go-pillage-registries Logo

go-pillage-registries

0
Free
Visit Website

This project takes a Docker registry and pillages the manifest and configuration for each image in its catalog. It uses Google's crane command's package, which should follow docker's keychain semantics. If you would like to override this, just change authn.DefaultKeychain as described in the https://github.com/google/go-containerregistry/tree/master/pkg/authn/k8schain Install: ```git clone https://github.com/nccgroup/go-pillage-registries.git cd go-pillage-registries go install ./...``` Usage: ```$ pilreg Usage: pilreg <registry> [flags] Flags: -c, --cache string Path to cache image layers (optional, only used if images are pulled) -h, --help help for pilreg -i, --insecure Fetch Data over plaintext -r, --repos strings list of repositories to scan on the registry. If blank, pilreg will attempt to enumerate them using the catalog API -o, --results string Path to directory for storing results. If blank, outputs configs and manifests as json object to Stdout.(must be used if 'store-images` is enabled) -k, --skip-tls Disables TLS certificate verification -s, --store-images Downloads filesystem for discovered images and stores an archive in the output directory (Disabled by default)

FEATURES

ALTERNATIVES

AWS Scout2 is a security tool for AWS administrators to assess their environment's security posture.

Ice provides a birds-eye view of cloud resources and usage patterns in AWS.

A tool to identify publicly accessible S3 objects

Automate AWS security checks and centralize security alerts.

A cloud-native security platform that provides asset inventory, vulnerability management, compliance monitoring, and security posture management across multiple cloud providers.

Commercial

Multi-account cloud security tool for AWS with real-time reporting and auto-remediation capabilities.

Comprehensive cybersecurity tool for Microsoft Azure providing CSPM & CWPP capabilities.

Nuvola is a tool for security analysis on AWS environments with a focus on creating a digital twin of cloud platforms.