agebox
Whaler
agebox | Whaler | |
---|---|---|
1 | 4 | |
199 | 1,016 | |
- | - | |
0.0 | 0.0 | |
about 1 year ago | almost 2 years ago | |
Go | Go | |
Apache License 2.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
agebox
-
environment variables in respository?
I put secrets like API access keys on github using git-crypt and it's been working flawlessly for years. I do plan to eventually migrate to agebox, which is incredibly simple to use, as getting the gpg-agent working in Windows and WSL is very difficult (works okay on Linux).
Whaler
-
Any Way To See The Dockerfile Used To Make An Image On Dockerhub?
Whaler may help you: https://github.com/P3GLEG/Whaler
-
Reverse Image
https://github.com/P3GLEG/Whaler <-- that should do what you're looking for. It depends on the image having been generated using a standard Dockerfile approach, but that should work for most images.
-
Scanning Millions Of Publicly Exposed Docker Containers - Thousands Of Secrets Leaked
3) Specific tooling. Tools like whaler will automate the process of pulling the Dockerfile contents out of an image file.
-
Reverse Engineering a Docker Image
In addition to Dive, there's also Whaler https://github.com/P3GLEG/Whaler which will print out a Dockerfile from the image, based on the metadata in the image.
You can also use Portainer https://www.portainer.io/ which will show the image layer details in the images section.
What are some alternatives?
git-crypt - Transparent file encryption in git
docker-explorer - A tool to help forensicate offline docker acquisitions
squealer - Telling tales on you for leaking secrets!
Portainer - Making Docker and Kubernetes management easy.
vals-operator - Kubernetes Operator to sync secrets between different secret backends and Kubernetes
lazydocker - The lazier way to manage everything docker
git-hound - Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos and orgs.
dive - A tool for exploring each layer in a docker image
sekret.link - Service to share passwords, secret notes securely
Docker Compose - Define and run multi-container applications with Docker
SecretScanner - :unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
weakpass - Weakpass collection of tools for bruteforce and hashcracking