【红队】Aboutveinmind-tools 容器安全工具集

工具  功能veinmind-runner  扫描工具运行宿主veinmind-malicious  扫描容器/镜像中的恶意文件veinmind-weakpass  扫描容器/镜像中的弱口令veinmind-log4j2  扫描容器/镜像中的log4j2漏洞veinmind-minio  扫描容器/镜像中的minio漏洞veinmind-sensitive  扫描镜像中的敏感信息veinmind-backdoor  扫描镜像中的后门veinmind-history  扫描镜像中的异常历史命令veinmind-vuln  扫描容器/镜像中的资产信息和漏洞veinmind-webshell  扫描镜像中的 Webshellveinmind-unsafe-mount  扫描容器中的不安全挂载目录veinmind-iac  扫描IaC文件veinmind-escape  扫描容器/镜像中的逃逸风险veinmind-privilege-escalation  扫描容器/镜像中的提权风险

└─# ./run.sh scan                                   Scan cloud native objects security, include image/container/iac
Usage:  veinmind-runner scan [command]
Available Commands:  container   Scan container  iac         Scan iac  image       Scan image
Flags:      --enable-analyze        auto use openai analyze result      --format string         output format: html/json/cli (default "cli")  -h, --help                  help for scan      --insecure-skip         skip tls config      --openai-token string   auto openai analyze openai_key  -p, --prefix string         training openai limit sentence  -v, --verbose               output verbose detail
Global Flags:  -e, --exit-code int   exit-code when veinmind-runner find security issues  -g, --glob string     specifies the pattern of plugin file to find  -o, --output string   output filepath of report      --threads int     threads for scan action (default 5)
Use "veinmind-runner scan [command] --help" for more information about a command.