mirror of
https://github.com/The-Art-of-Hacking/h4cker.git
synced 2024-12-24 22:59:37 -05:00
Create docker-bench-websploit.sh
This commit is contained in:
parent
aa1432596b
commit
9c3d34cb67
17
docker-and-k8s-security/docker/docker-bench-websploit.sh
Normal file
17
docker-and-k8s-security/docker/docker-bench-websploit.sh
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
# A quick script to run docker-bench-security in WebSploit Labs
|
||||||
|
|
||||||
|
echo "Running docker-bench-security from WebSploit"
|
||||||
|
|
||||||
|
docker run --rm --net host --pid host --userns host --cap-add audit_control \
|
||||||
|
-e DOCKER_CONTENT_TRUST=$DOCKER_CONTENT_TRUST \
|
||||||
|
-v /etc:/etc:ro \
|
||||||
|
-v /lib/systemd/system:/lib/systemd/system:ro \
|
||||||
|
-v /usr/bin/containerd:/usr/bin/containerd:ro \
|
||||||
|
-v /usr/bin/runc:/usr/bin/runc:ro \
|
||||||
|
-v /usr/lib/systemd:/usr/lib/systemd:ro \
|
||||||
|
-v /var/lib:/var/lib:ro \
|
||||||
|
-v /var/run/docker.sock:/var/run/docker.sock:ro \
|
||||||
|
--label docker_bench_security \
|
||||||
|
docker/docker-bench-security > bench_results.txt
|
||||||
|
|
||||||
|
echo "The results have been stored at $(pwd)/bench_results.txt "
|
Loading…
Reference in New Issue
Block a user