☆13,827Updated this week
• DataDog / stratus-red-team
  Granular, Actionable Adversary Emulation for the Cloud
  ☆2,041Updated this week
• infobyte / faraday
  Open Source Vulnerability Management Platform
  ☆5,485Updated 2 weeks ago
• trufflesecurity / trufflehog
  Find, verify, and analyze leaked credentials
  ☆19,562Updated this week
• sigstore / cosign
  Code signing and transparency for containers and binaries
  ☆5,005Updated this week
• aquasecurity / trivy
  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
  ☆27,157Updated this week
• sottlmarek / DevSecOps
  Ultimate DevSecOps library
  ☆6,088Updated 7 months ago
• guacsec / guac
  GUAC aggregates software security metadata into a high fidelity graph database.
  ☆1,372Updated this week
• OpenCTI-Platform / opencti
  Open Cyber Threat Intelligence Platform
  ☆7,397Updated this week
• future-architect / vuls
  Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
  ☆11,631Updated this week
• teler-sh / teler
  Real-time HTTP Intrusion Detection
  ☆3,055Updated last year
• krol3 / container-security-checklist
  Checklist for container security - devsecops practices
  ☆1,574Updated last year
• cisagov / RedEye
  RedEye is a visual analytic tool supporting Red & Blue Team operations
  ☆2,723Updated last year
• trickest / cve
  Gather and update all available and newest CVEs with their PoC.
  ☆7,042Updated this week
• google / log4jscanner
  A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.
  ☆1,568Updated 2 years ago
• github / advisory-database
  Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
  ☆1,897Updated last week
• falcosecurity / falco
  Cloud Native Runtime Security
  ☆8,000Updated this week
• madhuakula / kubernetes-goat
  Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on p…
  ☆4,818Updated 3 weeks ago
• coroot / coroot
  Coroot is an open-source APM & Observability tool, a DataDog and NewRelic alternative. Metrics, logs, traces, continuous profiling, and S…
  ☆6,571Updated this week
• praetorian-inc / noseyparker
  Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.
  ☆1,967Updated this week