-
Notifications
You must be signed in to change notification settings - Fork 0
Home
homelabforge edited this page Mar 12, 2026
·
5 revisions
Container Security Insights for Your Homelab
VulnForge is a self-hosted dashboard that keeps homelab operators on top of container security. It combines Trivy (for vulnerabilities), a native compliance checker (for CIS Docker Benchmark checks), and Dive (for image efficiency) to surface security issues in one placeβall without relying on external SaaS services.
New to VulnForge? Start here:
- π Quick Start - Get VulnForge running in 5 minutes
- π§ First-Time Setup - Complete walkthrough for new installations
- π» Installation - Comprehensive installation guide (Docker, NAS, bare metal)
Learn about VulnForge's powerful security capabilities:
- π Dashboard - Navigate the VulnForge interface
- π Vulnerability Scanning - Trivy integration with KEV tagging and CVSS scoring
- β Compliance Monitoring - Native CIS compliance checks with grouped findings
- πΌοΈ Image Analysis - Dive layer analysis for efficiency insights
- π Secret Detection - Scan for exposed credentials with triage
- π‘ Real-time Progress - SSE-powered scan status updates
- π Notifications - 7 notification services with configurable alerting
Set up VulnForge for your environment:
- π Authentication - API keys, Basic Auth, Authentik, and custom header providers
- ποΈ Database Configuration - SQLite WAL mode, backups, and retention policies
- π― Scan Settings - Scheduling, thresholds, parallel scans, and scanner DB management
- π§ͺ Advanced Configuration - Scanner offline resilience, KEV checking, false positive patterns
- βοΈ Environment Variables - Complete environment variable reference
Need assistance?
- β FAQ - Frequently asked questions organized by topic
- π Troubleshooting - Comprehensive problem-solving guide
- π API Reference - REST API endpoint documentation
- β¬οΈ Upgrading - Version migration guides and breaking changes
- π» GitHub: github.com/homelabforge/vulnforge
- π Issues: Report bugs
- π¬ Discussions: Ask questions
- π Discord: Join the community
- π Changelog: View release history
- π Deployment: vulnforge.starett.net
VulnForge is a self-hosted container security dashboard that provides:
- β Vulnerability Scanning with Trivy integration
- β KEV Tagging for CISA Known Exploited Vulnerabilities
- β CVSS Scoring with comprehensive vulnerability details
- β Compliance Monitoring using native VulnForge Checker (20 CIS checks)
- β Image Efficiency Analysis using Dive for layer insights and optimization
- β Secret Detection with false-positive triage workflow
- β Real-time Progress via Server-Sent Events (SSE)
- β Smart Notifications through 7 services (ntfy, Gotify, Pushover, Slack, Discord, Telegram, Email)
- β Activity Logging for complete audit trail
- β Data Persistence using SQLite WAL mode
- β Scanner Offline Resilience with stale DB warnings
First time here?
- Install VulnForge β Quick Start
- Run initial scan β First-Time Setup
- Configure notifications β Notifications
- Set up authentication β Authentication
Common tasks:
- How do I schedule scans?
- How do I triage vulnerabilities?
- How do I create false positive patterns?
- How do I monitor KEVs?
- Why aren't my containers being detected?
- Backend: Python 3.14 + FastAPI + SQLAlchemy + aiosqlite
- Frontend: React 19 + TypeScript + Vite 7.3 + TailwindCSS 4.1 + Bun 1.3.4
- Database: SQLite with WAL mode
- Testing: pytest 9.0.2 (backend) + Vitest 3.1 (frontend)
- Scanners: Trivy (vulnerabilities), VulnForge Checker (compliance), Dive (image efficiency)
- Deployment: Docker multi-stage build β GHCR
Want to improve VulnForge?
- Read the Contributing Guide
- Check open Issues
- Join the Discussion
VulnForge - Container security insights for your homelab π