Docktor is a Web App that deploys an easy-to-use kit of analysis and scanning tools.
Today, developers use a variety of resources. It is more and more difficult to ensure the security of our artifacts. Especially Docker environments which are an obvious source of vulnerability.
The objective is to have a simple, fast, lightweight and everywhere approach to ensure the security of our productions.
The user interacts through the simple and pure web application, to select the elements he wants to analyze.
Docktor takes care of the remaining work thanks to its 3 main components:
- Sources: are UIs to select the sources/artifacts/input folders that will be analyzed by the Scanners
- Scanners: are external tools that perform the processing
- Vizualizer: are UIs that are in charge of enhancing the data for the user
graph TD
A[Docktor Frontend]
B(SOURCE - Docker Images)
C(SOURCE - File System)
D(SOURCE - Repo GIT)
E(SOURCE - Config Files)
F(VIZUALIZER - Report - Scan / Vulenarabilities)
W[Docktor Backend]
Y{Computer}
Z(((SCANNER - Trivy)))
W --> |report.json| F
F --> A
A --> B
A --> C
A --> D
A --> E
B --> |local docker images| W
B --> |remote docker images| W
C --> |local path| W
D --> |remote URI| W
E --> |local path| W
W --> |exec.Command| Y
Y --> |report.json|W
Y --> |./trivy ... |Z
Z --> |report.json| Y
-
Trivy detects:
-
Vulnerabilities
-
OS packages (Alpine, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, CBL-Mariner, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
-
Language-specific packages (Bundler, Composer, Pipenv, Poetry, npm, yarn, Cargo, NuGet, Maven, and Go)
-
-
CLICK HERE TO VIEW RESULTS
-
Trivy detects:
-
Vulnerabilities
-
OS packages (Alpine, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, CBL-Mariner, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
-
Language-specific packages (Bundler, Composer, Pipenv, Poetry, npm, yarn, Cargo, NuGet, Maven, and Go)
-
-
CLICK HERE TO VIEW RESULTS
-
Trivy detects:
- Misconfigurations
- Kubernetes
- Docker
- Terraform
- CloudFormation
- etc.
- Secrets
- AWS access key
- GCP service account
- GitHub personal access token
- etc.
- Misconfigurations
CLICK HERE TO VIEW RESULTS
-
Trivy detects:
-
Vulnerabilities
-
OS packages (Alpine, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, CBL-Mariner, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
-
Language-specific packages (Bundler, Composer, Pipenv, Poetry, npm, yarn, Cargo, NuGet, Maven, and Go)
-
-
CLICK HERE TO VIEW RESULTS
curl -LJO https://github.com/Matbabs/Docktor/blob/main/docker-compose.yml
Inside the docker-compose.yml containing folder.
docker-compose up
Note: your
/homepath is map with the/homecontainer path, especially to scan and access your local files.
Run with - Docker run
docker pull matbabs/docktor
docker run \
-d \
-p 3030:80 \
-p 4040:4040 \
-v "/var/run/docker.sock:/var/run/docker.sock:rw" \
-v /home:/home \
matbabs/docktor
Connect on: http://localhost:3030