google / osv-scannerLinks
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
☆8,366Updated this week
Alternatives and similar repositories for osv-scanner
Users that are interested in osv-scanner are comparing it to the libraries listed below
Sorting:
- Open source vulnerability DB and triage service.☆2,451Updated last week
- A vulnerability scanner for container images and filesystems☆11,391Updated last week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆8,253Updated this week
- Find, verify, and analyze leaked credentials☆24,137Updated last week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆13,862Updated last week
- OpenSSF Scorecard - Security health metrics for Open Source☆5,233Updated last week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆30,990Updated last week
- Find secrets with Gitleaks 🔑☆24,657Updated 2 weeks ago
- Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.☆2,238Updated 2 months ago
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆26,626Updated this week
- Open Source Vulnerability Management Platform☆6,116Updated last month
- Code signing and transparency for containers and binaries☆5,574Updated last week
- Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.☆2,117Updated this week
- A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for att…☆5,668Updated last week
- OWASP Coraza WAF is a golang modsecurity compatible web application firewall library☆3,213Updated this week
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,523Updated last week
- In-depth attack surface mapping and asset discovery☆14,007Updated this week
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,197Updated 3 weeks ago
- httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.☆9,428Updated this week
- 🔎 Static code analysis engine to find security issues in code.☆2,036Updated this week
- Automation engine to build, test and ship any codebase. Runs locally, in CI, or directly in the cloud☆15,289Updated last week
- API traffic analyzer for Kubernetes, providing deep packet inspection with complete API and Kubernetes contexts, retaining cluster-wide L…☆11,698Updated last week
- Fast passive subdomain enumeration tool.☆12,885Updated last week
- Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.☆2,530Updated this week
- Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules…☆5,943Updated last year
- Community curated list of templates for the nuclei engine to find security vulnerabilities.☆11,821Updated this week
- CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security☆9,141Updated last week
- This repository contains the scanner component for Greenbone Community Edition.☆4,353Updated last week
- A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.☆1,568Updated 3 years ago
- Cloud Native Runtime Security☆8,589Updated this week