Vuls
Agentless vulnerability scanner for Linux/FreeBSD: SSH-based inventory, CVE reporting, and optional local scan modes.
Why it is included
Strong open option for patch-management-oriented VM when you cannot deploy agents everywhere.
Best for
Infrastructure teams auditing many servers via SSH with centralized reports.
Strengths
- Agentless model
- Fast iteration
- Broad distro targets
Limitations
- SSH credential scope is sensitive; GPL compliance for derivatives
Good alternatives
OpenVAS · Trivy on hosts · commercial VM
Related tools
Security & Privacy
Greenbone Community Edition (OpenVAS)
Full vulnerability management stack: OpenVAS scanner, Greenbone Vulnerability Manager, feeds, and web UI for scan management.
Security & Privacy
Trivy
All-in-one scanner for container images, IaC, Kubernetes manifests, SBOMs, and VM OS packages with CI integrations.
Security & Privacy
osquery
Expose OS state as SQL tables—processes, sockets, users, browser extensions—for fleet visibility and compliance.
Security & Privacy
Exploit Database
Curated archive of public exploits and proof-of-concepts with searchsploit CLI for offline lookup.
Security & Privacy
Lynis
Host-based security auditing for Unix: misconfigurations, packages, SSH, kernel hardening hints.
Security & Privacy
Tracee
Linux runtime security using eBPF to trace OS and container events with prebuilt signatures and pipeline exports.