Project

dockscan

0.11
No commit activity in last 3 years
No release in over 3 years
dockscankost/dockscanHomepageDocumentationSource CodeBug TrackerWiki
security vulnerability and audit scanner for Docker installations.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
8,033
Stars
218
Forks
36
Watchers
17
 Releases
Current version
0.1.2
Total releases
3
First release
2016-08-27
Latest release
2016-08-27
 Issues
Open Issues
1
Closed Issues
1
Total Issues
2
Issue Closure Rate
50%
 Pull Requests
Open Pull Requests
0
Closed Pull Requests
1
Merged Pull Requests
0
Pull Request Acceptance Rate
0%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2016-04-09
Reverse Dependencies
0

 Dependencies

Development

bundler
>= 1.12
rake
~> 10.0
rspec
~> 3.0

Runtime

docker-api
>= 0
 Project Readme

Build Status Coverage Status

dockscan

logo

Scan Docker installations for security issues and vulnerabilities.

Features

  • plugin based system for discovery, audit and reporting
  • able to scan local and remote docker installations
  • plugins are easy to write

Requirements

  • Ruby 2.0 or above (1.9.x does not work!)
  • Ruby gem: docker-api (docker)

Installation

You can install dockscan by installing dockscan gem:

gem install dockscan

Usage

Typical usage for scanning docker installation.

If you wish to scan local Docker installation:

dockscan unix:///var/run/docker.sock

If you wish to scan remote Docker installation and produce HTML report:

dockscan -r html -o myreport -v tcp://example.com:5422

If you wish to scan remote Docker installation and produce text report:

dockscan -r txt -o myreport -v tcp://example.com:5422

Environment variables

DOCKER_CERT_PATH will configure dockscan to use SSL

DOCKER_SSL_VERIFY if set to false will not verify certificates.

ToDo

  • Implement web frontend for scanner
  • Progress bars

Done

  • Different reporting (HTML, txt, ...)