FreshRSS

πŸ”’
❌ Secure Planet Training Courses Updated For 2019 - Click Here
☷
β–³ πŸ”ƒ
There are new available articles, click to refresh the page.
☐ β˜† βœ‡ KitPloit - PenTest Tools!

Docf-Sec-Check - DockF-Sec-Check Helps To Make Your Dockerfile Commands More Secure

By: Unknown β€” April 4th 2025 at 19:18


DockF-Sec-Check helps to make your Dockerfile commands more secure.


Done

  • [x] First-level security notification in the Dockerfile

TODO List

  • [ ] Correctly detect the Dockerfile.
  • [ ] Second-level security notification in the Dockerfile.
  • [ ] Security notification in Docker images.
  • [ ] ***** (Private Repository)

Installation

From Source Code

You can use virtualenv for package dependencies before installation.

git clone https://github.com/OsmanKandemir/docf-sec-check.git
cd docf-sec-check
python setup.py build
python setup.py install

From Pypi

The application is available on PyPI. To install with pip:

pip install docfseccheck

From Dockerfile

You can run this application on a container after build a Dockerfile. You need to specify a path (YOUR-LOCAL-PATH) to scan the Dockerfile in your local.

docker build -t docfseccheck .
docker run -v <YOUR-LOCAL-PATH>/Dockerfile:/docf-sec-check/Dockerfile docfseccheck -f /docf-sec-check/Dockerfile

From DockerHub

docker pull osmankandemir/docfseccheck:v1.0
docker run -v <YOUR-LOCAL-PATH>/Dockerfile:/docf-sec-check/Dockerfile osmankandemir/docfseccheck:v1.0 -f /docf-sec-check/Dockerfile


Usage

-f DOCKERFILE [DOCKERFILE], --file DOCKERFILE [DOCKERFILE] Dockerfile path. --file Dockerfile

Function Usage

from docfchecker import DocFChecker

#Dockerfile is your file PATH.

DocFChecker(["Dockerfile"])

Development and Contribution

See; CONTRIBUTING.md

License

Copyright (c) 2024 Osman Kandemir \ Licensed under the GPL-3.0 License.

Donations

If you like DocF-Sec-Check and would like to show support, you can use Buy A Coffee or Github Sponsors feature for the developer using the button below.

Or

Sponsor me : https://github.com/sponsors/OsmanKandemir 😊

Your support will be much appreciated😊



☐ β˜† βœ‡ Security – Cisco Blog

Strengthening Docker Security: Best Practices for Resilient Containers

By: Gogulakrishnan Thiyagarajan β€” December 20th 2024 at 13:00
Docker's proliferation has led to some serious vulnerabilities, but you can improve security in Docker containers by following a set of best practices.
☐ β˜† βœ‡ The Hacker News

New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic

By: Newsroom β€” January 18th 2024 at 16:31
Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well as the 9Hits Viewer software as part of a multi-pronged monetization strategy. "This is the first documented case of malware deploying the 9Hits application as a payload," cloud security firm Cado said, adding the development is a sign that adversaries are
❌