Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Projects in Awesome Lists tagged with trivy
A curated list of projects in awesome lists tagged with trivy .
https://github.com/walidshaari/certified-kubernetes-security-specialist
Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.
apparmor certification cks ckss exam-objectives falco kernel-hardening kube-bench kube-hunter kubernetes kubernetes-security mitre-attack open-policy-agent os-footprint pod pod-security-policy policy seccomp security trivy
Last synced: 18 Dec 2024
https://github.com/walidshaari/Certified-Kubernetes-Security-Specialist
Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.
apparmor certification cks ckss exam-objectives falco kernel-hardening kube-bench kube-hunter kubernetes kubernetes-security mitre-attack open-policy-agent os-footprint pod pod-security-policy policy seccomp security trivy
Last synced: 15 Nov 2024
https://github.com/hummerrisk/hummerrisk
HummerRisk 是云原生安全平台,包括混合云安全治理和云原生安全检测。
cloud-custodian cloud-native cloud-native-security compliance compliance-as-code cspm k8s-security kubernetes-security prowler sbom security trivy vulnerability
Last synced: 21 Dec 2024
https://github.com/HummerRisk/HummerRisk
HummerRisk 是云原生安全平台,包括混合云安全治理和云原生安全检测。
cloud-custodian cloud-native cloud-native-security compliance compliance-as-code cspm k8s-security kubernetes-security prowler sbom security trivy vulnerability
Last synced: 12 Nov 2024
https://github.com/project-copacetic/copacetic
🧵 CLI tool for directly patching container images!
cncf compliance container-image container-security containers devsecops docker hacktoberfest patching security security-tools trivy vulnerabilities vulnerability vulnerability-management
Last synced: 02 Nov 2024
https://github.com/komodorio/validkube
ValidKube combines the best open-source tools to help ensure Kubernetes YAML best practices, hygiene & security.
aws aws-lambda golang kubernetes kubeval opensource reactjs s3-bucket serverless trivy typescript yaml
Last synced: 16 Dec 2024
https://github.com/eraser-dev/eraser
🧹 Cleaning up images from Kubernetes nodes
cncf containers hacktoberfest image-security images kubernetes kubernetes-operator security-tools trivy vulnerabilities vulnerability-scanner
Last synced: 20 Dec 2024
https://github.com/kac89/vulnrepo
VULNRΞPO - Free vulnerability report generator and repository end-to-end encrypted. Complete templates of issues, CWE, CVE, MITRE ATT&CK, PCI DSS, issues import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/PDF report, attachments, automatic changelog, statistics, vulnerability management, methodologies and much more!
angular bugbounty burpsuite cve cwe end-to-end-encryption mitre-attack nessus nmap openvas pci-dss pentesting security security-team security-tool trivy vulnerability-assessment vulnerability-management vulnerability-report vulnerability-research
Last synced: 04 Nov 2024
https://github.com/owenrumney/lazytrivy
Vulnerability scanning just got lazier
aws-security docker golang golang-cli misconfigurations podman scanner security-auditing-tool security-tools staticanalysis trivy tui vulnerability-scanners
Last synced: 16 Dec 2024
https://github.com/m9sweeper/m9sweeper
m9sweeper is a free and easy kubernetes security platform.
containers docker falco kube-bench kube-hunter kubernetes kubesec security trivy
Last synced: 17 Nov 2024
https://github.com/moabukar/cks-exercises-certified-kubernetes-security-specialist
A set of curated exercises to help you prepare for the CKS exam
anchore apparmor audit-log cks containerd containers falco gvisor kube-bench kubernetes networkpolicies opa seccomp secrets-management security security-tools static-analysis sysdig trivy
Last synced: 19 Dec 2024
https://github.com/aquasecurity/harbor-scanner-trivy
Use Trivy as a plug-in vulnerability scanner in the Harbor registry
harbor harbor-pluggable-scanners harbor-registry scanner-adapter trivy vulnerability-scanner
Last synced: 20 Nov 2024
https://github.com/dbsystel/trivy-vulnerability-explorer
Web application that allows to load a Trivy report in json format and displays the vulnerabilities of a single target in an interactive data table.
hacktoberfest report scan trivy vulnerability
Last synced: 20 Nov 2024
https://github.com/edersonbrilhante/vilicus
Vilicus is an open source tool that orchestrates security scans of container images(docker/oci) and centralizes all results into a database for further analysis and metrics.
anchore cicd clair docker docker-image docker-scanner golang oci oci-image oci-scanner scan-images security security-scanner security-tools security-vulnerability trivy vilicus
Last synced: 01 Nov 2024
https://github.com/praveensirvi1212/DevOps_MasterPiece-CI-with-Jenkins
DevOps-MasterPiece Project using Git, GitHub, Jenkins, Maven, JUnit, SonarQube, Jfrog Artifactory, Docker, Trivy, AWS S3, Docker Hub, GitHub CLI, EKS, ArgoCD, Prometheus, Grafana, Slack and Hashicorp Vault
argocd artifactory cicd docker git github grafana java jenkins kubernetes prometheus slack sonarqube trivy
Last synced: 09 Dec 2024
https://github.com/crazy-max/ghaction-container-scan
GitHub Action to check for vulnerabilities in your container image
docker github-actions sarif-report security-tools trivy vulnerability-scanners
Last synced: 20 Dec 2024
https://github.com/mchmarny/vimp
Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures.
artifact container cve gcp grype registry snyk trivy vulnerability
Last synced: 08 Nov 2024
https://github.com/praveensirvi1212/devops_masterpiece-ci-with-jenkins
DevOps-MasterPiece Project using Git, GitHub, Jenkins, Maven, JUnit, SonarQube, Jfrog Artifactory, Docker, Trivy, AWS S3, Docker Hub, GitHub CLI, EKS, ArgoCD, Prometheus, Grafana, Slack and Hashicorp Vault
argocd artifactory cicd docker git github grafana java jenkins kubernetes prometheus slack sonarqube trivy
Last synced: 18 Nov 2024
https://github.com/thriving-dev/java-library-template
🎨 Java library template • Gradle Kotlin DSL • GitHub Actions CI/CD to build, release & publish to Maven Central • Renovate • Trivy • Javadoc (Pages) • Issue & PR Templates
github-actions github-pages github-template github-templates gradle gradle-kotlin-dsl gradle-multi-project gradle-publish gradle-release java java-library javadoc library maven-central renovate repository-template template trivy trivy-scan
Last synced: 10 Nov 2024
https://github.com/akihirosuda/vexllm
silence negligible CVE alerts using LLM
Last synced: 27 Oct 2024
https://github.com/hnts/vulnerability-exporter
A Prometheus Exporter for managing vulnerabilities in kubernetes by using trivy
kubernetes prometheus prometheus-exporter trivy vulnerability-management
Last synced: 26 Oct 2024
https://github.com/k1low/trivy-db-to
trivy-db-to is a tool for migrating/converting vulnerability information from Trivy DB to other datasource.
migration-tool mysql postgresql trivy
Last synced: 01 Nov 2024
https://github.com/snigdhasambitak/cks
Practice questions for Certified Kubernetes Security Specialist (CKS) exam
apparmor audit-log cks falco kube-bench kubernetes opa runsc trivy
Last synced: 15 Oct 2024
https://github.com/adrianliechti/devkube
Bootstrap Kubernetes with Batteries Included - locally or in the cloud
aks aws azure cert-manager cloud devex devops digitalocean eks grafana kubernetes linkerd linode loki prometheus tekton tempo trivy vault vultr
Last synced: 13 Nov 2024
https://github.com/sighupio/trivy-offline
Trivy offline builder. Fits perfectly in your CI System
cicd drone hacktoberfest quay sdlc security trivy
Last synced: 17 Nov 2024
https://github.com/m-mizutani/vulnivore
GitHub issue manager from vulnerability scan results for private repositories
go sarif security trivy vulnerability-management
Last synced: 11 Nov 2024
https://github.com/jz543fm/kali-dockerized
Kali Linux in Docker + Ubuntu 22.04 in Docker for Bug Bounty, Penetration Testing, Security Research, Computer Forensics and Reverse Engineering. Kali Linux inside with Docker with or without support with systemd, repository also contains Proof of Concept with kind (Kubernetes in Docker) to test Kali Linux with enabled systemd in K8s cluster
bug-bounty buildkit computer-forensics cybersecurity docker docker-compose docker-kali-linux dockerfile kali kali-linux makefile pentesting-tools security-tools security-vulnerability systemd trivy ubuntu vulnerability-detection vulnerability-scanners
Last synced: 09 Nov 2024
https://github.com/lreimer/clean-infrastructure-as-code
Repository with code and demos for my talk "Clean Infrastructure as Code"
clean-architecture clean-code container-structure-test devops docker infrastructure infrastructure-as-code inspec kubernetes snyk terraform terragrunt terratest testing tflint trivy
Last synced: 20 Nov 2024
https://github.com/turbot/steampipe-plugin-trivy
Use SQL to instantly query advisories, vulnerabilities, packages, findings and more using Trivy. Open source CLI. No DB required.
backup etl hacktoberfest postgresql postgresql-fdw sql sqlite steampipe steampipe-plugin trivy zero-etl
Last synced: 08 Nov 2024
https://github.com/aleksandr-kotlyar/python_and_gitlab
Examples of gitlab-ci jobs, pytest slack integration, pylint-check jobs, gitlab-artifacts, parametrization-tests, multithread execution for methods, sitemap checking links status. Mirrored from gitlab.
allure allure-report azure-pipelines bandit gitlab gitlab-ci gitlabci multithread parametrization-tests pylint pytest python safety security-audit sitemap-checking slack slack-integration test-parametrization trivy
Last synced: 11 Oct 2024
https://github.com/emirhandogandemir/software-supply-chain-security-java
This repo contains the technology stack and its usage for software supply chain security of a Java application
cosign dependency-scanning helm image-scanning jib-maven-plugin kyverno sbom sonarqube supply-chain-security trivy
Last synced: 08 Nov 2024
https://github.com/lreimer/secure-devex22
Demo repository for my talk at the Heise Developer Experience 2022 conference.
checkov clean-code code-quality devsecops docker kubernetes lint security security-tools snyk sonarqube static-analysis terraform tilt trivy zap-api
Last synced: 20 Nov 2024
https://github.com/lpsm-dev/azure-pipelines
✨ Azure DevOps Pipeline - Docker Build, Trivy Scan, Secret Detection, Sonar, Kubernetes Deploy and others Steps
app-service azure azure-pipelines build commit-lint deploy docker gitleaks kubernetes pipeline sonarqube trivy
Last synced: 09 Nov 2024
https://github.com/edersonbrilhante/vilicus-github-action
GitHub Action to use Vilicus in your GitHub workflow
anchore cicd clair docker-image docker-scanner github-actions oci-image scan-images security security-scanner security-tools security-vulnerability trivy vilicus
Last synced: 09 Nov 2024
https://github.com/zufardhiyaulhaq/asdf-trivy
Trivy plugin for the asdf version manager
asdf asdf-plugin security security-tools trivy
Last synced: 14 Nov 2024
https://github.com/dirien/trivy-plugin-ui
Simple Trivy UI plugin written in Rust
Last synced: 13 Oct 2024
https://github.com/ruzickap/popular-containers-vulnerability-checks
Vulnerabilities in popular container images
check container docker docker-image image popular trivy vulnerability
Last synced: 13 Oct 2024
https://github.com/edersonbrilhante/vilicus-gitlab
GitLab CI Template to use Vilicus in your GitLab Pipelines
anchore cicd clair docker-image docker-scanner gitlab-template oci-image scan-images security security-scanner security-tools security-vulnerability trivy vilicus
Last synced: 09 Nov 2024
https://github.com/darkwizard242/ansible-role-trivy
Ansible role for Trivy. Available on Ansible Galaxy.
ansible ansible-galaxy ansible-role container-security system trivy vulnerability-detection
Last synced: 27 Oct 2024
https://github.com/flavienbwk/trivy-docker-compose
Deployment-ready docker configuration and instructions to use Trivy on your infrastructure and CIs.
ci docker docker-compose gitlab offline-capable trivy vulnerability-scanners
Last synced: 30 Nov 2024
https://github.com/ryosukedtomita/devsecops-demo-aws-ecs
GITHUB ACTIONS and devsecops tools document and demo.
aqua devsecops ghalint github-comment github-pages githubactions semgrep trivy
Last synced: 16 Nov 2024
https://github.com/arup-g/url-shortener-with-go
URL shortener application, utilizing MongoDB for the database, Go for the backend, and HTML/CSS/JavaScript for the frontend. The CI/CD pipeline is managed with Jenkins, and security analysis is conducted using Trivy, Sonarqube. The application is built and pushed to AWS ECR and deployed on EKS using Helm charts.
aws-ecr aws-eks-cluster cloudformation docker docker-compose golang helm-charts html jenkins kubernetes mongodb sonarqube trivy
Last synced: 13 Oct 2024
https://github.com/schnatterer/cks-short-tips
Five short tips for passing the CKS exam (Certified Kubernetes Security Specialist)
apparmor certified-kubernetes-security-specialist cks etcd falco k8s kube-apiserver kube-bench kubectl kubernetes kubesec opa open-policy-agent psa seccomp security trivy
Last synced: 13 Nov 2024
https://github.com/mmul-it/trivy-admission-webhook
Python Kubernetes Admission webhook using Trivy
admission-controller admission-webhook container container-image docker kubernetes kubernetes-webhook trivy
Last synced: 09 Nov 2024
https://github.com/odennav/server-health-monitoring-observability
Implement CI/CD pipeline for automated monitoring of linux machines and send system resource-usage updates to Slack for real-time observability
ansible ansible-playbook ansible-role cpu-monitoring disk-usage docker gogs health-check ipmitool jenkins load-testing memory-management slack sonarqube trivy
Last synced: 13 Oct 2024
https://github.com/sugam-arora/zomeal
Welcome to Zomeal, your ultimate culinary guide! Discover the finest eateries and hidden gems in your city with Zomeal. Whether you're craving a quick bite or a gourmet experience, Zomeal connects you to flavors that delight and dishes that inspire. Embark on a delicious journey with us and elevate your dining adventures!
devops devsecops devsecops-pipeline docker git jenkins kubernetes nodejs npm owasp sonarqube trivy zomato zomatoclone
Last synced: 10 Oct 2024
https://github.com/ruzickap/container-build
Container build repository
container containers cosign docker docker-image image pipeline scan security trivy
Last synced: 27 Nov 2024
https://github.com/pirate-emperor/azure-netflix
Azure-Netflix: A DevSecOps CI/CD pipeline project that builds, tests, and deploys a Netflix-inspired web app on Azure. Features Jenkins automation, SonarQube analysis, Docker, security scans with Trivy and OWASP, and deployment via Kubernetes, Prometheus, and Grafana.
azure ci-cd devops docker grafana jenkins kubernetes owasp prometheus sonarqube terraform trivy web-application
Last synced: 21 Dec 2024
https://github.com/lpsm-dev/personal-resume
🦑 [Portifolio] - This is a simples npm package of my personal resume in a CLI way
cli docker github js node nodejs npm personal resume resume-app resume-builder trivy
Last synced: 09 Nov 2024
https://github.com/dsrathore1/blog-website-using-devops-practices
📝 My Awesome Blog Website: A cutting-edge platform built with Kubernetes, Docker, Next.js, and PostgreSQL, ensuring secure and scalable sharing of thoughts and ideas. ✨ Join the conversation and explore captivating content in a seamless browsing experience!
blog blog-website devops devops-tools docker docker-compose expressjs github github-actions good-first-issue javascript js json k8s kubernetes nextjs open-source reactjs trivy trivy-scan
Last synced: 08 Nov 2024
https://github.com/htekgulds/trivy-dashboard
Simple GUI for the Kubernetes Reports Trivy Operator Generates
dashboard kubernetes nextjs react trivy trivy-operator vulnerability
Last synced: 16 Nov 2024
https://github.com/vsingh55/devsecops-pipeline-pro
DevSecOps Pipeline Pro ensures secure, automated, and continuously monitored CI/CD processes on GCloud. It integrates security by design, leverages automation through Jenkins and Docker, and employs continuous monitoring with Prometheus and Grafana to maintain application and infrastructure health.
automation devsecops docker dockerhub gcp gmail graphana kubernetes prometheus security sonarqube terraform trivy
Last synced: 27 Nov 2024
https://github.com/bjwrd/ci-cd
Including CICD Pipeline Deployments
cicd docker flask jenkins kubernetes trivy
Last synced: 30 Nov 2024
https://github.com/bjwrd/docker
Including Docker Deployments
docker docker-compose docker-secrets docker-swarm dockerfile mysql python ssl trivy
Last synced: 30 Nov 2024
https://github.com/bjwrd/docker-mysql-backups
docker docker-secrets mysql trivy
Last synced: 30 Nov 2024
https://github.com/bjwrd/cicd-docker-wordpress-pipeline
CI/CD Docker Wordpress Pipeline
cicd docker docker-compose jenkins trivy trivy-scan wordpress
Last synced: 30 Nov 2024
https://github.com/odennav/boardgame-devops-pipeline-project
DevSecOps Pipeline with Jenkins for the Boardgame app
aws-ec2 cert-manager devops devsecops docker gitops grafana jenkins jenkinsfile kubeadm kubeaudit kubernetes metallb nexus prometheus sonarqube terraform traefik trivy
Last synced: 06 Dec 2024
https://github.com/vsingh55/3-tier-architecture-deployment-across-multiple-environments
Project demonstrating the deployment of the YelpCamp(3-tier architechture) application across various environments, deployment process covering local, containerized, and Azure Kubernetes Service (AKS) .
3tierdeployment aks-kubernetes-cluster azure cloudinary docker java-app jenkins-pipeline mapbox mongodb-atlas multienviroment multienvironment scripts sonarqube terraform-module terraform-workspaces trivy
Last synced: 13 Oct 2024
https://github.com/bodsch/ansible-trivy
ansible role to install trivy
ansible ansible-role automation trivy trivy-scan
Last synced: 11 Nov 2024
https://github.com/githubfoam/trivy-pipeline
trivy image scan
container-diff docker image-scanner static-analysis trivy vulnerability-scanner
Last synced: 11 Dec 2024
https://github.com/vishsig/devsecops-3tier-ci-cd
This project features a robust CI/CD pipeline designed for a 3-tier application that supports CRUD (Create, Read, Update, Delete) operations. The pipeline automates the security, build, testing, and deployment processes, ensuring seamless delivery of features and enhancements.
aws deployment-automation devops devsecops docker javascript jenkins kubernetes mongodb sonarqube trivy
Last synced: 13 Oct 2024
https://github.com/chrisdc777/devsecops-inic
This project demonstrates setting up a DevSecOps CI/CD pipeline using Jenkins, Docker, Terraform, and Azure for deploying a web application, with SonarQube and Prometheus for quality assurance and monitoring.
aks azure docker dockerfile github grafana jenkins kubernetes owasp prometheus sonarqube terraform trivy web-app
Last synced: 20 Dec 2024
https://github.com/itzzjb/gh-actions-ci-cd-pipelines
Building multiple CI CD pipleines for a basic react application
ci-cd dockerhub ec2 ecr github-security nginx trivy
Last synced: 21 Nov 2024
https://github.com/vishsig/devops-3-tier-ci-cd
This project features a robust CI/CD pipeline designed for a 3-tier application that supports CRUD (Create, Read, Update, Delete) operations. The pipeline automates the build, testing, and deployment processes, ensuring seamless delivery of features and enhancements.
blackbox-exporter docker grafana jenkins kubernetes maven prometheus sonarqube trivy trivy-scan
Last synced: 11 Oct 2024
https://github.com/ks6088ts/template-go
A GitHub template repository for Go
cobra docker go golangci-lint hadolint trivy
Last synced: 09 Nov 2024
https://github.com/aleroxac/dockerfiles
Badass base container images to be used in any project.
docker dockerfile github-actions hadolint kics trivy
Last synced: 16 Nov 2024
https://github.com/fwesleycosta/reusable-actions
Repository where all pipelines will be stored for reuse in other projects
docker sonarqube terraform trivy
Last synced: 11 Oct 2024
https://github.com/mysticrenji/aws-exploration
Repository contains my tryouts with EKS with OSS security tools - Trivy, Kube-bench, Falco
aws csi-driver eks falco kube-bench kubernetes ssm terraform trivy
Last synced: 07 Nov 2024
https://github.com/whatdeepak/starbucks-clone
A secure, automated DevSecOps pipeline for deploying a Starbucks Clone on AWS, featuring Jenkins CI/CD, SonarQube quality checks, and container security with Trivy and Docker Scout.
aws devsecops docker docker-scout jenkins owasp sonarqube trivy
Last synced: 10 Nov 2024
https://github.com/kimgoetzke/practice-basic-ci
Practice project with a basic CI pipeline using GitHub Actions, Gradle, Java (with Spring Boot, Junit & Jacoco), Trivy and Docker.
ci docker github-actions gradle-enterprise trivy
Last synced: 18 Nov 2024
https://github.com/yahialm/cicd-pipeline-with-jenkins-argocd-sonar-and-k8s
Full implementation of a CI/CD pipeline using Jenkins for Continuous integration and ArgoCD to keep the software product in a deployable state. The project was done locally on VirtualBox and a K3s cluster setup manually on Ubuntu Server VMs.
argocd build-automation cicd devops devsecops docker gitops jenkins owasp-dependencycheck sonarqube spring-boot test-automation trivy
Last synced: 20 Dec 2024
https://github.com/ozeranskii/image-vuln-scanner
A CLI tool for scanning Docker images for vulnerabilities using Trivy and Grype.
cli grype k8s security security-tools trivy vulnerability vulnerability-scanners
Last synced: 19 Dec 2024
https://github.com/githubfoam/docker-vuln-scanner
docker vulnerability scanner
blackduck clair docker inspection klar trivy vulnerability vulnerability-detection vulnerability-scanners
Last synced: 11 Dec 2024
https://github.com/daoud-hussain/cicd-todo-application
A complete Jenkins CI/CD Pipeline of a Full-Stack to-do Application.
docker jenkins owasp-dependencycheck sonarqube trivy
Last synced: 22 Nov 2024
https://github.com/yousabu/devsecops-project
DevSecOps Project to setup Netflix clone on AWS using CICD, Security, Monitoring and GitOps
docker eks-cluster jenkins owasp trivy
Last synced: 05 Nov 2024
https://github.com/devwithkrishna/create-jenkins-docker-image-and-publish-periodically
Create jenkins docker images and build them periodicaly and scan using trivy
configuration-as-code docker dockerfile dockerhub groovy jenkins plugins trivy
Last synced: 10 Oct 2024
https://github.com/mohdumair8896/netflix-clone
DevSecOps Project to setup Netflix clone on AWS using CICD, Security, Monitoring and GitOps
argocd aws aws-cli aws-ec2 aws-security-group devsecops docker grafana helm jenkins-pipeline kubernetes prometheus sonarqube trivy
Last synced: 22 Nov 2024
https://github.com/jitesoft/docker-trivy
Docker image with alpine linux and trivy - https://github.com/aquasecurity/trivy
containers dependency docker dockerfile dockerimage hacktoberfest image scanning security trivy
Last synced: 09 Nov 2024
https://github.com/chetanthapliyal/3-tier-architecture-deployment-gke
Deploying a YelpCamp application (a full-stack website for campground reviews) across various environments (local,docker,GKE) using Cloud DevOps practices.
bash docker gcp git gke jenkins kubernetes node-js shell-scripts sonarqube terraform trivy
Last synced: 06 Dec 2024
https://github.com/kemokemo/try-trivy
This repo tries to execute trivy on the circle-ci.
Last synced: 06 Nov 2024
