trivy by aquasecurity

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

created at April 11, 2019, 1:01 a.m.

169 +0

21,437 +61

2,111 +5

gitleaks by gitleaks

Protect and discover secrets using Gitleaks 🔑

created at Jan. 27, 2018, 6:19 p.m.

153 +0

15,308 +67

1,315 +5

sops by getsops

Simple and flexible tool for managing secrets

created at Aug. 13, 2015, 10:11 p.m.

117 +0

15,173 +49

814 +2

trufflehog by trufflesecurity

Find and verify secrets

created at Dec. 31, 2016, 5:08 a.m.

166 -2

13,955 +62

1,516 +6

clair by quay

Vulnerability Static Analysis for Containers

created at Nov. 13, 2015, 6:46 p.m.

228 +0

10,052 +11

1,149 -2

gosec by GoASTScanner

Go security checker

created at July 18, 2016, 6:01 p.m.

89 +0

7,467 +13

585 +2

blackbox by StackExchange

Safely store secrets in Git/Mercurial/Subversion

created at April 6, 2014, 5:53 p.m.

122 +0

6,624 +3

370 +0

tfsec by aquasecurity

Security scanner for your Terraform code

created at March 4, 2019, 4:56 p.m.

71 +0

6,572 +10

529 +1

gopass by gopasspw

The slightly more awesome standard unix password manager for teams

created at Feb. 2, 2017, 12:33 p.m.

78 +0

5,659 +10

474 +0

terrascan by tenable

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

created at Sept. 11, 2017, 3:11 a.m.

67 +0

4,518 +15

492 +0

cosign by sigstore

Code signing and transparency for containers and binaries

created at Feb. 4, 2021, 12:49 p.m.

52 +0

4,095 +20

496 +1

conftest by open-policy-agent

Write tests against structured configuration data using the Open Policy Agent Rego query language

created at March 28, 2019, 5:12 p.m.

27 +0

2,790 +2

296 +0

kube-score by zegl

Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.

created at Sept. 16, 2018, 1:19 p.m.

23 +1

2,588 +1

174 +1

teller by tellerops

Cloud native secrets management for developers - never leave your command line for secrets.

created at March 24, 2021, 10:49 a.m.

26 +0

2,551 +10

164 +0

ssllabs-scan by ssllabs

A command-line reference-implementation client for SSL Labs APIs, designed for automated and/or bulk testing.

created at Oct. 14, 2014, 10:10 a.m.

95 -1

1,681 +0

240 +0

knox by pinterest

Knox is a secret management service

created at March 11, 2016, 7:19 p.m.

43 +0

1,220 +2

120 +0

rekor by sigstore

Software Supply Chain Transparency Log

created at June 17, 2020, 12:04 p.m.

18 +0

834 +4

156 +0

fulcio by sigstore

Sigstore OIDC PKI

created at Feb. 23, 2021, 3:19 p.m.

17 +0

604 +4

126 +0

kubectl-kubesec by controlplaneio

Security risk analysis for Kubernetes resources

created at May 8, 2018, 8:52 a.m.

25 +0

500 +0

37 +0

netz by SpectralOps

Discover internet-wide misconfigurations while drinking coffee

created at March 3, 2021, 6:47 p.m.

14 +0

374 +1

46 +0