Search Results for "vulnerability"
Sort By:
Showing 13 open source projects for "vulnerability"
View related business solutions-
Stop Cyber Threats with VM-Series Next-Gen Firewall on AzureGain integrated visibility across all traffic in a single pass. Deploy Palo Alto Networks VM-Series to determine application identity and content while automating security policy updates via rich APIs.
-
Auth0 B2B Essentials: SSO, MFA, and RBAC Built InAuth0's B2B Essentials plan gives you everything you need to ship secure multi-tenant apps. Unlimited orgs, enterprise SSO, RBAC, audit log streaming, and higher auth and API limits included. Add on M2M tokens, enterprise MFA, or additional SSO connections as you scale.
-
1
Kubernetes DNS
Kubernetes DNS service
This is the repository for Kubernetes DNS(kube-dns and nodelocaldns). Vulnerability patches are mainly for debian-base or debian-iptables images. They can be updated to the latest by modifying rules.mk and dnsmasq Makefile. -
2
Trivy Operator
Kubernetes-native security toolkit
...The scans are summarised in security reports as Kubernetes Custom Resource Definitions, which become accessible through the Kubernetes API. The Operator does this by watching Kubernetes for state changes and automatically triggering security scans in response. For example, a vulnerability scan is initiated when a new Pod is created. This way, users can find and view the risks that relate to different resources in a Kubernetes-native way. The Trivy Operator automatically generates and updates security reports. These reports are generated in response to new workload and other changes on a Kubernetes cluster. -
3
tfsec
Security scanner for your Terraform code
tfsec is a static analysis security scanner for your Terraform code. Designed to run locally and in your CI pipelines, developer-friendly output and fully documented checks mean detection and remediation can take place as quickly and efficiently as possible. tfsec takes a developer-first approach to scanning your Terraform templates; using static analysis and deep integration with the official HCL parser it ensures that security issues can be detected before your infrastructure changes take... -
4
Harbor
An open source trusted cloud native registry project that stores
Harbor is an open-source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open-source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build-and-run environment can improve the image transfer efficiency. Harbor supports replication of images between registries, and also offers advanced security features such as user management, access control... -
Ship Agents FasterGemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
-
5
Trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers
...Are you a Trivy fan as well? We’d love to hear from you! Trivy detects vulnerabilities from a wide array of operating systems and programming languages, across different versions, and vulnerability sources. Detect common misconfigurations with Trivy, using the same familiar tool and workflow that you already have in place for vulnerabilities. Trivy scans Terraform, CloudFormation, Docker, Kubernetes, and many other IaC configuration files for security issues right alongside vulnerabilities. Trivy IaC is brought to you by the team behind the popular tfsec project. ... -
6
KubeClarity
KubeClarity is a tool for detection and management of vulnerabilities
KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply chain security. Effective vulnerability scanning requires an accurate Software Bill Of Materials (SBOM) detection. KubeClarity includes a CLI that can be run locally and especially useful for CI/CD pipelines. It allows to analyze images and directories to generate SBOM, and scan it for vulnerabilities. The results can be exported to KubeClarity backend. -
7
Clair
Vulnerability Static Analysis for Containers
Clair is an application for parsing image contents and reporting vulnerabilities affecting the contents. This is done via static analysis and not at runtime. Clair v4 utilizes the ClairCore library as its engine for examining contents and reporting vulnerabilities. At a high level you can consider Clair a service wrapper to the functionality provided in the ClairCore library. The main branch may be in an unstable or even broken state during development. Please use releases instead of the... -
8
The Optimism Monorepo
Optimism is Ethereum, scaled
Optimism is a low-cost and lightning-fast Ethereum L2 blockchain, but it's also so much more than that. Optimism is the technical foundation for the Optimism Collective, a band of communities, companies, and citizens united by a mutually beneficial pact to adhere to the axiom of impact=profit — the principle that positive impact to the collective should be rewarded with profit to the individual. We're trying to solve some of the most critical coordination failures facing the crypto ecosystem... -
9
Capslock
Tool to remap Caps Lock key behavior on Windows systems
Capslock is a command-line tool for analyzing the capabilities of Go packages to reveal what privileged operations their code and dependencies can perform. Rather than detecting vulnerabilities, Capslock focuses on identifying capabilities — permissions implied by calls to sensitive or privileged standard library functions, such as file system access, networking, or process control. By following transitive call graphs, it classifies which security-sensitive operations each package can reach,... -
Secure File Transfer for Windows with Cerberus by RedwoodCerberus supports unlimited users and connections on a single IP, with built-in encryption, 2FA, and a browser-based web client — all deployable in under 15 minutes with a 25-day free trial.
-
10
GoKart
A static analysis tool for securing Go code
...For instance, a SQL query that is concatenated with a variable might traditionally be flagged as SQL injection; however, GoKart can figure out if the variable is actually a constant or constant equivalent, in which case there is no vulnerability. GoKart also helps to power Chariot, Praetorian's security platform that helps you find, manage, and fix vulnerabilities in your source code and cloud environments. Chariot makes it simple to run automated, continuous GoKart scans on your source code. If you want to try GoKart, you can set up a free Chariot account in minutes. -
11
httprobe
Take a list of domains and probe for working HTTP and HTTPS servers
...It supports additional probes on custom ports and protocols, enabling more flexible scanning scenarios. httprobe also allows users to adjust timeouts and prioritize HTTPS results, making it adaptable to different reconnaissance needs. Its output can be easily piped into other tools for further analysis, such as vulnerability scanning or content discovery. -
12
waybackurls
Fetch all the URLs that the Wayback Machine knows about for a domain
waybackurls is a command-line reconnaissance tool that retrieves historical URLs associated with a given domain by querying the Internet Archive’s Wayback Machine. It accepts input domains via standard input and outputs a list of discovered URLs, making it easy to integrate into pipelines and automated workflows. The tool is particularly valuable in security research, bug bounty hunting, and penetration testing, as it uncovers endpoints that may no longer be publicly linked but still exist... -
13
reg
Docker registry v2 command line client and repo listing generator
Docker registry v2 command line client and repo listing generator with security checks. We do not allow users to pass all the custom certificate flags on commands because it is unnecessarily messy and can be handled through Linux itself. Which we believe is a better user experience than having to pass three different flags just to communicate with a registry using self-signed or private certificates.
- Previous
- You're on page 1
- Next
