Skip to content
/ SBOM-Scanner Public

Docker SBOM to text and JSON, Trivy to scan for vulns

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

whatsinthisbox/SBOM-Scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
versions
versions
 
 
README.md
README.md
 
 
sbom-scan.sh
sbom-scan.sh
 
 
trivy-scan.sh
trivy-scan.sh
 
 

Repository files navigation

SBOM-Scanner

Below scripts utilize standalone Docker SBOM and Trivy commands. Make sure both are installed on the system.

sbom-scan.sh - scans a list of docker images and saves a list of software used in these images in TXT and JSON (software bill of materials = software list used to build the image)

trivy-scan.sh scans the JSON files for HIGH and CRITICAL vulnerabilities, omits vulns marked with "Fixed" status.

Usage:

./sbom-scan.sh -i /root/docker_image_list.txt -o some_folder

./trivy-scan.sh -i some_folder

#ubuntu #docker #vulnerability #secops #devsecops

About

Docker SBOM to text and JSON, Trivy to scan for vulns

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages