Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Move README to Vulsdoc https://vuls.io (#586)

Browse Source
This commit is contained in:
Kota Kanbe
2018-01-17 18:03:37 +09:00
committed by GitHub
parent 4ccbee705b
commit a0e0ee6c1e
7 changed files with 16 additions and 4434 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1984
README.ja.md
View File

File diff suppressed because it is too large Load Diff

1854
README.md
View File

File diff suppressed because it is too large Load Diff

226
setup/docker/README.md
View File

@@ -1,225 +1,5 @@
# Vuls Docker components
This is the Git repo of the official Docker image for vuls.
# Supported tags and respective `Dockerfile` links
- go-cve-dictionary
- [`latest` (*go-cve-dictionary:latest Dockerfile*)]()
- goval-dictionary
- [`latest` (*goval-dictionary:latest Dockerfile*)]()
- vuls
- [`latest` (*vuls:latest Dockerfile*)]()
- vulsrepo
- [`latest` (*vulsrepo:latest Dockerfile*)]()
This image version is same as the github repository version.
# Caution
This image is built per commit.
If you want to use the latest docker image, you should remove the existing image, and pull it once again.
1. Confirm your vuls version
- go-cve-dictionary
```console
$ docker run --rm vuls/go-cve-dictionary -v
go-cve-dictionary v0.0.xxx xxxx
```
- goval-dictionary
```console
$ docker run --rm vuls/goval-dictionary -v
goval-dictionary v0.0.xxx xxxx
```
- vuls
```console
$ docker run --rm vuls/vuls -v
vuls v0.0.xxx xxxx
```
2. Remove your old docker images
- go-cve-dictionary
```
$ docker rmi vuls/go-cve-dictionary
```
- goval-dictionary
```
$ docker rmi vuls/goval-dictionary
```
- vuls
```
$ docker rmi vuls/vuls
```
3. Pull new vuls docker images
- go-cve-dictionary
```
$ docker pull vuls/go-cve-dictionary
```
- goval-dictionary
```
$ docker pull vuls/goval-dictionary
```
- vuls
```
$ docker pull vuls/vuls
```
4. Confirm your vuls version
```console
$ docker run --rm vuls/go-cve-dictionary -v
go-cve-dictionary v0.1.xxx xxxx
```
```console
$ docker run --rm vuls/goval-dictionary -v
goval-dictionary v0.1.xxx xxxx
```
- vuls
```console
$ docker run --rm vuls/vuls -v
vuls v0.1.xxx xxxx
```
# How to use this image
1. fetch nvd (vuls/go-cve-dictionary)
1. fetch oval (vuls/goval-dictionary)
1. configuration (vuls/vuls)
1. configtest (vuls/vuls)
1. scan (vuls/vuls)
1. vulsrepo (vuls/vulsrepo)
## Step1. Fetch NVD
```console
$ for i in `seq 2002 $(date +"%Y")`; do \
docker run --rm -it \
-v $PWD:/vuls \
-v $PWD/go-cve-dictionary-log:/var/log/vuls \
vuls/go-cve-dictionary fetchnvd -years $i; \
done
```
- To fetch JVN(Japanese), See [README](https://github.com/kotakanbe/go-cve-dictionary#usage-fetch-jvn-data)
## Step2. Fetch OVAL (e.g. redhat)
```console
$ docker run --rm -it \
-v $PWD:/vuls \
-v $PWD/goval-dictionary-log:/var/log/vuls \
vuls/goval-dictionary fetch-redhat 5 6 7
```
- To fetch other OVAL, See [README](https://github.com/kotakanbe/goval-dictionary#usage-fetch-oval-data-from-redhat)
## Step2. Configuration
Create config.toml referring to [this](https://github.com/future-architect/vuls#configuration).
```toml
[servers]
[servers.amazon]
host = "54.249.93.16"
port = "22"
user = "vuls-user"
keyPath = "/root/.ssh/id_rsa" # path to ssh private key in docker
```
## Step3. Configtest
```console
$ docker run --rm -it\
-v ~/.ssh:/root/.ssh:ro \
-v $PWD:/vuls \
-v $PWD/vuls-log:/var/log/vuls \
vuls/vuls configtest \
-config=./config.toml # path to config.toml in docker
```
## Step4. Scan
```console
$ docker run --rm -it \
-v ~/.ssh:/root/.ssh:ro \
-v $PWD:/vuls \
-v $PWD/vuls-log:/var/log/vuls \
-v /etc/localtime:/etc/localtime:ro \
-e "TZ=Asia/Tokyo" \
vuls/vuls scan \
-config=./config.toml # path to config.toml in docker
```
## Step5. Report
```console
$ docker run --rm -it \
-v ~/.ssh:/root/.ssh:ro \
-v $PWD:/vuls \
-v $PWD/vuls-log:/var/log/vuls \
-v /etc/localtime:/etc/localtime:ro \
vuls/vuls report \
-cvedb-path=/vuls/cve.sqlite3 \
-ovaldb-path=/vuls/oval.sqlite3 \
-format-short-text \
-config=./config.toml # path to config.toml in docker
```
## Step6. vulsrepo
```console
$docker run -dt \
-v $PWD:/vuls \
-p 5111:5111 \
vuls/vulsrepo
```
# User Feedback
## Documentation
Documentation for this image is stored in the [`docker/` directory]() of the [`future-architect/vuls` GitHub repo](https://github.com/future-architect/vuls).
## Issues
If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/future-architect/vuls/issues).
## Contributing
1. fork a repository: github.com/future-architect/vuls to github.com/you/repo
1. get original code: go get github.com/future-architect/vuls
1. work on original code
1. add remote to your repo: git remote add myfork https://github.com/you/repo.git
1. push your changes: git push myfork
1. create a new Pull Request
See Vulsdoc
- [Install with Docker](https://vuls.io/docs/en/install-with-docker.html)
- [Scan using Docker](https://vuls.io/docs/en/tutorial-docker.html)

89
setup/docker/go-cve-dictionary/latest/README.md
View File

@@ -1,89 +0,0 @@
# go-cve-dictionary-Docker
This is the Git repo of the official Docker image for go-cve-dictionary.
See the [Hub page](https://hub.docker.com/r/vuls/go-cve-dictionary/) for the full readme on how to use the Docker image and for information regarding contributing and issues.
# Supported tags and respective `Dockerfile` links
- [`latest` (*go-cve-dictionary:latest Dockerfile*)](https://github.com/future-architect/vuls/blob/master/setup/docker/go-cve-dictionary/latest/Dockerfile)
# Caution
This image is built per commit.
If you want to use the latest docker image, you should remove the existing image, and pull it once again.
- Remove old docker image
```
$ docker rmi vuls/go-cve-dictionary
```
- Pull new docker image
```
$ docker pull vuls/go-cve-dictionary
```
# What is go-cve-dictionary?
This is tool to build a local copy of the NVD (National Vulnerabilities Database) [1] and the Japanese JVN [2], which contain security vulnerabilities according to their CVE identifiers [3] including exhaustive information and a risk score. The local copy is generated in sqlite format, and the tool has a server mode for easy querying.
[1] https://en.wikipedia.org/wiki/National_Vulnerability_Database
[2] https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures
[3] http://jvndb.jvn.jp/apis/termsofuse.html
# How to use this image
## check vuls version
```
$ docker run --rm vuls/go-cve-dictionary -v
```
## fetchnvd
```console
$ for i in `seq 2002 $(date +"%Y")`; do \
docker run --rm -it \
-v $PWD:/vuls \
-v $PWD/go-cve-dictionary-log:/var/log/vuls \
vuls/go-cve-dictionary fetchnvd -years $i; \
done
```
## server
```console
$ docker run -dt \
--name go-cve-dictionary \
-v $PWD:/vuls \
-v $PWD/go-cve-dictionary-log:/var/log/vuls \
--expose 1323 \
-p 1323:1323 \
vuls/go-cve-dictionary server --bind=0.0.0.0
```
Prease refer to [this](https://hub.docker.com/r/vuls/go-cve-dictionary).
## vuls
Please refer to [this](https://hub.docker.com/r/vuls/vuls/).
# User Feedback
## Documentation
Documentation for this image is stored in the [`docker/` directory](https://github.com/future-architect/vuls/tree/master/setup/docker) of the [`future-architect/vuls` GitHub repo](https://github.com/future-architect/vuls).
## Issues
If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/future-architect/vuls/issues).
## Contributing
1. fork a repository: github.com/future-architect/vuls to github.com/you/repo
1. get original code: go get github.com/future-architect/vuls
1. work on original code
1. add remote to your repo: git remote add myfork https://github.com/you/repo.git
1. push your changes: git push myfork
1. create a new Pull Request

125
setup/docker/goval-dictionary/latest/README.md
View File

@@ -1,125 +0,0 @@
# goval-dictionary-Docker
This is the Git repo of the official Docker image for goval-dictionary.
See the [Hub page](https://hub.docker.com/r/vuls/goval-dictionary/) for the full readme on how to use the Docker image and for information regarding contributing and issues.
# Supported tags and respective `Dockerfile` links
- [`latest` (*goval-dictionary:latest Dockerfile*)](https://github.com/future-architect/vuls/blob/master/setup/docker/goval-dictionary/latest/Dockerfile)
# Caution
This image is built per commit.
If you want to use the latest docker image, you should remove the existing image, and pull it once again.
- Remove old docker image
```
$ docker rmi vuls/goval-dictionary
```
- Pull new docker image
```
$ docker pull vuls/goval-dictionary
```
# What is goval-dictionary?
This is tool to build a local copy of the OVAL. The local copy is generated in sqlite format, and the tool has a server mode for easy querying.
# How to use this image
## check vuls version
```
$ docker run --rm vuls/goval-dictionary -v
```
## fetch-redhat
```console
$ for i in `seq 5 7`; do \
docker run --rm -it \
-v $PWD:/vuls \
-v $PWD/goval-dictionary-log:/var/log/vuls \
vuls/goval-dictionary fetch-redhat $i; \
done
```
## fetch-debian
```console
$ for i in `seq 7 10`; do \
docker run --rm -it \
-v $PWD:/vuls \
-v $PWD/goval-dictionary-log:/var/log/vuls \
vuls/goval-dictionary fetch-debian $i; \
done
```
## fetch-ubuntu
```console
$ for i in `seq 12 2 16`; do \
docker run --rm -it \
-v $PWD:/vuls \
-v $PWD/goval-dictionary-log:/var/log/vuls \
vuls/goval-dictionary fetch-ubuntu $i; \
done
```
## fetch-suse
```console
$ docker run --rm -it \
-v $PWD:/vuls \
-v $PWD/goval-dictionary-log:/var/log/vuls \
vuls/goval-dictionary fetch-suse -opensuse 13.2
```
## fetch-oracle
```console
$ docker run --rm -it \
-v $PWD:/vuls \
-v $PWD/goval-dictionary-log:/var/log/vuls \
vuls/goval-dictionary fetch-oracle
```
## server
```console
$ docker run -dt \
--name goval-dictionary \
-v $PWD:/vuls \
-v $PWD/goval-dictionary-log:/var/log/vuls \
--expose 1324 \
-p 1324:1324 \
vuls/goval-dictionary server --bind=0.0.0.0
```
Prease refer to [this](https://hub.docker.com/r/vuls/goval-dictionary).
## vuls
Please refer to [this](https://hub.docker.com/r/vuls/vuls/).
# User Feedback
## Documentation
Documentation for this image is stored in the [`docker/` directory](https://github.com/future-architect/vuls/tree/master/setup/docker) of the [`future-architect/vuls` GitHub repo](https://github.com/future-architect/vuls).
## Issues
If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/future-architect/vuls/issues).
## Contributing
1. fork a repository: github.com/future-architect/vuls to github.com/you/repo
1. get original code: go get github.com/future-architect/vuls
1. work on original code
1. add remote to your repo: git remote add myfork https://github.com/you/repo.git
1. push your changes: git push myfork
1. create a new Pull Request

125
setup/docker/vuls/latest/README.md
View File

@@ -1,125 +0,0 @@
# Vuls-Docker
This is the Git repo of the official Docker image for vuls.
See the [Hub page](https://hub.docker.com/r/vuls/vuls/) for the full readme on how to use the Docker image and for information regarding contributing and issues.
# Supported tags and respective `Dockerfile` links
- [`latest` (*vuls:latest Dockerfile*)](https://github.com/future-architect/vuls/blob/master/setup/docker/vuls/latest/Dockerfile)
# Caution
This image is built per commit.
If you want to use the latest docker image, you should remove the existing image, and pull it once again.
- Remove old docker image
```
$ docker rmi vuls/vuls
```
- Pull new docker image
```
$ docker pull vuls/vuls
```
# What is Vuls?
Vuls is the Vulnerability scanner for Linux/FreeBSD, agentless, written in golang.
Please see the [Documentation](https://github.com/future-architect/vuls)
![logo](https://github.com/future-architect/vuls/blob/master/img/vuls_logo.png?raw=true)
# How to use this image
## check vuls version
```
$ docker run --rm vuls/vuls -v
```
## config
Create config.toml referring to [this](https://github.com/future-architect/vuls#configuration).
```toml
[servers]
[servers.amazon]
host = "54.249.93.16"
port = "22"
user = "vuls-user"
keyPath = "/root/.ssh/id_rsa" # path to ssh private key in docker
```
## configtest
```console
$ docker run --rm -it \
-v ~/.ssh:/root/.ssh:ro \
-v $PWD:/vuls \
-v $PWD/vuls-log:/var/log/vuls \
vuls/vuls configtest \
-config=./config.toml # path to config.toml in docker
```
## scan
```console
$ docker run --rm -it \
-v ~/.ssh:/root/.ssh:ro \
-v $PWD:/vuls \
-v $PWD/vuls-log:/var/log/vuls \
-v /etc/localtime:/etc/localtime:ro \
vuls/vuls scan \
-config=./config.toml # path to config.toml in docker
```
## Report
```console
$ docker run --rm -it \
-v ~/.ssh:/root/.ssh:ro \
-v $PWD:/vuls \
-v $PWD/vuls-log:/var/log/vuls \
-v /etc/localtime:/etc/localtime:ro \
vuls/vuls report \
-cvedb-path=/vuls/cve.sqlite3 \
-format-short-text \
-config=./config.toml # path to config.toml in docker
```
## tui
```console
$ docker run --rm -it \
-v $PWD:/vuls \
-v $PWD/vuls-log:/var/log/vuls \
vuls/vuls tui \
-cvedb-path=/vuls/cve.sqlite3
```
## vulsrepo
Prease refer to [this](https://hub.docker.com/r/vuls/vulsrepo/).
# User Feedback
## Documentation
Documentation for this image is stored in the [`docker/` directory](https://github.com/future-architect/vuls/tree/master/setup/docker) of the [`future-architect/vuls` GitHub repo](https://github.com/future-architect/vuls).
## Issues
If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/future-architect/vuls/issues).
## Contributing
1. fork a repository: github.com/future-architect/vuls to github.com/you/repo
1. get original code: go get github.com/future-architect/vuls
1. work on original code
1. add remote to your repo: git remote add myfork https://github.com/you/repo.git
1. push your changes: git push myfork
1. create a new Pull Request

47
setup/docker/vulsrepo/latest/README.md
View File

@@ -1,47 +0,0 @@
# VulsRepo-Docker
This is the Git repo of the official Docker image for vulsrepo.
See the [Hub page](https://hub.docker.com/r/vuls/vulsrepo/) for the full readme on how to use the Docker image and for information regarding contributing and issues.
# Supported tags and respective `Dockerfile` links
- [`latest` (*vulsrepo:latest Dockerfile*)](https://github.com/future-architect/vuls/blob/master/setup/docker/vulsrepo/latest/Dockerfile)
# Caution
This image is built per commit.
If you want to use the latest docker image, you should remove the existing image, and pull it once again.
# What is vulsrepo?
VulsRepo is visualized based on the json report output in [vuls](https://github.com/future-architect/vuls).
# How to use this image
## vulsrepo
```console
$docker run -dt \
-v $PWD:/vuls \
-p 5111:5111 \
vuls/vulsrepo
```
# User Feedback
## Documentation
Documentation for this image is stored in the [`docker/` directory](https://github.com/future-architect/vuls/tree/master/setup/docker) of the [`future-architect/vuls` GitHub repo](https://github.com/future-architect/vuls).
## Issues
If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/future-architect/vuls/issues).
## Contributing
1. fork a repository: github.com/future-architect/vuls to github.com/you/repo
1. get original code: go get github.com/future-architect/vuls
1. work on original code
1. add remote to your repo: git remote add myfork https://github.com/you/repo.git
1. push your changes: git push myfork
1. create a new Pull Request