Skip to content
/ compromiseAnalyser Public

compromiseAnalyser is a minimalistic library in order to check if an alpine container is compromise

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bestbug456/compromiseAnalyser

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
compromisationManager.go
compromisationManager.go
 
 
main.go
main.go
 
 
main_test.go
main_test.go
 
 

Repository files navigation

compromiseAnalyser

compromiseAnalyser is a minimalistic library in order to check if an alpine container is compromised.

The idea

While I was at CCC I seen a talk where a guy infect a container and seems no one found it for a long time. So i decided to create this minimal library which collect information about

  • Environment variables
  • List of package installs
  • List of users

After that for each one create an hash. I've also add a minimal rpc server which can provide an hash of the 3 functions. Note this library works only on alpine containers. If you want you can fork and add other os :)

About

compromiseAnalyser is a minimalistic library in order to check if an alpine container is compromise

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages