An open API service indexing awesome lists of open source software.

https://github.com/homelabforge/vulnforge

Container vulnerability scanning and compliance platform powered by Trivy
https://github.com/homelabforge/vulnforge

docker management scanner security trivy

Last synced: 1 day ago
JSON representation

Container vulnerability scanning and compliance platform powered by Trivy

Awesome Lists containing this project

README

          

Container Security Insights for Your Homelab

[![CI](https://github.com/homelabforge/vulnforge/actions/workflows/ci.yml/badge.svg)](https://github.com/homelabforge/vulnforge/actions/workflows/ci.yml)
[![CodeQL](https://github.com/homelabforge/vulnforge/actions/workflows/codeql.yml/badge.svg)](https://github.com/homelabforge/vulnforge/actions/workflows/codeql.yml)
[![Publish](https://github.com/homelabforge/vulnforge/actions/workflows/publish.yml/badge.svg)](https://github.com/homelabforge/vulnforge/actions/workflows/publish.yml)

[![Docker](https://img.shields.io/badge/Docker-Available-2496ED?logo=docker&logoColor=white)](https://github.com/homelabforge/vulnforge/pkgs/container/vulnforge)
[![Python 3.14](https://img.shields.io/badge/Python-3.14-3776AB?logo=python&logoColor=white)](https://www.python.org)
[![React 19](https://img.shields.io/badge/React-19-61DAFB?logo=react&logoColor=black)](https://react.dev)
[![Bun](https://img.shields.io/badge/dynamic/regex?url=https://raw.githubusercontent.com/homelabforge/vulnforge/main/.bun-version&search=^([\d.]%2B)&label=Bun&color=000000&logo=bun&logoColor=white&prefix=v)](https://bun.sh)
[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)
[![Discord](https://img.shields.io/badge/Discord-Community-5865F2?logo=discord&logoColor=white)](https://discord.gg/6XttnVgG)

---

![VulnForge Dashboard](docs/screenshots/dashboard.png)

---

## Key Features

- **Vulnerability Scanning** - Trivy integration with KEV tagging, CVSS scoring, and comprehensive history
- **Compliance Monitoring** - Native CIS compliance checks with weekly reporting
- **Image Efficiency Analysis** - Dive layer analysis for optimization insights
- **Secret Detection** - Scan for exposed credentials with false-positive triage
- **Real-time Progress** - SSE-powered scan status updates
- **7 Notification Services** - Gotify, Pushover, Slack, Discord, Telegram, Email, ntfy
- **Activity Logging** - Complete audit trail of all operations
- **Database Encryption** - AES-128 encryption for sensitive fields
- **Light/Dark Theme** - Automatic system preference detection
- **Self-Hosted** - Your data stays on your infrastructure

**Default Mode**: Runs with no authentication for easy setup. Configure authentication in Settings before exposing to the internet.

**Deployment Note**: VulnForge must run as a single worker (`--workers 1`). The scan queue, compliance state, and settings cache use in-process memory. Do not increase Granian workers — this will cause duplicate scans and stale data.

📖 **[Complete Installation Guide](https://github.com/homelabforge/vulnforge/wiki/Installation)**

## Support

- **📚 Documentation**: [GitHub Wiki](https://github.com/homelabforge/vulnforge/wiki)
- **🌐 Website**: [homelabforge.io/builds/vulnforge](https://homelabforge.io/builds/vulnforge/)
- **🐛 Bug Reports**: [GitHub Issues](https://github.com/homelabforge/vulnforge/issues)
- **💬 Discussions**: [GitHub Discussions](https://github.com/homelabforge/vulnforge/discussions)

---

## License

MIT License - see [LICENSE](LICENSE) file for details.

---

## Acknowledgments

Built for homelabbers who want comprehensive container security insights without relying on third-party services.

Part of the [HomelabForge](https://homelabforge.io) ecosystem.

### Development Assistance

VulnForge was developed through AI-assisted pair programming with **Claude** and **Codex**, combining human vision with AI capabilities for architecture, security patterns, and implementation.