google / vanir
Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system. By default, Vanir pulls up-to-date CVEs from Open Source Vulnerabilities (OSV) together with their corresponding signatures so that users can transparently scan missing patches for an up-to-date list of CVEs.
☆323Updated 2 weeks ago
Alternatives and similar repositories for vanir:
Users that are interested in vanir are comparing it to the libraries listed below
- ☆271Updated this week
- BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generato…☆357Updated last week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆292Updated this week
- tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such …☆217Updated 3 weeks ago
- Policy driven vetting of open source packages with malicious code analysis☆269Updated this week
- A repo to conduct vulnerability enrichment.☆577Updated this week
- Deep Linux runtime visibility meets Wireshark☆278Updated last month
- CI/CD Security Analyzer☆652Updated last week
- Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streaml…☆213Updated this week
- Gram is Klarna's own threat model diagramming tool☆319Updated last week
- ☆437Updated 6 months ago
- Tooling backed by an LLM for performing natural language searches against compiled target binaries. Search for encryption code, password …☆152Updated 10 months ago
- Validate the isolation posture of your container environment.☆248Updated this week
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆469Updated 3 months ago
- Callisto - An Intelligent Binary Vulnerability Analysis Tool☆362Updated last year
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆681Updated this week
- Atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆62Updated last week
- A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalo…☆373Updated 5 months ago
- Open Source Vulnerability schema.☆193Updated this week
- A security layer for Git repositories☆493Updated this week
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆71Updated last year
- boostsecurityio/poutine☆256Updated this week
- Quarkslab conference talks☆286Updated 3 weeks ago
- ☆289Updated 7 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆131Updated last year
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆178Updated this week
- A rewrite of YARA in Rust.☆716Updated last week
- #supply #chain #attack #detection☆504Updated this week
- GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment☆456Updated this week
- Open source vulnerability DB and triage service.☆1,753Updated this week