Alternatives and similar repositories for cli

Users that are interested in cli are comparing it to the libraries listed below

• RetireJS / retire.js
  scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
  ☆4,041Updated this week
• ajinabraham / nodejsscan
  nodejsscan is a static security code scanner for Node.js applications.
  ☆2,537Updated 2 months ago
• quay / clair
  Vulnerability Static Analysis for Containers
  ☆10,889Updated 2 weeks ago
• anchore / grype
  A vulnerability scanner for container images and filesystems
  ☆11,288Updated this week
• aquasecurity / trivy
  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
  ☆30,682Updated this week
• dependency-check / DependencyCheck
  OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependen…
  ☆7,367Updated last week
• docker / docker-bench-security
  The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in productio…
  ☆9,577Updated last year
• probot / probot
  🤖 A framework for building GitHub Apps to automate and improve your workflow
  ☆9,406Updated this week
• anchore / anchore-engine
  A service that analyzes docker images and scans for vulnerabilities
  ☆1,593Updated 2 years ago
• thoughtworks / talisman
  Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and priva…
  ☆2,054Updated this week
• anchore / syft
  CLI tool and library for generating a Software Bill of Materials from container images and filesystems
  ☆8,175Updated this week
• aquasecurity / tfsec
  Tfsec is now part of Trivy
  ☆6,935Updated last month
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆5,211Updated this week
• falcosecurity / falco
  Cloud Native Runtime Security
  ☆8,521Updated last week
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆13,733Updated this week
• eslint-community / eslint-plugin-security
  ESLint rules for Node Security
  ☆2,313Updated 2 months ago
• nodesecurity / nsp
  node security platform command-line tool
  ☆1,655Updated 7 years ago
• aquasecurity / kube-hunter
  Hunt for security weaknesses in Kubernetes clusters
  ☆4,981Updated last year
• oclif / oclif
  CLI for generating, building, and releasing oclif CLIs. Built by Salesforce.
  ☆9,391Updated this week
• dependabot / dependabot-core
  🤖 Dependabot's core logic for creating update PRs.
  ☆5,333Updated this week
• gitleaks / gitleaks
  Find secrets with Gitleaks 🔑
  ☆24,428Updated 3 weeks ago
• michenriksen / gitrob
  Reconnaissance tool for GitHub organizations
  ☆6,105Updated 3 years ago
• aquasecurity / kube-bench
  Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
  ☆7,865Updated this week
• hadolint / hadolint
  Dockerfile linter, validate inline bash, written in Haskell
  ☆11,807Updated 2 weeks ago
• securego / gosec
  Go security checker
  ☆8,589Updated this week
• Bearer / bearer
  Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
  ☆2,520Updated 2 weeks ago
• fossas / fossa-cli
  Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Langua…
  ☆1,454Updated 2 weeks ago
• inspec / inspec
  InSpec: Auditing and Testing Framework
  ☆3,023Updated last week
• danger / danger-js
  ⚠️ Stop saying "you forgot to …" in code review
  ☆5,431Updated 3 weeks ago
• google / osv-scanner
  Vulnerability scanner written in Go which uses the data provided by https://osv.dev
  ☆8,287Updated this week