Skip to content

jemisonf/toy-scanner

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Toy Container Vulnerability Scanner

This is a small tool that can (theoretically) scan an Alpine container image and detect any vulnerable APK packages that have been reported to Alpine SecDB. You can run with:

go run . -image alpine

Where the -image flag accepts most formats for image identifiers.

The code is based on a simpler version of the architecture for Clare, and borrows particularly strongly from Clare's Alpine indexer. Many thanks to the Clare developers for the easy-to-read code and documentation, without which this probably would not have been possible.

It hopefully goes without saying, but under absolutely no circumstances should this code be used in production.

For a detailed write up of this project, check out "Building a Toy Container Vulnerability Scanner".

About

A simple container vulnerability scanner built for https://fgj.codes/posts/building-a-toy-vulnerability-scanner/

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages