Skip to content

Commit 739b782

Browse files
RelkciRelkci
authored
Merge pull request #2 from DefensiveOrigins/main
readme updates
2 parents 95acf2e + da81e19 commit 739b782

File tree

1 file changed

+23
-11
lines changed

1 file changed

+23
-11
lines changed

README.MD

Lines changed: 23 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -6,52 +6,64 @@ They are designed for security assessments and administrative auditing, providin
66
**Warning**: Exposing the Docker Engine API without TLS or authentication is a serious security risk.
77
Use these scripts only against environments you are authorized to assess.
88

9+
## Install
10+
From pip:
11+
```bash
12+
pip install docker-enumsensitive
13+
```
14+
From github:
15+
```bash
16+
git clone https://github.com/DefensiveOrigins/DockerEngineAPI-EnumSensitive.git
17+
```
918
---
1019

20+
21+
1122
## Scripts
1223

13-
### EnumEnvVars.py`
24+
### docker-enum-envvars / EnumEnvVars.py`
1425
Enumerates running and stopped containers, extracts their **environment variables**, and prints them to the console.
1526
Can also save the results in structured JSON.
1627

17-
### EnumSecrets.py
28+
### docker-enum-secrets / EnumSecrets.py
1829
Enumerates Secrets from Docker Swarm mode, attempting to read their values if specified. Can also save the results in structured JSON.
1930

20-
### EnumImages.py
31+
### docker-enum-images / EnumImages.py
2132
Inspects the contents of images for sensitive information such as tokens, keys, etc.
2233

2334

2435
### Usage
2536

26-
##### Environment Variables Enumeration
37+
##### Environment Variables Enumeration
2738

2839
```bash
2940
# Local Docker API (default: http://localhost:2375)
3041
python EnumEnvVars.py
42+
docker-enum-envvars
3143

3244
# Remote engine and save to file
3345
python EnumEnvVars.py --url http://docker-host:2375 --out results.json
46+
docker-enum-envvars --url http://docker-host:2375 --out results.json
47+
3448

3549
# Include full /info JSON
3650
python EnumEnvVars.py --show-info-json
51+
docker-enum-envvars --show-info-json
3752
```
3853

39-
##### Secrets Enumeration
54+
##### Secrets Enumeration
4055

4156
```bash
4257

4358
# Local secrets enumeration
4459
python EnumSecrets.py
60+
docker-enum-secrets
4561

4662
# Remote engine, attempt values, save to file
4763
python EnumSecrets.py --url http://docker-host:2375 --attempt-values --out secrets.json
64+
docker-enum-secrets --url http://docker-host:2375 --attempt-values --out secrets.json
4865

4966
# Include full /info JSON
5067
python EnumSecrets.py --show-info-json
68+
docker-enum-secrets --show-info-json
5169
```
52-
53-
#### Installation
54-
55-
```bash
56-
pip install requests alive-progress
57-
```

0 commit comments

Comments
 (0)