Clair Logo

Clair

0
Free
Visit Website

Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including OCI and docker). Clients use the Clair API to index their container images and can then match it against known vulnerabilities. Our goal is to enable a more transparent view of the security of container-based infrastructure. Thus, the project was named Clair after the French term which translates to clear, bright, transparent. The book contains all the documentation on Clair's architecture and operation. Community Mailing List: clair-dev@googlegroups.com IRC: #clair on freenode.org Bugs: issues Contributing See CONTRIBUTING for details on submitting patches and the contribution workflow. License Clair is under the Apache 2.0 license. See the LICENSE file for details.

FEATURES

ALTERNATIVES

A vulnerable Android application demonstrating various security issues and vulnerabilities

A vulnerability management tool for macOS that monitors and detects vulnerabilities in over 100 apps.

A vulnerable web site for testing Sentinel features

A tool for detecting and preventing secrets in code

A VMware image for penetration testing purposes

A categorized collection of bug bounty write-ups for various vulnerabilities.

A utility for testing AWS Lambda functions for SQL Injection vulnerabilities using SQLMap attacks.

Cloud-based service for testing and analyzing Android and iOS apps for malware, vulnerabilities, and security threats.