16

Grype - Vulnerability Scanner For Container Images & Filesystems

 3 years ago
source link: https://www.darknet.org.uk/2021/04/grype-vulnerability-scanner-for-container-images-filesystems/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Grype – Vulnerability Scanner For Container Images & Filesystems

Last updated: April 19, 2021 | 763 views 0

Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based operating systems.

Grype - Vulnerability Scanner For Container Images & Filesystems

Features of Grype Vulnerability Scanner For Container Images & Filesystems

Scan the contents of a container image or filesystem to find known vulnerabilities and find vulnerabilities for major operating system packages in:

  • Alpine
  • BusyBox
  • CentOS / Red Hat
  • Debian
  • Ubuntu

Find vulnerabilities for language-specific packages:

  • Ruby (Bundler)
  • Java (JARs, etc)
  • JavaScript (NPM/Yarn)
  • Python (Egg/Wheel)
  • Python pip/requirements.txt/setup.py listings

Supports Docker and OCI image formats

Using Grype Vulnerability Scanner For Container Images & Filesystems

To scan for vulnerabilities in an image:

grype <image>

Grype can scan a variety of sources beyond those found in Docker.

# scan a container image archive (from the result of `docker image save ...`, `podman save ...`, or `skopeo copy` commands)
grype path/to/image.tar
# scan a directory
grype dir:path/to/dir

The output format for Grype is configurable as well:

grype <image> -o <format>

Where the formats available are:

  • json: Use this to get as much information out of Grype as possible!
  • cyclonedx: An XML report conforming to the CycloneDX 1.2 specification.
  • table: A columnar summary (default).

You can download Grype here:

Or read more here.

Posted in: Security Software

Latest Posts:

Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.

April 19, 2021 - 55 Shares

APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.

March 5, 2021 - 178 Shares

GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc

February 3, 2021 - 110 Shares

GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process

January 1, 2021 - 150 Shares

zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.

December 7, 2020 - 220 Shares

HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc

November 6, 2020 - 205 Shares
No comments yet.

Leave a Reply Click here to cancel reply.

Name (required)

Email (will not be published) (required)

Website


About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK