dockerleaks

command module
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 26, 2023 License: GPL-3.0 Imports: 3 Imported by: 0

README

Dockerleaks

Go Report Card License

Dockerleaks is a command-line tool designed to uncover secrets within Docker images. Secrets, which can include API keys, passwords, and access tokens, pose potential security risks if left exposed. Dockerleaks will comb through Docker images to help identify these secrets.

You can scan Docker images either located in a remote registry or stored locally. It uses different methods to investigate environment variables and build arguments, which are common places where secrets might inadvertently be embedded during image creation. Furthermore, dockerSecrets can dig deep into the filesystem within a Docker image, scanning through files for potential secret leaks.

By using this tool, you can ensure that your Docker images maintain their integrity, adhering to the best practices of sensitive information management. It's a valuable addition to any security-conscious developer or organization's toolset, assisting in preventing unauthorized access to critical services, databases, and other resources.

© 2023 Bryce Thuilot. Dockerleaks is an open-source project and comes with ABSOLUTELY NO WARRANTY. It is free software, and you are welcome to redistribute it under specific conditions.

Installation

via GitHub release

Navigate to the Releases tab to download the compile binary for your specific platform. Be sure to then add it to your shell's PATH

from source
git clone github.com/bthuilot/dockerleaks && cd dockerleaks
go build -o dockerleaks .
# add dockerleaks to your PATH or execute via ./dockerleaks
via Docker

A docker image containing the script is distributed via thuilot/dockerleaks. To run via docker be sure to mount the docker socket into the container such that the binary can connect to the daemon to perform scans, an example is shown below.

docker run -it -v /var/run/docker.sock:/var/run/docker.sock thuilot/dockerleaks:latest -i [IMAGE TO SCAN]

Usage

To run DockerSecrets, use the following command:

Here are the available flags:

  • -c, --config string: Path to the configuration file.
  • -h, --help: Show help for dockerleaks.
  • -i, --image string: The name of the Docker image to scan.
  • -l, --log-level string: Set the log level. Options are off, debug, info, warn, error, and fatal. The default is off.
  • -p, --pull: The image should be pulled from a remote source before scanning.

For example, to scan a remote image named my-image, you could use the following command:

dockerleaks -i my-image:latest -p

This command would pull my-image:latest from its remote source and scan it for leaked secrets.

Support the project

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis
internal
util
pkg
config
detections
image
logging

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.