go-pillage-registries Logo

go-pillage-registries

0
Free
Visit Website

This project takes a Docker registry and pillages the manifest and configuration for each image in its catalog. It uses Google's crane command's package, which should follow docker's keychain semantics. If you would like to override this, just change authn.DefaultKeychain as described in the https://github.com/google/go-containerregistry/tree/master/pkg/authn/k8schain Install: ```git clone https://github.com/nccgroup/go-pillage-registries.git cd go-pillage-registries go install ./...``` Usage: ```$ pilreg Usage: pilreg <registry> [flags] Flags: -c, --cache string Path to cache image layers (optional, only used if images are pulled) -h, --help help for pilreg -i, --insecure Fetch Data over plaintext -r, --repos strings list of repositories to scan on the registry. If blank, pilreg will attempt to enumerate them using the catalog API -o, --results string Path to directory for storing results. If blank, outputs configs and manifests as json object to Stdout.(must be used if 'store-images` is enabled) -k, --skip-tls Disables TLS certificate verification -s, --store-images Downloads filesystem for discovered images and stores an archive in the output directory (Disabled by default)

FEATURES

ALTERNATIVES

DataCop is a custom AWS framework for mitigating S3 bucket attack vectors based on customer configuration.

A cloud-native security platform that provides asset inventory, vulnerability management, compliance monitoring, and security posture management across multiple cloud providers.

Commercial

S3Scanner scans for misconfigured S3 buckets across S3-compatible APIs, identifying potential security vulnerabilities and data exposure risks.

Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.

AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.

CloudFox helps gain situational awareness in unfamiliar cloud environments for penetration testers and offensive security professionals.

A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.

A unified extended detection and response (XDR) platform that provides comprehensive visibility and protection across hybrid IT environments through integrated prevention, detection, and response capabilities.

Commercial

PINNED