Pinned Repositories
grype
A vulnerability scanner for container images and filesystems
syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
allwrite-docs
A low latency documentation API powered by Google Drive and Go.
awsmfa
A tool for enabling AWS CLI operations that require MFA
comprise
A replacement for Docker Compose (kind of), adds support for pods, written in Go
example-container-image-supply-chain-security
Example repository that demonstrates a supply chain security workflow using Syft, Grype, Cosign
funky
A Go (golang) linter that finds mutations.
ranchars
Generates a string of random characters that satisfies a set of specified criteria, of a specified length
reach
A static network verification tool for AWS
luhring's Repositories
luhring/reach
A static network verification tool for AWS
luhring/anchore-vulnerability-match-labels
Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners
luhring/apko
Build OCI images using APK directly without Dockerfile
luhring/chainguard-github
Default files to be used for any public repository under the chainguard-dev organization.
luhring/chainguard-image-rumble
Data collection for base image CVEs etc.
luhring/chainguard-images
Public Chainguard Images
luhring/cosign
Container Signing
luhring/dive
A tool for exploring each layer in a docker image
luhring/go-apk
native go library for installation and management of apk packages
luhring/gobump
Go tool to declaratively bump dependencies.
luhring/golang-vuln
[mirror] the database client and tools for the Go vulnerability database
luhring/grype
A vulnerability scanner for container images and filesystems
luhring/grype-db
luhring/ko
Build and deploy Go applications
luhring/maxcve
luhring/melange
build APKs from source code
luhring/openvex-community
OpenVEX project community documentation
luhring/osvdb
Consume OSV data, build a vulnerability database, query the database
luhring/sbom-action
GitHub Action for creating software bill of materials using Syft.
luhring/syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
luhring/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
luhring/trivy-db
luhring/trivy-vuln-list-update
luhring/vexctl
A tool to create, transform and attest VEX metadata
luhring/vunnel
Tool for collecting vulnerability data from various sources (used to build the grype database)
luhring/wolfi-advisories
Security advisory data for Wolfi
luhring/wolfi-os
Main package repository for production Wolfi images
luhring/wolfi-secdb
Tool for generating Wolfi security databases
luhring/wolfictl
A CLI used to work with the Wolfi OSS project
luhring/yam
A sweet little formatter for YAML