oscap-docker is a container compliance and vulnerability assessment tool that integrates OpenSCAP scanning capabilities with Docker container environments. The tool provides functionality to assess both running containers and static container images for security vulnerabilities and compliance violations. It automatically detects the operating system variant and version of Docker images, downloads the appropriate CVE streams, and performs comprehensive vulnerability scans. Key capabilities include: - Vulnerability scanning of Docker images using OpenSCAP framework - Compliance auditing of container environments - Assessment of both active containers and cold images - Automatic OS detection and CVE stream matching - Integration with chroot environments for mounted Docker images - Support for custom OpenSCAP command execution within container contexts The tool operates by attaching to Docker images, mounting them in isolated environments, and running OpenSCAP security scanning procedures to identify potential vulnerabilities and compliance gaps in containerized applications.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A Ruby script that scans networks for vulnerable third-party web applications and front-ends with known exploitable security flaws.
Automate OSINT for threat intelligence and attack surface mapping with SpiderFoot.
A search engine for the Internet of Things (IoT) that provides real-time information about connected devices.
Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.
A fully customizable, offensive security reporting solution for pentesters, red teamers, and other security professionals.
All-in-one vulnerability intelligence platform for prioritizing remediation efforts and driving security strategies.
LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.