DockerENT is activE ruNtime application security scanning Tool (RAST tool) and framework which is pluggable and written in python. It comes with a CLI application and clean Web Interface written with StreamLit.

DockerENT has been designed keeping in mind that during deployments there weak configurations which may get sticky in production deployments as well and can lead to severe consequences. This application connects with running containers in the system and fetches the list of weak and vulnerable runtime configurations and generates a report. If invoked through CLI it can create JSON and HTML report. If invoked through web interface, it can display the scan and audit report in the UI itself.

How you can use and run it?

In hurry to test this? Download the latest stable REL from PyPi and run the Web App, everything else is intuitive.

pip install DockerENT

Then run the application like:

DockerENT -w

Thats it.

Rohit Sehgal
Rohit Sehgal
Travel, Code, Help and Excel

My research interests include Web Application security, Linux System security, Development and DevSecOps. And yes, I love nature, and nature photography.

comments powered by Disqus