Dockerscan is a comprehensive Docker security analysis and exploitation tool designed to identify vulnerabilities and automate container security assessments.
Docker security analysis & hacking tools
Dockerscan is primarily used by security professionals and penetration testers to scan Docker images and containers for security weaknesses, misconfigurations, and vulnerabilities. It helps automate the discovery of potential attack vectors in containerized environments, enabling proactive security hardening.
Running dockerscan may require Docker daemon access and appropriate permissions. It is recommended to use this tool in controlled environments to avoid unintended disruptions. Regularly update the tool and its vulnerability database for accurate results.
Ensure Python 3.6+ is installed
Clone the repository: git clone https://github.com/cr0hn/dockerscan.git
Navigate to the dockerscan directory: cd dockerscan
Install dependencies: pip install -r requirements.txt
Run dockerscan using Python: python dockerscan.pypython dockerscan.py --help
Displays help information and available commands
python dockerscan.py scan -i <image_name>
Scans a specified Docker image for vulnerabilities
python dockerscan.py scan -c <container_id>
Scans a running Docker container for security issues
python dockerscan.py exploit -i <image_name>
Attempts exploitation of vulnerabilities found in the Docker image