/tools-image

Create a Docker image containing several security tools

Primary LanguageDockerfileGNU General Public License v3.0GPL-3.0

tools-image

This repository contains all files necessary to build a Docker image, containing several security-related tools. The tools can then easily be used in a Continuous Integration pipeline, by using this image.

Some of the tools are binaries (for example the SonarQube scanner), some are Python libraries, and some are Node packages.

The accompanying .gitlab-ci.yml file can be used to automatically test the image, using several automated security testing tools.

A prebuilt Docker image can be found on https://hub.docker.com/repository/docker/gofwd/tools-image and downloaded from docker.io using the tag gofwd/tools-image

The following tools are available:

  • ansible-lint
  • curl
  • cyclonedx-bom
  • detect-secrets
  • grype
  • nikto.pl
  • nmap
  • npm
  • pylint
  • sonar-scanner
  • ssh-audit
  • testssl.sh
  • yamllint