LunaTrace Logo

LunaTrace

0
Free
Visit Website

LunaTrace is an Open Source supply chain security and auditing tool. At its heart is a web console the tracks your projects and their dependencies, looking for vulnerabilities and other issues. This console is provided as a SAAS (available here for free) or you can deploy it and manage it yourself. Please see our LunaTrace documentation for more information. We're a team of Security Engineers on a mission to make awesome Open Source Application Security tooling. It all lives in this monorepo and here's a breakdown of where everything we've built lives. LunaTrace: A free alternative to services like GitHub Dependabot or Snyk that automatically monitors for your dependencies for vulnerabilities. It automatically integrates with GitHub Pull Requests to notify you of new CVEs before you deploy to production. Try it out in one-click via our GitHub App. Status: Production ready and under active development (our primary focus). Log4Shell CLI: A small command line utility to scan for Log4Shell. Also supports patching JAR files against Log4Shell, scanning running processes on your system, and more. Follow our Mitigation Guide for more context.

FEATURES

ALTERNATIVES

A vulnerability remediation platform that consolidates security findings, prioritizes risks using AI, and automates remediation workflows across cloud and application environments.

All-in-one vulnerability intelligence platform for prioritizing remediation efforts and driving security strategies.

A vulnerable web site in NodeJS for testing security source code analyzers.

Check for known vulnerabilities in your Node.js installation.

Automated vulnerability discovery tool for Cake PHP framework with limited false positives.

Audits JavaScript projects for known vulnerabilities and outdated package versions using OSS Index v3 REST API.

A tool for detecting and exploiting vulnerabilities in web applications

A categorized collection of bug bounty write-ups for various vulnerabilities.