Grype Logo

Grype

0
Free
Cloud Security
Vulnerability Scanner
Filesystem
Sbom
Visit Website

Grype is a vulnerability scanner for container images and filesystems. It scans the contents of a container image or filesystem to find known vulnerabilities. It supports Docker, OCI, and Singularity image formats. It also supports filtering and augmenting scanning results using OpenVEX.

FEATURES

ALTERNATIVES

Bad Pods Logo
Bad Pods

Collection of Kubernetes manifests creating pods with elevated privileges for security testing.

Free
Cloud Security
Nimbostratus Logo
Nimbostratus

A set of tools for fingerprinting and exploiting Amazon cloud infrastructures

Free
Cloud Security
CloudFox Logo
CloudFox

CloudFox helps gain situational awareness in unfamiliar cloud environments for penetration testers and offensive security professionals.

Free
Cloud Security
aws-allowlister Logo
aws-allowlister

Automatically compile AWS SCPs for compliant AWS services based on preferred frameworks.

Free
Cloud Security
oscap-docker Logo
oscap-docker

Tool for assessing compliance and running vulnerability scans on Docker images.

Free
Cloud Security
AWS Assume Role Helper Logo
AWS Assume Role Helper

A CLI utility that makes it easier to switch between different AWS roles

Free
Cloud Security
Atomic Reactor Logo
Atomic Reactor

Python library for building Docker images with advanced features.

Free
Cloud Security
Docker Layer 2 ICC Bug Logo
Docker Layer 2 ICC Bug

Discover and understand the Docker Layer 2 ICC Bug and its implications on inter-container communication.

Free
Cloud Security

PINNED

Mandos Brief Newsletter Logo

Mandos Brief Newsletter

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Resources
PTJunior Logo

PTJunior

An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.

Offensive Security
CTIChef.com Detection Feeds Logo

CTIChef.com Detection Feeds

A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.

Threat Management
ImmuniWeb® Discovery Logo

ImmuniWeb® Discovery

ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Attack Surface Management
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security