Wireshark for Docker containers. Contribute to subtrace/subtrace development by creating an account on GitHub.

Another buzzword box ticked: OCI-compliant containers

Secure and fast microVMs for serverless computing. - firecracker-microvm/firecracker

Distributed systems runtime daemon written in Rust. - aurae-runtime/aurae

Sticking to container security best practices is critical for successfully delivering secure software.

In this post, I’ll show you how to build a continuous integration and continuous delivery (CI/CD) pipeline using AWS Developer Tools, as well as Aqua Security‘s open source container vulnerability scanner, Trivy. You’ll build two Docker images, one with vulnerabilities and one without, to learn the capabilities of Trivy and how to send all vulnerability […]

A tool for exploring each layer in a docker image. Contribute to wagoodman/dive development by creating an account on GitHub.

Recently I was doing an assessment in a locked down and restricted environment. One of the first actions you tend to do when landing a shell on a [linux] box is to do some reconnaissance. This is both on host and network, as you want to determine what new access this host has given you. Normally you would run netstat, ifconfig, ip route etc to determine if the compromised host is connected to any other hosts and to determine if there are other network segments you do not know about.