Scanner
ShellCheck, a static analysis tool for shell scripts
Dockerfile linter, validate inline bash, written in Haskell
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Snyk CLI scans and monitors your projects for security vulnerabilities.
A tool for exploring each layer in a docker image
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.