Clair Logo

Clair

0
Free
Visit Website

Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including OCI and docker). Clients use the Clair API to index their container images and can then match it against known vulnerabilities. Our goal is to enable a more transparent view of the security of container-based infrastructure. Thus, the project was named Clair after the French term which translates to clear, bright, transparent. The book contains all the documentation on Clair's architecture and operation. Community Mailing List: clair-dev@googlegroups.com IRC: #clair on freenode.org Bugs: issues Contributing See CONTRIBUTING for details on submitting patches and the contribution workflow. License Clair is under the Apache 2.0 license. See the LICENSE file for details.

FEATURES

ALTERNATIVES

A hosted web application security testing tool that enables security researchers to register, activate their accounts, and scan web applications for vulnerabilities.

A virtual machine with numerous security vulnerabilities for testing exploits with Metasploit.

A tool for scanning websites with open .git repositories and dumping their content for Bug Hunting/Pentesting Purposes.

Vulnerable web application for beginners in penetration testing.

Pac-resolver, a popular NPM package with 3 million weekly downloads, has a severe remote code execution flaw.

A tool that assesses AWS accounts for subdomain hijacking vulnerabilities in Route53 and CloudFront configurations.

testssl.sh is a free command line tool for checking server's TLS/SSL configurations with clear and machine-readable output.

Automate the search for Exploits and Vulnerabilities in important databases.

PINNED