fatihtokus/scan2html

GitHub: fatihtokus/scan2html

scan2html 是一个 Trivy 插件，用于将安全扫描结果输出为交互式 HTML 报告，解决报告可视化和易用性问题。

Stars: 135 | Forks: 14

# scan2html ![许可证：Apache-2.0](https://img.shields.io/badge/License-Apache%202.0-blue.svg) [![OpenSSF 记分卡](https://api.scorecard.dev/projects/github.com/fatihtokus/scan2html/badge)](https://scorecard.dev/viewer/?uri=github.com/fatihtokus/scan2html) [![OpenSSF 最佳实践](https://www.bestpractices.dev/projects/9231/badge)](https://www.bestpractices.dev/projects/9231) ![GitHub 全部发行版](https://img.shields.io/github/downloads/fatihtokus/scan2html/total?logo=github) ![GitHub 最新发行版](https://img.shields.io/github/v/release/fatihtokus/scan2html.svg?logo=github) ## 关于 scan2html 一款 [Trivy](https://github.com/aquasecurity/trivy) 插件，可扫描并将结果（容器、Kubernetes、代码仓库、云等中的漏洞、配置错误、密钥、SBOM）输出到交互式 HTML 文件中。为注重灵活性、隐私和控制力的团队打造。 ## 为何选择 scan2html - 100% 开源（Apache-2.0） - 无需 API 密钥或速率限制 - 自包含，数据不会离开您的系统 - 也可处理现有的 Trivy JSON 扫描结果文件 - 易于集成到任何 CI/CD 流水线中 ## 安装 ``` trivy plugin install scan2html ``` ## 卸载 ``` trivy plugin uninstall scan2html ``` ## 使用方法 ### 从多个 JSON 扫描结果生成报告 ``` trivy scan2html generate --scan2html-flags --output interactive_report.html --from vulnerabilities.json,misconfigs.json,secrets.json ```

结果

![结果](https://static.pigsec.cn/wp-content/uploads/repos/2026/05/da6df7d091002414.png)

### 从多个扫描结果生成带 EPSS 分数的报告（实验性） ``` trivy scan2html generate --scan2html-flags --with-epss --output interactive_report.html --from vulnerabilities.json,misconfigs.json,secrets.json ```

结果

![结果](https://static.pigsec.cn/wp-content/uploads/repos/2026/05/da6df7d091002414.png)

### 扫描本地文件夹 ``` trivy scan2html fs --scanners vuln,secret,misconfig . --scan2html-flags --output interactive_report.html ```

结果

![结果](https://static.pigsec.cn/wp-content/uploads/repos/2026/05/da6df7d091002414.png)

### 扫描 Kubernetes 集群 ``` trivy scan2html k8s cluster --scan2html-flags --output interactive_report.html ```

结果

![结果](https://static.pigsec.cn/wp-content/uploads/repos/2026/05/da6df7d091002414.png)

### 扫描 Kubernetes 集群全部 ``` trivy scan2html k8s --report=all --scan2html-flags --output interactive_report.html ```

结果

![结果](https://static.pigsec.cn/wp-content/uploads/repos/2026/05/76e51cc963002415.png)

### 扫描 Kubernetes 集群摘要 ``` trivy scan2html k8s --report summary cluster --scan2html-flags --output interactive_report.html ```

结果

![结果](https://static.pigsec.cn/wp-content/uploads/repos/2026/05/e4cb0bd30f002416.png)

### 扫描并生成 SBOM (SPDX) 报告 ``` trivy scan2html image --format spdx alpine:3.15 --scan2html-flags --output interactive_report.html ```

结果

![结果](https://static.pigsec.cn/wp-content/uploads/repos/2026/05/30163854bc002416.png)

## 帮助 ``` $ trivy scan2html -h Usage: trivy scan2html [-h,--help] command target filename trivy scan2html --scan2html-flags [scan2html flags] trivy scan2html generate --scan2html-flags [scan2html flags] Utility Commands generate Generate a report from multiple json scan results help Help about any command version Print the version Flags: -h, --help Show usage. --output Report name --report-title Report Title --with-epss Include EPSS data --with-exploits Include Exploits --from Comma separated json scan result files Examples: # Scan an image trivy scan2html image --scanners vuln,secret,misconfig,license alpine:latest --scan2html-flags --output interactive_report.html # Scan an image from local tar file trivy scan2html image --input ruby-3.1.tar --scan2html-flags --output interactive_report.html # Scan a local folder trivy scan2html fs --scanners vuln,secret,misconfig,license . --scan2html-flags --output interactive_report.html # Scan a k8s cluster trivy scan2html k8s cluster --scan2html-flags --output interactive_report.html # Scan a k8s cluster all trivy scan2html k8s --report=all --scan2html-flags --output interactive_report.html # Scan a k8s cluster summary trivy scan2html k8s --report summary cluster --scan2html-flags --output interactive_report.html # Scan and generate SBOM(spdx) report trivy scan2html image --format spdx alpine:3.15 --scan2html-flags --output interactive_report.html # Generate a report from multiple json scan results trivy scan2html generate --scan2html-flags --output interactive_report.html --from vulnerabilities.json,misconfigs.json,secrets.json # Generate report with EPSS scores from multiple scan results trivy scan2html generate --scan2html-flags --with-epss --output interactive_report.html --from vulnerabilities.json,misconfigs.json,secrets.json # Generate report with Exploitability from multiple scan results trivy scan2html generate --scan2html-flags --with-exploits --output interactive_report.html --from vulnerabilities.json,misconfigs.json,secrets.json # Download EPSS and Exploits data for caching - experimental trivy scan2html --download-all # Use cached EPSS and Exploits data - experimental trivy scan2html image alpine:latest --scan2html-flags --with-cached-epss --with-cached-exploits --output interactive_report.html ```

标签：Chrome Headless, GPT, Homebrew安装, HTML报告, JSON报告, Kubernetes安全, SBOM管理, Trivy插件, Web截图, 云原生安全, 交互式报告, 代码安全, 后端开发, 多模态安全, 安全扫描, 容器安全, 扫描工具, 数据可视化, 日志审计, 时序注入, 漏洞枚举, 漏洞管理, 秘密扫描, 网络安全, 自包含报告, 配置检查, 隐私保护