veinmind-tools v2.1.5 releases: container security toolset
veinmind-tools
veinmind-tools is self-developed by chaitin technology, a container security toolset based on veinmind-sdk.
Toolset
veinmind-runner
veinmind-runner it’s a container security host developed by Chaitin Technology.
With the background of rich R&D experience, the chaitin team designed a plug-in system in veinmind-sdk. With the support of this plugin system, you only need to call the API provided by veinmind-sdk to automatically generate plugins that conform to standard specifications. (For specific code examples, see example) As a plugin platform, veinmind-runner will automatically scan the plugins that conform to the specification, and pass the image information that needs to be scanned to the corresponding plugins.
Feature
- Automatically scan and register plugins in the current directory (including subdirectories)
- Unified operation of plug-ins implemented in different languages
- Plugins can communicate with runner, such as reporting events for alarming, etc.
veinmind-malicious
veinmind-malicious is a malicious file scanning tool for images developed by Chaitin Technology
Features
- Quickly scan images for malicious files(ClamAV and VirusTotal have been supported )
- Support container runtime such as docker / containerd
- Support different output types like JSON / CSV / HTML
veinmind-weakpass
veinmind-weakpass is a weak password scanning tool for images developed by Chaitin Technology
Features
- Quickly scan the weak password in the image
- Support weak password macro definition
- Support concurrent scanning for weak passwords
- Support custom username and dictionary
- Support container runtime containerd and dockerd
veinmind-sensitive
veinmind-sensitive is an image sensitive information scanning tool developed by Chaitin Technology
Features
- Quickly scan images for sensitive information
- Support custom sensitive information scanning rules
- Support container runtime containerd and dockerd
veinmind-backdoor
veinmind-backdoor is a backdoor scanning tool for image developed by Chaitin Technology
Features
-
Quickly scan backdoors in the image
plugin function crontab scan crontab config for backdoors bashrc scan bash startup scripts for backdoors sshd scan for sshd softlink backdoors service scan for malicious system services tcpwrapper scan for tcpwrapper backdoors -
Supports writing backdoor detection scripts in plugin mode
-
Support containerd/dockerd image backdoor scanning
veinmind-history
veinmind-history is an image anomaly history command scanning tool developed by Chaitin Technology
Features
- Quickly scan the image for abnormal history commands
- Support custom historical command detection rules
- Support two container runtime containerd and dockerd
veinmind-asset
veinmind-asset is mainly used to scan the internal asset information of images and containers
Features
- Scan image OS information
- Scan the packages information installed in the image
- Scan the libraries installed by the application in the image
Cloud-native infrastructure compatibility
| Name | Type | Compatibility |
|---|---|---|
| Jenkins | CI/CD | ✔️ |
| Gitlab CI | CI/CD | ✔️ |
| Github Action | CI/CD | ✔️ |
| DockerHub | Registry | ✔️ |
| Docker Registry | Registry | ✔️ |
| Harbor | Registry | ✔️ |
| Docker | Runtime | ✔️ |
| Containerd | Runtime | ✔️ |
Changelog v2.1.5
🔥 Feature
- feat(veinmind-trace): add veinmind-trace plugin for detecting attack trace in container by @DVKunion in #253
- feat(veinmind-backdoor): refactor backdoor go plugin by @ek1ng in #252
- feat(veinmind-backdoor): add rootkit scan by @l2yyd5 in #256
📒 Others
- chore(veinmind-backdoor): disabled python plugin and instead of go plugin by @DVKunion in #257
- chore(libveinmind): update libveinmind 1.9.42 by @DVKunion in #258
Install & Use
Copyright (c) 2022 Chaitin Tech
