|Project Name||Stars||Downloads||Repos Using This||Packages Using This||Most Recent Commit||Total Releases||Latest Release||Open Issues||License||Language|
|Trivy||16,711||25||12 hours ago||176||September 16, 2022||383||apache-2.0||Go|
|Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more|
|Vuls||9,862||2 days ago||142||September 02, 2022||80||gpl-3.0||Go|
|Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices|
|Wpscan||7,407||5 days ago||50||other||Ruby|
|WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]|
|Scanners Box||7,014||a month ago||2|
|A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑|
|Nuclei Templates||5,974||12 hours ago||171||mit|
|Community curated list of templates for the nuclei engine to find security vulnerabilities.|
|Grype||5,413||6||17 hours ago||161||September 20, 2022||205||apache-2.0||Go|
|A vulnerability scanner for container images and filesystems|
|Poc In Github||4,796||a day ago||9|
|📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.|
|Awesome Web Hacking||4,260||6 months ago||1||mit|
|A list of web application security|
|W3af||4,142||a month ago||1,984||Python|
|w3af: web application attack and audit framework, the open source web vulnerability scanner.|
|Kube Hunter||4,030||2||4 months ago||17||May 12, 2022||68||apache-2.0||Python|
|Hunt for security weaknesses in Kubernetes clusters|
Trivy Vulnerability Scanner is a VS Code plugin that helps you find vulnerabilities in your software projects without leaving the comfort of your VS Code window.
The Trivy VS Code plugin now has a findings explorer which allows you to more easily navigate the config and vulnerability findings in your project
If you find one, please file a GitHub Issue here.
Have a feature you desire? Please let us know by filing an issue here.
Handle findings inside tarballs
Add support for secrets - turn on in the extension settings
Fix json check
Add support for newer format of json results
Fix typo in the configuration settings
Add additional settings for offline and minimum severity
Add Findings viewer and help
Automatic detection of old Trivy versions.
Initial release with basic project scanning.