snyk / cli

Related projects: ⓘ

• docker / docker-bench-security
  The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in productio…
  ☆9,060Updated 4 months ago
• anchore / grype
  A vulnerability scanner for container images and filesystems
  ☆8,492Updated this week
• quay / clair
  Vulnerability Static Analysis for Containers
  ☆10,265Updated this week
• RetireJS / retire.js
  scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
  ☆3,653Updated last week
• ajinabraham / nodejsscan
  nodejsscan is a static security code scanner for Node.js applications.
  ☆2,377Updated last month
• anchore / syft
  CLI tool and library for generating a Software Bill of Materials from container images and filesystems
  ☆6,015Updated this week
• aquasecurity / trivy
  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
  ☆22,901Updated this week
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆10,392Updated this week
• hadolint / hadolint
  Dockerfile linter, validate inline bash, written in Haskell
  ☆10,277Updated last month
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆4,404Updated this week
• falcosecurity / falco
  Cloud Native Runtime Security
  ☆7,252Updated this week
• Yelp / detect-secrets
  An enterprise friendly way of detecting and preventing secrets in code.
  ☆3,737Updated this week
• GoogleContainerTools / distroless
  🥑 Language focused docker images, minus the operating system.
  ☆18,671Updated this week
• gitleaks / gitleaks
  Protect and discover secrets using Gitleaks 🔑
  ☆17,413Updated this week
• getsops / sops
  Simple and flexible tool for managing secrets
  ☆16,355Updated this week
• moby / buildkit
  concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit
  ☆8,050Updated this week
• kubernetes / kompose
  Convert Compose to Kubernetes
  ☆9,489Updated last week
• open-policy-agent / opa
  Open Policy Agent (OPA) is an open source, general-purpose policy engine.
  ☆9,529Updated this week
• zaproxy / zaproxy
  The ZAP core project
  ☆12,501Updated this week
• probot / probot
  🤖 A framework for building GitHub Apps to automate and improve your workflow
  ☆8,903Updated 3 weeks ago
• grafana / k6
  A modern load testing tool, using Go and JavaScript - https://k6.io
  ☆25,036Updated last week
• eth0izzle / shhgit
  Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.
  ☆3,821Updated last year
• GoogleContainerTools / kaniko
  Build Container Images In Kubernetes
  ☆14,611Updated this week
• Netflix / chaosmonkey
  Chaos Monkey is a resiliency tool that helps applications tolerate random instance failures.
  ☆15,045Updated 9 months ago
• GoogleContainerTools / skaffold
  Easy and Repeatable Kubernetes Development
  ☆14,933Updated this week
• reviewdog / reviewdog
  🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
  ☆7,786Updated this week
• github / codeql
  CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
  ☆7,521Updated this week
• slimtoolkit / slim
  Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it …
  ☆19,248Updated this week
• google / oss-fuzz
  OSS-Fuzz - continuous fuzzing for open source software.
  ☆10,323Updated this week
• aquasecurity / kube-hunter
  Hunt for security weaknesses in Kubernetes clusters
  ☆4,715Updated 6 months ago