A comprehensive Cybersecurity tool designed for analysts and DevSecOps teams. This script automates container auditing—from static Dockerfile analysis to real-time intrusion detection—adhering to Security by Design principles.
Read this in Spanish / Leer en español
- Static Analysis (Linter): Dockerfile evaluation using
Hadolint. - Vulnerability Scanning (SCA): Detection of CVEs and exposed secrets via
Trivy. - Infrastructure Hardening: Host auditing based on the CIS Benchmark standard.
- Runtime Security: Intrusion detection and system call monitoring with
Falco. - Zero-Trust Mode: Automated full-spectrum audit with a single command.
- Silent Interface: Clean terminal output with visual indicators (spinners).
- Clone:
git clone https://github.com/TU_USUARIO/container-audit-botiquin.git - Permissions:
chmod +x container-audit-toolkit.sh - Run:
./container-audit-toolkit.sh
This project is under active development. Future updates will include:
- Support for Kubernetes (K8s) auditing.
- HTML/PDF export for executive reports.
- Enhanced secret scanning with custom regex.
Found a bug or have a suggestion? Contributions are welcome! Feel free to:
- Open an Issue with your feedback.
- Submit a Pull Request with your improvements.
Alejandro Fernandes aka vernizus - Cybersecurity Analyst I am passionate about Infrastructure Optimization and Security by Design. Any feedback is highly appreciated!