cyber-security-resources/web_application_testing/docker_references.md

Docker References

The most amazing (#awesome) list of Docker-related resources!!

• https://awesome-docker.netlify.com/

Container Networking

• Calico-Docker - Calico is a pure layer 3 virtual network that allows containers over multiple docker-hosts to talk to each other.
• Flannel - Flannel is a virtual network that gives a subnet to each host for use with container runtimes. By [@coreos][coreos]
• netshoot - The netshoot container has a powerful set of networking tools to help troubleshoot Docker networking issues by @nicolaka
• [Weave][weave] (The Docker network) - Weave creates a virtual network that connects Docker containers deployed across multiple hosts.

Container Orchestration

• athena - An automation platform with a plugin architecture that allows you to easily create and share services.
• CloudSlang - CloudSlang is a workflow engine to create Docker process automation
• clusterdock - Docker container orchestration to enable the testing of long-running cluster deployments
• ContainerShip A simple container management platform
• Crane - Control plane based on docker built-in swarm @Dataman-Cloud
• Docker Flow Swarm Listener - Docker Flow Swarm Listener project is to listen to Docker Swarm events and send requests when a change occurs. By [@vfarcic][vfarcic]
• Haven - Haven is a simplified container management platform that integrates container, application, cluster, image, and registry managements. By @codeabovelab
• Helios - A simple platform for deploying and managing containers across an entire fleet of servers by @spotify
• Kontena - Application Containers for Masses website
• Kubernetes - Open source orchestration system for Docker containers by Google
• ManageIQ - Discover, optimize and control your hybrid IT. By ManageIQ
• Mantl - Mantl is a modern platform for rapidly deploying globally distributed services
• Marathon - Marathon is a private PaaS built on Mesos. It automatically handles hardware or software failures and ensures that an app is "always on"
• Mesos - Resource/Job scheduler for containers, VM's and physical hosts @apache
• Mesosphere DC/OS - Integrated platform for data and containers built on Apache Mesos by @mesosphere
• Nebula - A Docker orchestration tool designed to manage massive scale distributed clusters.
• Nomad - Easily deploy applications at any scale. A Distributed, Highly Available, Datacenter-Aware Scheduler by [@hashicorp][hashicorp]
• Rancher - An open source project that provides a complete platform for operating Docker in production by [@rancher][rancher].
• Swarmpit - Lightweight Docker Swarm orchestration. Swarmpit provides clean way to manage your Docker Swarm cluster with various handful features such Service management, smart search, shared access and private registries.

Container Reverse Proxy

• docker-flow-proxy - Reconfigures proxy every time a new service is deployed, or when a service is scaled. By [@vfarcic][vfarcic]
• fabio - A fast, modern, zero-conf load balancing HTTP(S) router for deploying microservices managed by consul. By @magiconair (Frank Schroeder)
• Let's Encrypt Nginx-proxy Companion - A lightweight companion container for the nginx-proxy. It allow the creation/renewal of Let's Encrypt certificates automatically. By @JrCs
• muguet - DNS Server & Reverse proxy for Docker environments. By @mattallty
• [nginx-proxy][nginxproxy] - Automated nginx proxy for Docker containers using docker-gen by [@jwilder][jwilder]
• Swarm Ingress Router - Route DNS names to Swarm services based on labels. By @tpbowden
• Swarm Router - A «zero config» service name based router for docker swarm mode with a fresh and more secure approach. By @flavioaiello
• Træfɪk - Automated reverse proxy and load-balancer for Docker, Mesos, Consul, Etcd... By @EmileVauge

Container Security

• Anchor Cloud- Hosted version of Anchor Engine by [@Anchor][anchore]
• Anchor Engine - Analyze images for CVE vulnerabilities and against custom security policies by [@Anchor][anchore]
• Aqua Security- Securing container-based applications from Dev to Production on any platform
• bane - AppArmor profile generator for Docker containers by [@genuinetools][genuinetools]
• CIS Docker Benchmark - This [InSpec][inspec] compliance profile implement the CIS Docker 1.12.0 Benchmark in an automated way to provide security best-practice tests around Docker daemon and containers in a production environment. By @dev-sec
• Clair - Clair is an open source project for the static analysis of vulnerabilities in appc and docker containers. By [@coreos][CoreOS]
• Dagda - Dagda is a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities. By @eliasgranderubio
• docker-bench-security - script that checks for dozens of common best-practices around deploying Docker containers in production. By [@docker][docker]
• notary - a server and a client for running and interacting with trusted collections. By @TUF
• oscap-docker - OpenSCAP provides oscap-docker tool which is used to scan Docker containers and images. By RedHat
• Sysdig Falco - Sysdig Falco is an open source container security monitor. It can monitor application, container, host, and network activity and alert on unauthorized activity.
• Sysdig Secure - Sysdig Secure addresses run-time security through behavioral monitoring and defense, and provides deep forensics based on open source Sysdig for incident response.
• Twistlock - Twistlock Security Suite detects vulnerabilities, hardens container images, and enforces security policies across the lifecycle of applications.