Before moving on, please consider giving us a GitHub star ⭐️. Thank you!
A Trivy plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.
Built for teams that care about flexibility, privacy, and control.
- 100% open-source (Apache-2.0)
- No API keys or rate limits
- Self-contained, data does not leave your system
- Works with your existing Trivy json scan result files too
- Easy to integrate into any CI/CD pipeline
trivy plugin install scan2html
trivy plugin uninstall scan2html
trivy scan2html generate --scan2html-flags --output interactive_report.html --from vulnerabilities.json,misconfigs.json,secrets.json
trivy scan2html generate --scan2html-flags --with-epss --output interactive_report.html --from vulnerabilities.json,misconfigs.json,secrets.json
trivy scan2html fs --scanners vuln,secret,misconfig . --scan2html-flags --output interactive_report.html
trivy scan2html k8s cluster --scan2html-flags --output interactive_report.html
trivy scan2html k8s --report=all --scan2html-flags --output interactive_report.html
trivy scan2html k8s --report summary cluster --scan2html-flags --output interactive_report.html
trivy scan2html image --format spdx alpine:3.15 --scan2html-flags --output interactive_report.html
$ trivy scan2html -h
Usage: trivy scan2html [-h,--help] command target filename
trivy scan2html <trivy [global flags] command [flags] target> --scan2html-flags [scan2html flags]
trivy scan2html generate --scan2html-flags [scan2html flags]
Utility Commands
generate Generate a report from multiple json scan results
help Help about any command
version Print the version
Flags:
-h, --help Show usage.
--output Report name
--report-title Report Title
--with-epss Include EPSS data
--with-exploits Include Exploits
--from Comma separated json scan result files
Examples:
# Scan an image
trivy scan2html image --scanners vuln,secret,misconfig,license alpine:latest --scan2html-flags --output interactive_report.html
# Scan an image from local tar file
trivy scan2html image --input ruby-3.1.tar --scan2html-flags --output interactive_report.html
# Scan a local folder
trivy scan2html fs --scanners vuln,secret,misconfig,license . --scan2html-flags --output interactive_report.html
# Scan a k8s cluster
trivy scan2html k8s cluster --scan2html-flags --output interactive_report.html
# Scan a k8s cluster all
trivy scan2html k8s --report=all --scan2html-flags --output interactive_report.html
# Scan a k8s cluster summary
trivy scan2html k8s --report summary cluster --scan2html-flags --output interactive_report.html
# Scan and generate SBOM(spdx) report
trivy scan2html image --format spdx alpine:3.15 --scan2html-flags --output interactive_report.html
# Generate a report from multiple json scan results
trivy scan2html generate --scan2html-flags --output interactive_report.html --from vulnerabilities.json,misconfigs.json,secrets.json
# Generate report with EPSS scores from multiple scan results
trivy scan2html generate --scan2html-flags --with-epss --output interactive_report.html --from vulnerabilities.json,misconfigs.json,secrets.json
# Generate report with Exploitability from multiple scan results
trivy scan2html generate --scan2html-flags --with-exploits --output interactive_report.html --from vulnerabilities.json,misconfigs.json,secrets.json
# Download EPSS and Exploits data for caching - experimental
trivy scan2html --download-all
# Use cached EPSS and Exploits data - experimental
trivy scan2html image alpine:latest --scan2html-flags --with-cached-epss --with-cached-exploits --output interactive_report.html