Code Monkey home page Code Monkey logo

dockscan's Introduction

Build Status Coverage Status

dockscan

logo

Scan Docker installations for security issues and vulnerabilities.

Features

  • plugin based system for discovery, audit and reporting
  • able to scan local and remote docker installations
  • plugins are easy to write

Requirements

  • Ruby 2.0 or above (1.9.x does not work!)
  • Ruby gem: docker-api (docker)

Installation

You can install dockscan by installing dockscan gem:

gem install dockscan

Usage

Typical usage for scanning docker installation.

If you wish to scan local Docker installation:

dockscan unix:///var/run/docker.sock

If you wish to scan remote Docker installation and produce HTML report:

dockscan -r html -o myreport -v tcp://example.com:5422

If you wish to scan remote Docker installation and produce text report:

dockscan -r txt -o myreport -v tcp://example.com:5422

Environment variables

DOCKER_CERT_PATH will configure dockscan to use SSL

DOCKER_SSL_VERIFY if set to false will not verify certificates.

ToDo

  • Implement web frontend for scanner
  • Progress bars

Done

  • Different reporting (HTML, txt, ...)

dockscan's People

Contributors

kost avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

leucos pombredanne gamehacker dipsec bijaye grayhats ankushgoel27 jbarcia michalkoczwara olivierh59500 cc06 mikepipo mgcfish ziv0chou magnologan rgrsoucy gokulchandrap security-prince a1kaid sgdevops sasqwatch securapawn sdauto-etch manjunathkg acumenix beike2020 mreetyunjaya moisestapia toughrunner bddsl ginolucianorojo1993 jeromeyoung elaprendizdecoder dandada87 alainlompo dmore iq-scm

dockscan's Issues

How could I test this project ?

Hello
I'm tyring to use this project for my local laptop

I use archlinux based distro

here is my docker info

Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 0
Server Version: 1.12.1
Storage Driver: overlay2
 Backing Filesystem: extfs
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: null bridge host overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options: seccomp
Kernel Version: 4.7.1-1-ARCH
Operating System: Apricity OS
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 15.61 GiB
Name: keyolk-book
ID: AKMT:LO4B:TAXU:M6K3:RYEQ:GE5B:GLZ6:ISBQ:WBN7:FYKF:CMN6:TN2W
Docker Root Dir: /home/keyolk/mount/flash/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Insecure Registries:
 127.0.0.0/8

when I try below

./dockscan.rb -r html -o myreport -v unix:///var/run/docker.sock

I got below message

/home/keyolk/workspace/build/git/dockscan/scan/manage-scan.rb:35:in `scan': undefined method `url=' for Docker:Module (NoMethodError)
        from ./dockscan.rb:101:in `block in <main>'
        from ./dockscan.rb:100:in `each'
        from ./dockscan.rb:100:in `<main>'

How can I fix this ?

Error connecting or validating Docker version

I'm using WSL2 and I have problems using dockscan:

$ docker --version
Docker version 19.03.13, build 4484c46d9d

$ uname -a
Linux AM-NB-115 4.19.104-microsoft-standard #1 SMP Wed Feb 19 06:37:35 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

$ dockscan unix:///var/run/docker.sock
E, [2021-01-03T14:10:35.582568 #6777] ERROR -- : Error connecting or validating Docker version

How can I use it?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.