Skip to content
/ dockscan Public

dockscan is security vulnerability and audit scanner for Docker installations

License

Notifications You must be signed in to change notification settings

kost/dockscan

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

37 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Build Status Coverage Status

dockscan

logo

Scan Docker installations for security issues and vulnerabilities.

Features

  • plugin based system for discovery, audit and reporting
  • able to scan local and remote docker installations
  • plugins are easy to write

Requirements

  • Ruby 2.0 or above (1.9.x does not work!)
  • Ruby gem: docker-api (docker)

Installation

You can install dockscan by installing dockscan gem:

gem install dockscan

Usage

Typical usage for scanning docker installation.

If you wish to scan local Docker installation:

dockscan unix:///var/run/docker.sock

If you wish to scan remote Docker installation and produce HTML report:

dockscan -r html -o myreport -v tcp://example.com:5422

If you wish to scan remote Docker installation and produce text report:

dockscan -r txt -o myreport -v tcp://example.com:5422

Environment variables

DOCKER_CERT_PATH will configure dockscan to use SSL

DOCKER_SSL_VERIFY if set to false will not verify certificates.

ToDo

  • Implement web frontend for scanner
  • Progress bars

Done

  • Different reporting (HTML, txt, ...)

About

dockscan is security vulnerability and audit scanner for Docker installations

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published