Skip to content

A Trivy plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.

License

Notifications You must be signed in to change notification settings

fatihtokus/scan2html

Repository files navigation

scan2html

License: Apache-2.0 OpenSSF Scorecard OpenSSF Best Practices GitHub All Releases GitHub Latest Release

Before moving on, please consider giving us a GitHub star ⭐️. Thank you!

About scan2html

A Trivy plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.

Install

trivy plugin install scan2html
or
trivy plugin install github.com/fatihtokus/scan2html

Uninstall

trivy plugin uninstall scan2html

Usage

Generate a report from multiple json scan results - experimental

trivy scan2html generate interactive_result.html from vulnerabilities.json misconfigs.json secrets.json
Result

result

Generate report with EPSS scores from multiple scan results - experimental

trivy scan2html generate --with-epss interactive_result.html from vulnerabilities.json misconfigs.json secrets.json
Result

result

Scan a local folder

trivy scan2html fs --scanners vuln,secret,misconfig . interactive_report.html
Result

result

Scan a k8s cluster

trivy scan2html k8s cluster interactive_report.html
Result

result

Scan a k8s cluster all

trivy scan2html k8s --report=all interactive_report.html
Result

result

Scan a k8s cluster summary

trivy scan2html k8s --report summary cluster interactive_report.html
Result

result

Scan and generate SBOM(spdx) report

trivy scan2html image --format spdx alpine:3.15 interactive_report.html
Result

result

Help

$ trivy scan2html -h

Usage: trivy scan2html [-h,--help] command target filename
 A Trivy plugin that scans and outputs the results to an interactive html file.
Options:
  -h, --help    Show usage.
Examples:
   # Scan an image
  trivy scan2html image alpine:latest interactive_report.html

  # Scan an image from local tar file
  trivy scan2html image --input ruby-3.1.tar interactive_report.html

  # Scan a local folder
  trivy scan2html fs --scanners vuln,secret,misconfig . interactive_report.html

  # Scan a k8s cluster
  trivy scan2html k8s cluster interactive_report.html

  # Scan a k8s cluster all
  trivy scan2html k8s --report=all all interactive_report.html

  # Scan a k8s cluster summary
  trivy scan2html k8s --report summary cluster interactive_report.html

  # Scan and generate SBOM(spdx) report
  trivy scan2html image --format spdx alpine:3.15 interactive_report.html
  
  # Generate a report from multiple json scan results - experimental
  trivy scan2html generate interactive_result.html from vulnerabilities.json misconfigs.json secrets.json
  
  # Generate report with EPSS scores from multiple scan results - experimental
  trivy scan2html generate --with-epss interactive_result.html from vulnerabilities.json misconfigs.json secrets.json

About

A Trivy plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Packages

No packages published

Languages