Docker Container Scrapper

This tool collects interesting information about docker containers such as software versions. This is used for CVE analysis to understand docker security vulnerabilities.

The concept is that many docker users leave old docker containers running for systems without updating them. Additionally, many users leave both secrets and un-updated software inside the docker container allowing for many exploits. The result of this is a large number of vulnerabilities inside docker containers. On top of this many users build their docker image on a base image which may pull from containers with outdated software resulting in many potential security issues. To understand the extent of these issues, this software is used to analyze containers in order to conduct a study on the overall docker hub container security. The data collected from this project can be applied to research studies through data analysis of the collected information.

The code is available on GitHub. Basically, given a list of docker containers, we can "inspect" the contents of each one and then compare each one to the other. The comparison is completed in terms of the number of similar packages and versions. From this data, we look to answer questions such as do more popular docker container has less updated software, how many CVEs are leftover in a popular docker container, and what are the insecure ports or information (passwords, encrypted information, etc.) left in docker containers?

This tool was developed for research under Yonghwi Kwon.