ENNAENNA

Grype

Apache-2.0

Vulnerability Scanning · Go

Grype is a vulnerability scanner for container images and filesystems that identifies known vulnerabilities by matching installed packages against CVE databases. It provides detailed reports and integrates with SBOM to enhance software supply chain security. Grype's capabilities in scanning and its focus on container security make it an essential tool for DevOps teams and security professionals. Its support for multiple image formats and package managers broadens its applicability in modern development workflows.

12.0kstars
782forks
390issues
Updated 1d ago
🐳 Docker Ready
View on GitHub

Tags

container-securitycve-scanningsbomimage-scanningcontainer-imagecontainerscyclonedxdockergogolanghacktoberfestociopenvexsecuritystatic-analysistoolvexvulnerabilitiesvulnerability

Details

Category
Vulnerability Scanning
Language
Go
Repository
anchore/grype
License
Apache-2.0
Platforms
🐧linux🍎macos🪟windows

Links

GitHub Repository

github.com/anchore/grype

Releases

github.com/anchore/grype/releases

Issues

github.com/anchore/grype/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Used in 1 Workflow

📦

Container & Kubernetes Pentest

Advanced · 6 steps · 3-6 hours

Community Reviews

No reviews yet. Be the first to review Grype.

Alternatives & Comparisons

Falco

C++

Cloud-native runtime security. Detects threats in containers, Kubernetes, and Linux hosts using system call monitoring and custom rules.

Compare Grype vs Falco

Dockle

Go

Container image linter. Checks Docker images for security best practices, CIS benchmarks, and Dockerfile misconfigurations.

Compare Grype vs Dockle

Syft

Go

Software Bill of Materials generator. Creates SBOMs from container images and filesystems in SPDX and CycloneDX formats.

Compare Grype vs Syft

OSV-Scanner

Go

Google's dependency vulnerability scanner using the OSV.dev database across multiple language ecosystems.

Compare Grype vs OSV-Scanner

More in Vulnerability Scanning

Nuclei

Go

Fast vulnerability scanner driven by YAML templates. Thousands of community-contributed detection templates.

template-basedcvemisconfig

sqlmap

Python

Automatic SQL injection and database takeover tool. Detects and exploits SQL injection flaws.

sql-injectiondatabaseautomated

WPScan

Ruby

WordPress security scanner. Enumerates plugins, themes, users, and checks for known vulnerabilities.

wordpressplugin-enumcve

OpenVAS

C

Full-featured vulnerability scanner. 50,000+ NVTs, credentialed scanning, compliance checks.

enterprisenvtcompliance

XSStrike

Python

Advanced XSS detection suite. Fuzzing engine, context analysis, and WAF detection/bypass capabilities.

xsswaf-bypassfuzzing

Commix

Python

Automated OS command injection exploitation tool. Tests web apps for command injection vulnerabilities.

command-injectionautomatedweb-app