Skip to content

readme updates #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Nov 15, 2025
Merged

readme updates #2

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8bc7e52
README Updates
Relkci Nov 15, 2025
da81e19
readme
Relkci Nov 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 23 additions & 11 deletions README.MD
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,52 +6,64 @@ They are designed for security assessments and administrative auditing, providin
**Warning**: Exposing the Docker Engine API without TLS or authentication is a serious security risk.
Use these scripts only against environments you are authorized to assess.

## Install
From pip:
```bash
pip install docker-enumsensitive
```
From github:
```bash
git clone https://github.com/DefensiveOrigins/DockerEngineAPI-EnumSensitive.git
```
---



## Scripts

### EnumEnvVars.py`
### docker-enum-envvars / EnumEnvVars.py`
Enumerates running and stopped containers, extracts their **environment variables**, and prints them to the console.
Can also save the results in structured JSON.

### EnumSecrets.py
### docker-enum-secrets / EnumSecrets.py
Enumerates Secrets from Docker Swarm mode, attempting to read their values if specified. Can also save the results in structured JSON.

### EnumImages.py
### docker-enum-images / EnumImages.py
Inspects the contents of images for sensitive information such as tokens, keys, etc.


### Usage

##### Environment Variables Enumeration
##### Environment Variables Enumeration

```bash
# Local Docker API (default: http://localhost:2375)
python EnumEnvVars.py
docker-enum-envvars

# Remote engine and save to file
python EnumEnvVars.py --url http://docker-host:2375 --out results.json
docker-enum-envvars --url http://docker-host:2375 --out results.json


# Include full /info JSON
python EnumEnvVars.py --show-info-json
docker-enum-envvars --show-info-json
```

##### Secrets Enumeration
##### Secrets Enumeration

```bash

# Local secrets enumeration
python EnumSecrets.py
docker-enum-secrets

# Remote engine, attempt values, save to file
python EnumSecrets.py --url http://docker-host:2375 --attempt-values --out secrets.json
docker-enum-secrets --url http://docker-host:2375 --attempt-values --out secrets.json

# Include full /info JSON
python EnumSecrets.py --show-info-json
docker-enum-secrets --show-info-json
```

#### Installation

```bash
pip install requests alive-progress
```