GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Keramas → Blowhole

Keramas / Blowhole

Licence: other
Docker auditing and enumeration script.

Programming Languages

python
139335 projects - #7 most used programming language

Labels

dockerauditingsecurity-auditenumeration

Projects that are alternatives of or similar to Blowhole

Horn3t
Powerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (+471.43%)
Mutual labels:  security-audit, enumeration
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+766.67%)
Mutual labels:  security-audit, enumeration
Nosqlmap
Automated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+9080.95%)
Mutual labels:  security-audit, enumeration
Enum4linux Ng
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Stars: ✭ 349 (+1561.9%)
Mutual labels:  security-audit, enumeration
Gscan
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
Stars: ✭ 1,177 (+5504.76%)
Mutual labels:  auditing, security-audit
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+8585.71%)
Mutual labels:  security-audit, enumeration
Dirsearch
A Go implementation of dirsearch.
Stars: ✭ 164 (+680.95%)
Mutual labels:  security-audit, enumeration
ad-privileged-audit
Provides various Windows Server Active Directory (AD) security-focused reports.
Stars: ✭ 42 (+100%)
Mutual labels:  auditing, security-audit
Lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+43409.52%)
Mutual labels:  auditing, security-audit
Otseca
Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (+1880.95%)
Mutual labels:  auditing, security-audit
Dirstalk
Modern alternative to dirbuster/dirb
Stars: ✭ 210 (+900%)
Mutual labels:  auditing, enumeration
Wordpress Scanner
Wordpress Vulnerability Scanner
Stars: ✭ 137 (+552.38%)
Mutual labels:  auditing, security-audit
Filewatcher
A simple auditing utility for macOS
Stars: ✭ 233 (+1009.52%)
Mutual labels:  auditing, security-audit
burp-aem-scanner
Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.
Stars: ✭ 60 (+185.71%)
Mutual labels:  security-audit
Cheat-Sheet---Active-Directory
This cheat sheet contains common enumeration and attack methods for Windows Active Directory with the use of powershell.
Stars: ✭ 154 (+633.33%)
Mutual labels:  enumeration
Chat-Bot-Security-Checklist
Chat Bot Security Checklist
Stars: ✭ 20 (-4.76%)
Mutual labels:  security-audit
enum-php
Enumeration implementation for PHP
Stars: ✭ 45 (+114.29%)
Mutual labels:  enumeration
Prox5
🧮 SOCKS5/4/4a 🌾 validating proxy pool and upstream SOCKS5 server for 🤽 LOLXDsoRANDum connections 🎋
Stars: ✭ 39 (+85.71%)
Mutual labels:  enumeration
audit
A common audit framework for java application
Stars: ✭ 28 (+33.33%)
Mutual labels:  auditing
dep-scan
Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (+1547.62%)
Mutual labels:  security-audit
View All Similar Projects ➔

Blowhole

Blowhole is a Python-based script that enumerates Docker container configurations and calls Dockerized auditing tools (Batten and Docker Security Benchmark) to investigate Docker configurations and settings on the host machine.

Usage

python blowhole.py -h
usage: blowhole.py [-h] [-i] [-a] -o OUTDIR

Blowhole

optional arguments:
  -h, --help            show this help message and exit
  -i, --invasive        Invasive mode - Runs enumeration scripts in containers
  -a, --audit           Extended auditing - Runs Dockerized auditing scripts
  -o OUTDIR, --outdir OUTDIR
                        Output directory for data results

One shot script for Docker auditing and enumeration.

Script_Image

Invasive mode (-i)

Invasive mode adds files and executes scripts from within each running container. Currently only loads and runs the LinEnum script and outputs the results to the specified output directory. If the host machine has internet connectivity, LinEnum can be downloaded when prompted by the script. If no internet connectivity, it's recommended to transfer the script onto the host along with Blowhole.

Audit mode (-a):

Performs a comprehensive audit of the Docker environment using two Dockerized auditing tools:

Only warning and failed check items will be output to the terminal; however, the complete output of the results with details on each item are saved to the specified output directory.

Docker Resources for Analyzing (And Exploiting) Results

  • Docker Components Explained: A great, short read about how Docker works by breaking it down component by component.

  • SANS - A Checklist for Audit of Docker Containers: Brief paper that contains good explanations about various Docker security points with accompanying checklists.

  • Docker Security Cheat Sheet: Run down of several larger security checks to perform when assessing containers.

  • OWASP Docker Security: Amazing repository that illustrates ten of the most important security points for container environments. Includes threat scenarios, ways to validate, and possible avenues for remediation.

  • Capabilities: Good man-page reference for auditing capabilities granted to containers.

  • Articles on exploiting Docker containers:

https://www.cyberark.com/threat-research-blog/how-i-hacked-play-with-docker-and-remotely-ran-code-on-the-host/ https://www.cyberark.com/threat-research-blog/the-route-to-root-container-escape-using-kernel-exploitation/ https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/ https://blog.dragonsector.pl/2019/02/cve-2019-5736-escape-from-docker-and.html https://github.com/Frichetten/CVE-2019-5736-PoC

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].