luhring

reach

A static network verification tool for AWS

anchore-vulnerability-match-labels

Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners

apko

Build OCI images using APK directly without Dockerfile

chainguard-github

Default files to be used for any public repository under the chainguard-dev organization.

chainguard-image-rumble

Data collection for base image CVEs etc.

chainguard-images

Public Chainguard Images

cosign

Container Signing

dive

A tool for exploring each layer in a docker image

go-apk

native go library for installation and management of apk packages

gobump

Go tool to declaratively bump dependencies.

golang-vuln

[mirror] the database client and tools for the Go vulnerability database

grype

A vulnerability scanner for container images and filesystems

grype-db

ko

Build and deploy Go applications

maxcve

melange

build APKs from source code

openvex-community

OpenVEX project community documentation

osvdb

Consume OSV data, build a vulnerability database, query the database

sbom-action

GitHub Action for creating software bill of materials using Syft.

syft

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

trivy-db

trivy-vuln-list-update

vexctl

A tool to create, transform and attest VEX metadata

vunnel

Tool for collecting vulnerability data from various sources (used to build the grype database)

wolfi-advisories

Security advisory data for Wolfi

wolfi-os

Main package repository for production Wolfi images

wolfi-secdb

Tool for generating Wolfi security databases

wolfictl

A CLI used to work with the Wolfi OSS project

yam

A sweet little formatter for YAML