{"id":13449407,"url":"https://github.com/cr0hn/dockerscan","last_synced_at":"2025-05-15T17:04:41.330Z","repository":{"id":41243418,"uuid":"81254815","full_name":"cr0hn/dockerscan","owner":"cr0hn","description":"Docker security analysis \u0026 hacking tools","archived":false,"fork":false,"pushed_at":"2020-05-27T08:36:02.000Z","size":170,"stargazers_count":1370,"open_issues_count":9,"forks_count":201,"subscribers_count":63,"default_branch":"master","last_synced_at":"2025-04-07T22:08:16.651Z","etag":null,"topics":["docker","docker-registry","hacking","registry","scan","security"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cr0hn.png","metadata":{"files":{"readme":"README.rst","changelog":"CHANGELOG","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null},"funding":{"github":["cr0hn"]}},"created_at":"2017-02-07T21:13:12.000Z","updated_at":"2025-03-30T22:23:01.000Z","dependencies_parsed_at":"2022-07-12T23:10:34.376Z","dependency_job_id":null,"html_url":"https://github.com/cr0hn/dockerscan","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cr0hn%2Fdockerscan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cr0hn%2Fdockerscan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cr0hn%2Fdockerscan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cr0hn%2Fdockerscan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cr0hn","download_url":"https://codeload.github.com/cr0hn/dockerscan/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254384987,"owners_count":22062422,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","docker-registry","hacking","registry","scan","security"],"created_at":"2024-07-31T06:00:37.258Z","updated_at":"2025-05-15T17:04:36.320Z","avatar_url":"https://github.com/cr0hn.png","language":"Python","funding_links":["https://github.com/sponsors/cr0hn"],"categories":["Tools","Python","security","Go"],"sub_categories":["Scanner"],"readme":"dockerscan\n==========\n\n*dockerscan: A Docker analysis \u0026 hacking tools*\n\n.. image::  https://github.com/cr0hn/dockerscan/raw/master/doc/source/_static/dockerscan-logo.png\n    :height: 64px\n    :width: 64px\n    :alt: DockerScan logo\n\n+----------------+--------------------------------------------------+\n|Project site    | http://github.com/cr0hn/dockerscan               |\n+----------------+--------------------------------------------------+\n|Issues          | https://github.com/cr0hn/dockerscan/issues/      |\n+----------------+--------------------------------------------------+\n|Author          | Daniel Garcia (cr0hn) / Roberto Munoz (robskye)  |\n+----------------+--------------------------------------------------+\n|Documentation   | http://dockerscan.readthedocs.org                |\n+----------------+--------------------------------------------------+\n|Last Version    | 1.0.0-Alpha-02                                   |\n+----------------+--------------------------------------------------+\n|Python versions | 3.5 or above                                     |\n+----------------+--------------------------------------------------+\n\nSupport this project\n====================\n\nSupport this project (to solve issues, new features...) by applying the Github \"Sponsor\" button.\n\nWhat's dockerscan\n=================\n\nA Docker analysis tools\n\nVery quick install\n==================\n\n.. code-block:: bash\n\n    \u003e python3.5 -m pip install -U pip\n    \u003e python3.5 -m pip install dockerscan\n\nShow options:\n\n.. code-block:: bash\n\n    \u003e dockerscan -h\n\nAvailable actions\n=================\n\nCurrently Docker Scan support these actions:\n\n- Scan: Scan a network trying to locate Docker Registries\n\n- Registry\n\n    - Delete: Delete remote image / tag\n    - Info: Show info from remote registry\n    - Push: Push an image (like Docker client)\n    - Upload: Upload a random file\n\n- Image\n\n    - Analyze: Looking for sensitive information in a Docker image.\n\n        - Looking for passwords in environment vars.\n        - Try to find any URL / IP in the environment vars.\n        - Try to deduce the user used internally to run the software. This is not trivial. If the entry point is a .sh file. Read the file and try to find call to sudo-like: “sudo”, “gosu”, “sh -u”… And report the user found.\n\n    - Extract: extract a docker image\n    - Info: Get a image meta information\n    - Modify:\n\n        - entrypoint: change the entrypoint in a docker\n        - **trojanize**: inject a reverser shell into a docker image\n        - user: change running user in a docker image\n\nWhat's the difference from Clair or Docker Cloud?\n=================================================\n\nThe purpose of Dockerscan is different. It's foccussed in the attack phase.\n\nAlthough Dockescan has some functionalities to detect vulnerabilities in Docker images and Docker registries, the objective is the attack.\n\nDocumentation\n=============\n\nDocumentation is still in progress... sorry!\n\nFor the moment we only have the slides presented at RootedCON Spain, the conference where Docker Scan was presented:\n\nhttps://www.slideshare.net/cr0hn/rootedcon-2017-docker-might-not-be-your-friend-trojanizing-docker-images/1\n\nOr you can watch it in video format (recommended):\n\nhttps://youtu.be/OwX1e4y4JMk\n\nAlso, you can watch a dockerscan usage demo:\n\nhttps://youtu.be/UvtBGIb3E3o\n\nContributing\n============\n\nAny collaboration is welcome!\n\nThere are many tasks to do. You can check the `Issues \u003chttps://github.com/cr0hn/dockerscan/issues/\u003e`_ and send us a Pull Request.\n\nLicense\n=======\n\nThis project is distributed under `BSD license \u003chttps://github.com/cr0hn/dockerscan/blob/master/LICENSE\u003e`_\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcr0hn%2Fdockerscan","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcr0hn%2Fdockerscan","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcr0hn%2Fdockerscan/lists"}