Repositories list

• cve-data-enrichment

  Public
  Creative Commons Zero v1.0 Universal

  •9•15•1•1•Updated Sep 19, 2025Sep 19, 2025

• grype-db

  Public
  sqlitevulnerabilityhacktoberfest+ 1grype

  Go

  •

  Apache License 2.0

  •27•54•12•12•Updated Sep 19, 2025Sep 19, 2025

• nvd-data-overrides

  Public
  Python

  •

  Creative Commons Zero v1.0 Universal

  •6•47•1•3•Updated Sep 19, 2025Sep 19, 2025

• scan-action

  Public
  Anchore container analysis and scan provided as a GitHub Action

  actionsgithub-actionsworkflow+ 3vulnerabilitiespolicy-evaluationanchore-engine

  JavaScript

  •

  MIT License

  •81•254•18•1•Updated Sep 19, 2025Sep 19, 2025

• enterprise-client-go

  Public
  Go client for Enterprise API (Not Officially Supported)

  Mustache

  •

  Apache License 2.0

  •2•3•0•2•Updated Sep 19, 2025Sep 19, 2025

• .github

  Public
  Anchore, Inc

  github-profilegithub-profile-readme

  0•1•0•0•Updated Sep 19, 2025Sep 19, 2025

• oss-docs

  Public
  Anchore OSS Documentation

  JavaScript

  •

  Apache License 2.0

  •1•2•3•3•Updated Sep 18, 2025Sep 18, 2025

• syft

  Public
  CLI tool and library for generating a Software Bill of Materials from container images and filesystems

  godockergolang+ 8toolcontainersstatic-analysisocispdxhacktoberfestsbom+ 1

  Go

  •

  Apache License 2.0

  •703•7.6k•453•42•Updated Sep 18, 2025Sep 18, 2025

• grant

  Public
  A license scanner for container images and filesystems.

  golangstatic-analysiscompliance+ 2licensesbom

  Go

  •

  Apache License 2.0

  •8•106•26•0•Updated Sep 18, 2025Sep 18, 2025

• vulnerability-data-tools

  Public
  Python

  •

  Apache License 2.0

  •4•15•3•2•Updated Sep 18, 2025Sep 18, 2025

• grype

  Public
  A vulnerability scanner for container images and filesystems

  godockergolang+ 12securitytoolcontainersstatic-analysisocivulnerabilityvex+ 5

  Go

  •

  Apache License 2.0

  •688•11k•300•31•Updated Sep 18, 2025Sep 18, 2025

• chronicle

  Public
  a fast changelog generator sourced from PRs and Issues

  githubgolangchangelog+ 2hacktoberfestchangelog-generator

  Go

  •

  Apache License 2.0

  •5•63•14•12•Updated Sep 18, 2025Sep 18, 2025

• quill

  Public
  Simple mac binary signing from any platform

  macapplesigning+ 8binarydarwinmachohacktoberfestcodesigningcodesignnotarization+ 1

  Go

  •

  Apache License 2.0

  •16•455•14•6•Updated Sep 18, 2025Sep 18, 2025

• binny

  Public
  Manage a directory of binaries without a package manager

  package-managerbinaryhacktoberfest+ 2github-releasego-installer

  Go

  •

  Apache License 2.0

  •4•40•6•1•Updated Sep 18, 2025Sep 18, 2025

• homebrew-grant

  Public
  Ruby

  •

  Apache License 2.0

  •0•1•0•0•Updated Sep 18, 2025Sep 18, 2025

• canonical-ubuntu-24.04-lts-stig-baseline

  Public
  (WIP) InSpec profile to validate the secure configuration of Ubuntu 22.04, against DISA's Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide (STIG) Version 1, Release 1

  Ruby

  •

  Other

  •2•0•0•0•Updated Sep 17, 2025Sep 17, 2025

• vunnel

  Public
  Tool for collecting vulnerability data from various sources (used to build the grype database)

  datavulnerabilityhacktoberfest+ 1grype

  Python

  •

  Apache License 2.0

  •43•102•32•16•Updated Sep 17, 2025Sep 17, 2025

• redhat-enterprise-linux-9-stig-baseline

  Public
  RHEL 9.X STIG Automated Compliance Validation Profile works with Chef InSpec to perform automated compliance checks of RHEL9.

  Ruby

  •

  Other

  •5•0•0•0•Updated Sep 17, 2025Sep 17, 2025

• redhat-enterprise-linux-8-stig-baseline

  Public
  RHEL 8.X STIG Automated Compliance Validation Profile works with Chef InSpec to perform automated compliance checks of RHEL8.

  Ruby

  •

  Other

  •5•0•0•0•Updated Sep 17, 2025Sep 17, 2025

• apache-tomcat-9.x-stig-baseline

  Public
  InSpec profile for Apache Tomcat 9.x STIG

  Ruby

  •

  Other

  •4•0•0•0•Updated Sep 17, 2025Sep 17, 2025

• anchore-charts

  Public
  Helm charts for Anchore tools and services

  kubernetessecurityhelm+ 2helm-chartssecurity-vulnerability-assessment

  Python

  •

  Apache License 2.0

  •73•49•24•9•Updated Sep 16, 2025Sep 16, 2025

• sbom-action

  Public
  GitHub Action for creating software bill of materials using Syft.

  TypeScript

  •

  Apache License 2.0

  •33•201•12•2•Updated Sep 16, 2025Sep 16, 2025

• stereoscope

  Public
  go library for processing container images and simulating a squash filesystem

  gocontainerhacktoberfest+ 3squashfscontainer-imagegolang

  Go

  •

  Apache License 2.0

  •50•97•20•6•Updated Sep 15, 2025Sep 15, 2025

• fangs

  Public
  Go

  •

  Apache License 2.0

  •2•16•1•5•Updated Sep 15, 2025Sep 15, 2025

• homebrew-grype

  Public
  homebrew tap for grype

  Ruby

  •

  Apache License 2.0

  •2•0•0•1•Updated Sep 15, 2025Sep 15, 2025

• homebrew-syft

  Public
  homebrew tap for syft

  Ruby

  •

  Apache License 2.0

  •0•2•1•1•Updated Sep 15, 2025Sep 15, 2025

• canonical-ubuntu-22.04-lts-stig-baseline

  Public
  (WIP) InSpec profile to validate the secure configuration of Ubuntu 22.04, against DISA's Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide (STIG) Version 1, Release 1

  Ruby

  •

  Other

  •2•0•0•0•Updated Sep 15, 2025Sep 15, 2025

• clio

  Public
  An easy way to bootstrap your application with batteries included.

  gocligolang+ 6loggerviperevent-bushacktoberfestcobrabubbletea

  Go

  •

  Apache License 2.0

  •7•12•2•10•Updated Sep 15, 2025Sep 15, 2025

• go-logger

  Public
  Go

  •

  Apache License 2.0

  •2•2•4•2•Updated Sep 15, 2025Sep 15, 2025

• yardstick

  Public
  Compare vulnerability scanners results (to make them better!)

  vulnerabilityhacktoberfestvulnerability-scanners+ 1grype

  Python

  •

  Apache License 2.0

  •6•22•6•9•Updated Sep 15, 2025Sep 15, 2025