nccgroup / Whalescan
Licence: apache-2.0
Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container
Stars: ✭ 81
Programming Languages
python
139335 projects - #7 most used programming language
Labels
Projects that are alternatives of or similar to Whalescan
Recommendations for engineers
All of my recommendations for aspiring engineers in a single place, coming from various areas of interest.
Stars: ✭ 39 (-51.85%)
Mutual labels: cybersecurity
Robust Adv Malware Detection
Code repository for the paper "Adversarial Deep Learning for Robust Detection of Binary Encoded Malware"
Stars: ✭ 63 (-22.22%)
Mutual labels: cybersecurity
Awesome Cybersecurity
Curated list of awesome cybersecurity companies and solutions.
Stars: ✭ 77 (-4.94%)
Mutual labels: cybersecurity
Unified Cybersecurity Ontology
Unified Cybersecurity Ontology
Stars: ✭ 44 (-45.68%)
Mutual labels: cybersecurity
Vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+10818.52%)
Mutual labels: cybersecurity
Checkmyhttps
We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).
Stars: ✭ 35 (-56.79%)
Mutual labels: cybersecurity
Awesome Wifi Security
A collection of awesome resources related to 802.11 security, tools and other things
Stars: ✭ 79 (-2.47%)
Mutual labels: cybersecurity
Dfw1n Osint
Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers
Stars: ✭ 63 (-22.22%)
Mutual labels: cybersecurity
Rsf
The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.
Stars: ✭ 76 (-6.17%)
Mutual labels: cybersecurity
Slowloris
Asynchronous Python implementation of SlowLoris DoS attack
Stars: ✭ 51 (-37.04%)
Mutual labels: cybersecurity
Zile
Extract API keys from file or url using by magic of python and regex.
Stars: ✭ 61 (-24.69%)
Mutual labels: cybersecurity
Malware Feed
Bringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-14.81%)
Mutual labels: cybersecurity
Smersh
Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions.
Stars: ✭ 43 (-46.91%)
Mutual labels: cybersecurity
Certeagle
Weaponizing Live CT logs for automated monitoring of assets
Stars: ✭ 78 (-3.7%)
Mutual labels: cybersecurity
Node Opcua
an implementation of a OPC UA stack fully written in javascript and nodejs - http://node-opcua.github.io/
Stars: ✭ 985 (+1116.05%)
Mutual labels: cybersecurity
Blackhat Python3
Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues involving the implementation of deprecated libraries.
Stars: ✭ 1,125 (+1288.89%)
Mutual labels: cybersecurity
Content
Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats
Stars: ✭ 1,219 (+1404.94%)
Mutual labels: cybersecurity
Azure Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
Stars: ✭ 1,208 (+1391.36%)
Mutual labels: cybersecurity
Ioc Explorer
Explore Indicators of Compromise Automatically
Stars: ✭ 73 (-9.88%)
Mutual labels: cybersecurity
Whalescan
Released as open source by NCC Group Plc - https://www.nccgroup.com/
Developed by Saira Hassan (@saiii_h)
https://github.com/nccgroup/whalescan
Released under Apache license 2.0, see LICENSE for more information
Introduction
Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container. It also checks the config and Docker files for misconfigurations. This tool can be used as part of a Windows container review on local copies of the containers, and on the host itself to enhance security.
Getting Started
git clone https://github.com/saira-h/whalescan
pip install -r requirements.txt
./main.py
Overview
Whalescan performs the following checks on containers:
-
Container checks
- Checks if containers are stored under C: drive - this could raise issues if there is a DoS attack, filling up the C: drive and making the host unresponsive
- Checks if container is running as a process or hyper-v. Hyper-v isolation offers enhanced security of containers
- Checks if there are any pending updates in the containers, and if so, how to update.
-
Image checks
- Checks for unsafe commands being used in the dockerfile, for example docker ADD instead of docker COPY.
- Checks if hash verification is being performed on any files downloaded.
- Checks if any vulnerable packages are on the container, and pulls relevant CVE information
- Checks if .NET version being used is End Of Life
- Checks if Docker Engine is updated, and if not, gathers a list of CVEs for the version being used
-
Checks permissions of docker configuration files
-
Checks if additional devices have been mapped to containers
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].