Reporting

DefectDojo (Community)

DefectDojo can parse Tunnel JSON reports. The parser supports deduplication and auto-close features.

👉 Get it at: https://github.com/DefectDojo/django-DefectDojo

SecObserve (Community)

SecObserve can parse Tunnel results as CycloneDX reports and provides an unified overview of vulnerabilities from different sources. Vulnerabilities can be evaluated with manual and rule based assessments.

👉 Get it at: https://github.com/MaibornWolff/SecObserve

Scan2html (Community)

A Tunnel plugin that scans and outputs the results to an interactive html file.

👉 Get it at: https://github.com/fatihtokus/scan2html

SonarQube (Community)

A Tunnel plugin that converts JSON report to SonarQube generic issues format.

👉 Get it at: https://github.com/umax/tunnel-plugin-sonarqube

Tunnel-Streamlit (Community)

Tunnel-Streamlit is a Streamlit application that allows you to quickly parse the results from a Tunnel JSON report.

👉 Get it at: https://github.com/mfreeman451/tunnel-streamlit

Tunnel-Vulnerability-Explorer (Community)

This project is a web application that allows to load a Tunnel report in json format and displays the vulnerabilities of a single target in an interactive data table.

👉 Get it at: https://github.com/dbsystel/tunnel-vulnerability-explorer

plopsec.com (Community)

This project is a web application designed to help you visualize Tunnel image scan reports. It enriches the data with additional exploitability metrics from EPSS, Metasploit, and Exploit-DB, updated daily.

👉 Get it at: https://plopsec.com | https://github.com/pl0psec/plopsec.com