Trivy是一套免費的弱掃軟體,除了基本的弱掃外還可以掃描Docker image與檔案系統,最近也支援掃描python,並可以產出各種報表與支援雲端,有興趣可以直接去官網註冊帳號試用雲端功能,地端也可以掃描雲端的東西只要安裝好Cloudspolit就可以,以下記錄Trivy的使用方法。
步驟一:安裝Trivy
RHEL/CentOS
Add repository setting to /etc/yum.repos.d.
$ sudo vim /etc/yum.repos.d/trivy.repo
[trivy]
name=Trivy repository
baseurl=https://aquasecurity.github.io/trivy-repo/rpm/releases/$releasever/$basearch/
gpgcheck=0
enabled=1
$ sudo yum -y update
$ sudo yum -y install trivy
or
rpm -ivh https://github.com/aquasecurity/trivy/releases/download/v0.17.0/trivy_0.17.0_Linux-64bit.rpm
Debian/Ubuntu
Add repository to /etc/apt/sources.list.d.
sudo apt-get install wget apt-transport-https gnupg lsb-release
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update
sudo apt-get install trivy
or
wget https://github.com/aquasecurity/trivy/releases/download/v0.17.0/trivy_0.17.0_Linux-64bit.deb
sudo dpkg -i trivy_0.17.0_Linux-64bit.deb免安裝
export VERSION=$(curl --silent "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/') wget https://github.com/aquasecurity/trivy/releases/download/v${VERSION}/trivy_${VERSION}_Linux-64bit.tar.gz tar zxvf trivy_${VERSION}_Linux-64bit.tar.gz
步驟二:掃描Docker image
trivy image mariadb
步驟三:產出報表
trivy image --format template --template "contrib/html.tpl" -o report.html python:3.9
trivy client --remote http://192.168.3.205:8080 --format template --template "contrib/html.tpl" -o report.html python:3.9
步驟四:掃描檔案
trivy fs /tmp
trivy fs --security-checks vuln,config --severity HIGH,CRITICAL /tmp步驟五:Server Client Mode,安裝版本要一致
Server side
trivy server --listen 0.0.0.:8080
Client side
trivy server --listen 0.0.0.:8080
Command
trivy server --listen 0.0.0.0:8080
trivy client --remote http://192.168.1.1:8080 --format template --template "contrib/html.tpl" -o report.html python:3.9
參考:
沒有留言:
張貼留言