GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → snyk → Snyk

snyk / Snyk

Licence: other
Snyk CLI scans and monitors your projects for security vulnerabilities.

Programming Languages

typescript
32286 projects
javascript
184084 projects - #8 most used programming language
shell
77523 projects
Roff
2310 projects
ruby
36898 projects - #4 most used programming language
C#
18002 projects

Labels

securitymonitorvulnerabilitiessnyk

Projects that are alternatives of or similar to Snyk

serverless-snyk
Serverless plugin for securing your dependencies with Snyk
Stars: ✭ 40 (-98.9%)
Mutual labels:  vulnerabilities, snyk
snyk-maven-plugin
Test and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.
Stars: ✭ 64 (-98.24%)
Mutual labels:  vulnerabilities, snyk
i3-workscreen
In i3wm compatible manner - dynamically re-configures your (multi)-monitor setup on the fly when you hotplug/unplug display cabel(s)
Stars: ✭ 29 (-99.2%)
Mutual labels:  monitor
Nagstamon
Nagios status monitor for your desktop.
Stars: ✭ 270 (-92.59%)
Mutual labels:  monitor
OpenVAS-Docker
A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)
Stars: ✭ 16 (-99.56%)
Mutual labels:  vulnerabilities
hawk-eye
前端监控:定时监控站点渲染情况,记录异常并保存截图: puppeteer, thinkjs,mongodb,headless-chrome,vuejs
Stars: ✭ 88 (-97.58%)
Mutual labels:  monitor
Bug Monitor
Seebug、structs、cve漏洞实时监控推送系统🔦
Stars: ✭ 257 (-92.95%)
Mutual labels:  monitor
tmo-live-graph
A simpe react app that plots a live view of the T-Mobile Home Internet Nokia 5G Gateway signal stats, helpful for optimizing signal.
Stars: ✭ 15 (-99.59%)
Mutual labels:  monitor
Android Vulnerabilities Overview
An small overview of known Android vulnerabilities
Stars: ✭ 282 (-92.26%)
Mutual labels:  vulnerabilities
alarm-dog
哮天犬是一个通用的统一告警平台,提供配置化、流程化、标准化的能力,支持多种告警通知渠道,支持告警收敛、过滤、升级、工作流、自动恢复等功能,实现统一输入、不同输出。可以对接Grafana、阿里云Arms、实时计算等监控能力,各业务也可以直接在代码中埋点上报告警,也可以定制化开发,实现监控告警全场景覆盖。https://tal-tech.github.io/alarm-dog-docs
Stars: ✭ 165 (-95.47%)
Mutual labels:  monitor
Dvws
OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.
Stars: ✭ 267 (-92.67%)
Mutual labels:  vulnerabilities
Charles-Proxy-Mobile-Guide
The mobile hackers' guide to Charles Proxy 👍
Stars: ✭ 105 (-97.12%)
Mutual labels:  monitor
clusterfuzzlite
ClusterFuzzLite - Simple continuous fuzzing that runs in CI.
Stars: ✭ 315 (-91.35%)
Mutual labels:  vulnerabilities
Bistoury
Bistoury是去哪儿网的java应用生产问题诊断工具,提供了一站式的问题诊断方案
Stars: ✭ 3,198 (-12.22%)
Mutual labels:  monitor
qctf-school-2018
QCTF School 2018. Developed with ♥ by Hackerdom team
Stars: ✭ 13 (-99.64%)
Mutual labels:  vulnerabilities
Adminset
自动化运维平台:CMDB、CD、DevOps、资产管理、任务编排、持续交付、系统监控、运维管理、配置管理
Stars: ✭ 2,985 (-18.06%)
Mutual labels:  monitor
Shark
Shark is an open source algorithmic trading platform. It alerts traders to specific items of interest and can execute trades based on those interests.
Stars: ✭ 19 (-99.48%)
Mutual labels:  monitor
Writeups
This repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-98.33%)
Mutual labels:  vulnerabilities
Kube Hunter
Hunt for security weaknesses in Kubernetes clusters
Stars: ✭ 3,399 (-6.7%)
Mutual labels:  vulnerabilities
Meerkat
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Stars: ✭ 284 (-92.2%)
Mutual labels:  monitor
View All Similar Projects ➔

Snyk CLI

Snyk scans and monitors your projects for security vulnerabilities.

Snyk CLI screenshot

What is Snyk?

Snyk is a developer-first cloud-native security tool. It covers multiple areas of application security:

  1. Snyk Open Source: Find and automatically fix open source vulnerabilities
  2. Snyk Code: Find and fix vulnerabilities in your application code in real time
  3. Snyk Container: Find and fix vulnerabilities in container images and Kubernetes applications
  4. Snyk Infrastructure as Code: Find and fix insecure configurations in Terraform and Kubernetes code

Learn more about what Snyk can do and sign up for a free account »

What is Snyk CLI?

Snyk CLI brings the functionality of Snyk into your development workflow. It can be run locally or in your CI/CD pipeline to scan your projects for security issues.

Supported languages and tools

Snyk supports many languages and tools, including Java, .NET, JavaScript, Python, Golang, PHP, C/C++, Ruby, Scala and more. See our Language Support documentation.

CLI also supports Docker scanning and Terraform, k8s and other Infrastructure as Code files scanning.

Install Snyk CLI

Snyk CLI can be installed through multiple channels.

Install with npm or Yarn

Snyk CLI is available as an npm package. If you have Node.js installed locally, you can install it by running:

npm install snyk@latest -g

or if you are using Yarn:

yarn global add snyk

More installation methods

Standalone executables (macOS, Linux, Windows)

Standalone executables

Use GitHub Releases to download a standalone executable of Snyk CLI for your platform.

We also provide these standalone executables on our official CDN. See the release.json file for the download links:

https://static.snyk.io/cli/latest/release.json

# Or for specific version or platform
https://static.snyk.io/cli/v1.666.0/release.json
https://static.snyk.io/cli/latest/snyk-macos

For example, to download and run the latest Snyk CLI on macOS, you could run:

curl https://static.snyk.io/cli/latest/snyk-macos -o snyk
chmod +x ./snyk
mv ./snyk /usr/local/bin/

You can also use these direct links to download the executables:

Drawback of this method is, that you will have to manually keep the Snyk CLI up to date.

Install with Homebrew (macOS, Linux)

Homebrew

Install Snyk CLI from Snyk tap with Homebrew by running:

brew tap snyk/tap
brew install snyk
Scoop (Windows)

Scoop

Install Snyk CLI from our Snyk bucket with Scoop on Windows:

scoop bucket add snyk https://github.com/snyk/scoop-snyk
scoop install snyk
Snyk CLI in a Docker image

Snyk CLI in a Docker image

Snyk CLI can also be run from a Docker image. Snyk offers multiple Docker images under snyk/snyk-cli and snyk/snyk (snyk/images on GitHub for more details).

These images wrap the Snyk CLI and depending on the Tag come with a relevant tooling for different projects. For example scanning a Gradle project with snyk/snyk-cli:

docker run -it
    -e "SNYK_TOKEN=<TOKEN>"
    -e "USER_ID=1234"
    -v "<PROJECT_DIRECTORY>:/project"
    -v "/home/user/.gradle:/home/node/.gradle"
  snyk/snyk-cli:gradle-5.4 test --org=my-org-name

Install as a part of a Snyk CLI integration

Snyk also offers many integrations into developer tooling. These integrations will install and manage the Snyk CLI for you. For example:

Snyk CLI IDE integration

Getting started with Snyk CLI

Once you installed the Snyk CLI, you can verify it's working by running

snyk --version

Authorization

Snyk CLI depends on Snyk.io APIs. Connect your Snyk CLI with Snyk.io by running:

snyk auth

Scanning your project

If you are already in a folder with a supported project, start by running:

snyk test

Or scan a Docker image by its tag with Snyk Container:

snyk container test ubuntu:18.04

Or a k8s file:

snyk iac test /path/to/kubernetes_file.yaml

Monitoring your project

Snyk can also monitor your project periodically and alert you for new vulnerabilities. The snyk monitor is similar to snyk test and can be used to create a project on the Snyk website that will be continuously monitored for new vulnerabilities.

Snyk CLI monitor projects 

> snyk monitor
Monitoring /project (project-name)...

Explore this snapshot at https://app.snyk.io/org/my-org/project/29361c2c-9005-4692-8df4-88f1c040fa7c/history/e1c994b3-de5d-482b-9281-eab4236c851e

Notifications about newly disclosed issues related to these dependencies will be emailed to you.

Add Snyk to your CI/CD

Snyk is really powerful when you are continuously scanning and monitoring your projects for vulnerabilities.

Use one of our integrations to stay secure.

You can authorize Snyk CLI in your CI/CD programatically:

# Using a SNYK_TOKEN envvar (preferred)
SNYK_TOKEN=<SNYK_API_TOKEN> snyk test

# Or using a Snyk auth command
snyk auth <SNYK_API_TOKEN>
snyk test

More flags and options to try

Here are some flags that you might find useful:

  • --severity-threshold=low|medium|high|critical

    Only report vulnerabilities of provided level or higher.

  • --json

    Prints results in JSON format.

  • --all-projects

    Auto-detect all projects in working directory

See all the available commands and options by running --help:

snyk --help
# or get help for a specific command like
snyk iac --help
snyk code --help

Getting support

We recommend reaching out via the [email protected] email whenever you need help with Snyk CLI or Snyk in general.

GitHub Issues on any Snyk project are not actively monitored by Snyk support.

Contributing

This project is open source but we don't encourage outside contributors. You may look into design decisions in the Snyk CLI.

This repository is a monorepo, also covering other projects and tools:

Security

For any security issues or concerns, please see SECURITY.md file in this repository.

Notices

Snyk API usage policy

The use of Snyk's API, whether through the use of the 'snyk' npm package or otherwise, is subject to the Terms & Conditions.

Made with 💜 by Snyk

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].