This repository is deprecated and no longer maintained. If you're looking for a host-local container vulnerability scanner see our new projects: Software Bill of Materials for Containers: Syft_ Container Vulnerability…
*This repository is deprecated and no longer maintained.*
If you're looking for a host-local container vulnerability scanner see our new projects:
Software Bill of Materials for Containers: Syft_
Container Vulnerability Scanning: Grype_
.. _Syft: https://github.com/anchore/syft
.. _Grype: https://github.com/anchore/grype
-
grype
A vulnerability scanner for container images and filesystems
Go ★ 12k 1d agoExplain → -
syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Go ★ 9.1k 1d agoExplain → -
anchore-engine ▣
A service that analyzes docker images and scans for vulnerabilities
Python ★ 1.6k 3y agoExplain → -
quill
Simple mac binary signing from any platform
Go ★ 511 21h agoExplain → -
anchore ▣
This project is deprecated. Work is now done on https://github.com/anchore/syft and https://github.com/anchore/grype for local-host Software Bill of Materials and vulnerability scanning tools.
Python ★ 362 5y agoExplain → -
scan-action
Anchore container analysis and scan provided as a GitHub Action
JavaScript ★ 283 2d agoExplain → -
sbom-action
GitHub Action for creating software bill of materials using Syft.
TypeScript ★ 246 1d agoExplain → -
grant
A license scanner for container images and filesystems.
Go ★ 171 1d agoExplain → -
vunnel
Tool for collecting vulnerability data from various sources (used to build the grype database)
Python ★ 122 3d agoExplain → -
stereoscope
go library for processing container images and simulating a squash filesystem
Go ★ 112 1d agoExplain → -
anchore-cli ▣
Simple command-line client to the Anchore Engine service
Python ★ 112 1y agoExplain → -
k8s-inventory
Anchore Kubernetes Inventory can poll Kubernetes Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-use
Go ★ 70 10d agoExplain → -
grype-db
No description.
Python ★ 66 2d agoExplain → -
kubernetes-admission-controller
Service implementation for a Kubernetes Dynamic Webhook controller for interacting with Anchore
Go ★ 65 12d agoExplain → -
chronicle
a fast changelog generator sourced from PRs and Issues
Go ★ 64 1d agoExplain → -
binny
Manage a directory of binaries without a package manager
Go ★ 55 22h agoExplain → -
anchore-charts
Helm charts for Anchore tools and services
Python ★ 55 11d agoExplain → -
nvd-data-overrides
No description.
Python ★ 50 1d agoExplain → -
harbor-scanner-adapter
Harbor Scanner Adapter for Anchore Engine and Enterprise
Go ★ 40 2d agoExplain → -
ci-tools ▣
Contains scripts for running anchore engine in CI pipelines
Shell ★ 34 4y agoExplain → -
yardstick
Compare vulnerability scanners results (to make them better!)
Python ★ 27 3d agoExplain → -
grype-vscode ▣
Grype vulnerability check plugin for Visual Studio Code
TypeScript ★ 25 1y agoExplain → -
sbom-examples ▣
Repository of SBOMs generated by the syft SBOM generator tool, against a list of popular dockerhub container images.
Python ★ 21 3mo agoExplain → -
vulnerability-data-tools
No description.
Python ★ 19 1d agoExplain → -
cve-data-enrichment
No description.
Shell ★ 18 1d agoExplain → -
fangs
No description.
Go ★ 17 1d agoExplain → -
clio
An easy way to bootstrap your application with batteries included.
Go ★ 17 1d agoExplain → -
vulnerability-match-labels
Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners
Python ★ 14 9d agoExplain → -
go-struct-converter
Go library that provides a set of conversion utilities to help migrate between different versioned Go structs.
Go ★ 11 1d agoExplain → -
grype-mcp ▣
MCP Server for Anchore's Grype
Python ★ 9 9mo agoExplain → -
anchore-grafeas-cli ▣
Tool for connecting to an anchore-engine DB and generating grafeas note/occurrence JSON documents
Python ★ 9 5y agoExplain → -
ecs-inventory
Anchore ECS Inventory can poll ECS Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-use
Go ★ 8 3d agoExplain → -
bubbly
No description.
Go ★ 8 2d agoExplain → -
go-macholibre
No description.
Go ★ 7 1d agoExplain → -
s3c-workshops
Deploy Anchore Enterprise in an environment of your choice. Then follow through a series of labs that showcase how you can improve security across your software supply chain.
Dockerfile ★ 7 1mo agoExplain → -
oss-docs
Anchore OSS Documentation
Python ★ 5 1d agoExplain → -
engine-operator ▣
Helm based anchore engine operator
Makefile ★ 5 4y agoExplain → -
client-go ▣
Golang client for Anchore API
Makefile ★ 4 11mo agoExplain → -
test-images
Container automation for testing and validation
Dockerfile ★ 3 2mo agoExplain → -
enterprise-client-go ▣
Go client for Enterprise API (Not Officially Supported)
Mustache ★ 3 8mo agoExplain → -
azure-devops-task ▣
Anchore Task Extension for Azure DevOps Pipelines
TypeScript ★ 3 3y agoExplain → -
go-sync
No description.
Go ★ 2 1d agoExplain → -
go-logger
No description.
Go ★ 2 1d agoExplain → -
workflows
reusable workflows to be used for the oss projects
Python ★ 2 9d agoExplain → -
go-lzo
A LZO1X decompression library written in go that is permissively licensed
Go ★ 2 2d agoExplain → -
homebrew-syft
homebrew tap for syft
Ruby ★ 2 15d agoExplain → -
circleci-orb-grype ▣
Repository for the Grype based CircleCI orb
Shell ★ 2 3y agoExplain → -
security-identifiers
Contains the Anchore-allocated security identifiers and the relationships to upstream security data source identifiers
★ 1 2d agoExplain → -
go-collections
No description.
Go ★ 1 2d agoExplain → -
homebrew-grant
No description.
Ruby ★ 1 15d agoExplain → -
packageurl-go ⑂
Go implementation of the package url spec
Go ★ 1 1mo agoExplain → -
.github
Anchore, Inc
★ 1 2mo agoExplain → -
vulnerability-data ▣
No description.
★ 1 2y agoExplain → -
modular-policy ▣
CLI utility for managing Anchore policy bundles as individual components. Useful for git-based policy management.
Python ★ 1 5y agoExplain → -
archiver ⑂ ▣
Easily create & extract archives, and compress & decompress files of various formats
★ 1 1y agoExplain → -
scan-action-tests ▣
Functional validation of the scan-action project
Python ★ 1 5y agoExplain → -
engine-db-preload ▣
Some scripting to handling creation of preloaded anchore DB container
Shell ★ 1 3y agoExplain → -
deployment-templates ▣
Repository for example Anchore Engine deployment methods and integrations
★ 1 6mo agoExplain → -
charts ⑂ ▣
Curated applications for Kubernetes
Go ★ 1 5y agoExplain → -
policy-bundles-1 ⑂ ▣
Starter security policies for Anchore
★ 1 5y agoExplain → -
vulnerability-index-spec-files
Controls the rendering of specific vulnerability data records
★ 0 1d agoExplain → -
go-make
No description.
Go ★ 0 2d agoExplain → -
redhat-enterprise-linux-9-stig-baseline ⑂
RHEL 9.X STIG Automated Compliance Validation Profile works with Chef InSpec to perform automated compliance checks of RHEL9.
Ruby ★ 0 2d agoExplain → -
chainguard-inspec ⑂
InSpec profile for Chainguard container images
★ 0 3d agoExplain → -
sarif-validator
No description.
JavaScript ★ 0 9d agoExplain → -
security-cli
Tool for performing various Anchore security data curation tasks
Python ★ 0 1d agoExplain → -
homebrew-grype
homebrew tap for grype
Ruby ★ 0 15d agoExplain → -
go-rpmdb ⑂
Library for enumerating packages in an RPM DB (without bindings)
Go ★ 0 1mo agoExplain → -
go-homedir ⑂
Go library for detecting and expanding the user's home directory without cgo.
Go ★ 0 1mo agoExplain → -
redhat-enterprise-linux-7-stig-baseline ⑂
InSpec profile to validate the secure configuration of Red Hat Enterprise Linux 7, against DISA's Red Hat Enterprise Linux 7 Security Technical Implementation Guide (STIG) Version 3, Release 10.
★ 0 6mo agoExplain → -
test-infra
Contains infrastructure for running functional tests using Helm chart deployments
Python ★ 0 1y agoExplain → -
go-deb-version ⑂
A golang library for parsing deb package versions
★ 0 1y agoExplain → -
go-apk-version ⑂
A golang library for parsing apk package versions
★ 0 2y agoExplain → -
go-pep440-version ⑂
A golang library for parsing PEP 440 compliant Python versions
★ 0 3mo agoExplain → -
nginx-stigready-baseline ⑂ ▣
STIG Ready Content: InSpec Profile for NGINX Open Source based off the Web SRG V2R3
★ 0 1y agoExplain → -
customer-success ▣
No description.
★ 0 1y agoExplain → -
validators ▣
No description.
Python ★ 0 1y agoExplain → -
jotframe ⑂ ▣
A golang library for writing dynamic content to the terminal
★ 0 4y agoExplain → -
go-progress ⑂ ▣
simple progress utils
★ 0 5y agoExplain → -
go-presenter ⑂ ▣
No description.
Go ★ 0 4y agoExplain → -
go-partybus ⑂ ▣
an go event bus
★ 0 5y agoExplain → -
go-feeds-client ▣
go client for the feeds API
Go ★ 0 6y agoExplain → -
example-configs ▣
A repository for storing example configurations for auxillary systems utilized by Anchore Engine
★ 0 3y agoExplain → -
docker-desktop-extension-support ▣
No description.
★ 0 4y agoExplain → -
circleci-orbs ▣
Repo for all Anchore circleci orb source code
JavaScript ★ 0 4y agoExplain → -
homebrew-anchorectl ▣
No description.
Ruby ★ 0 4y agoExplain → -
sqlite ⑂ ▣
The pure-Go SQLite driver for GORM
Go ★ 0 3y agoExplain → -
licensecheck ⑂ ▣
The licensecheck package classifies license files and heuristically determines how well they correspond to known open source licenses.
★ 0 2y agoExplain → -
helm-hub ⑂ ▣
For the distributed charts search at hub.helm.sh
★ 0 5y agoExplain → -
go-version ⑂ ▣
A Go (golang) library for parsing and verifying versions and version constraints.
Go ★ 0 2y agoExplain → -
go-testutils ▣
common set of utilities for testing
Makefile ★ 0 5y agoExplain → -
mimetype ⑂ ▣
A fast Golang library for media type and file extension detection, based on magic numbers
Go ★ 0 1y agoExplain → -
project-bot ⑂ ▣
:octocat: Automatically add and move Issues/Pull Requests on a Project board
★ 0 6y agoExplain → -
misc ▣
misc utils
Python ★ 0 9y agoExplain → -
homebrew-core ⑂ ▣
🍻 Default formulae for the missing package manager for macOS (or Linux)
★ 0 2y agoExplain → -
docker-registry-client ⑂ ▣
No description.
Python ★ 0 8y agoExplain → -
community-operators ⑂ ▣
The canonical source for Kubernetes Operators that appear on OperatorHub.io, OpenShift Container Platform and OKD.
Shell ★ 0 6y agoExplain → -
anchore-keep-alive
block indefinitely by waiting on SIGTERM/SIGINT
Go ★ 0 3mo agoExplain → -
go-cache
No description.
Go ★ 0 3mo agoExplain → -
anchore-shift-left-automation ▣
No description.
Python ★ 0 1y agoExplain → -
apache-tomcat-9.x-stig-baseline ⑂
InSpec profile for Apache Tomcat 9.x STIG
Ruby ★ 0 7mo agoExplain → -
canonical-ubuntu-24.04-lts-stig-baseline ⑂
(WIP) InSpec profile to validate the secure configuration of Ubuntu 22.04, against DISA's Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide (STIG) Version 1, Release 1
Ruby ★ 0 7mo agoExplain → -
canonical-ubuntu-22.04-lts-stig-baseline ⑂
(WIP) InSpec profile to validate the secure configuration of Ubuntu 22.04, against DISA's Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide (STIG) Version 1, Release 1
Ruby ★ 0 7mo agoExplain → -
redhat-enterprise-linux-8-stig-baseline ⑂
RHEL 8.X STIG Automated Compliance Validation Profile works with Chef InSpec to perform automated compliance checks of RHEL8.
Ruby ★ 0 7mo agoExplain → -
vcpkg-test-fixture
No description.
CMake ★ 0 9mo agoExplain → -
anchore-policies ▣
Repository for sample Anchore policies
★ 0 6y agoExplain →
No repos match these filters.