Home

Awesome

Gorsair

<p align="center"> <a href="https://asciinema.org/a/226476"><img src="images/gorsair.gif" width="700px"/></a> </p> <p align="center"> <a href="#license"> <img src="https://img.shields.io/badge/license-Apache-blue.svg?style=flat" /> </a> <a href="https://goreportcard.com/report/github.com/Ullaakut/gorsair"> <img src="https://goreportcard.com/badge/github.com/Ullaakut/gorsair" /> </a> <a href="https://github.com/Ullaakut/gorsair/releases/latest"> <img src="https://img.shields.io/github/release/Ullaakut/gorsair.svg?style=flat" /> </a> </p>

Gorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has access to the docker daemon, you can use Gorsair to directly execute commands on remote containers.

Exposing the docker API on the internet is a tremendous risk, as it can let malicious agents get information on all of the other containers, images and system, as well as potentially getting privileged access to the whole system if the image uses the root user.

<p align="center"> <img src="images/Gorsair.png" width="300px"/> </p>

Install

From a release

Set the:

And then run the following command to install gorsair.

curl -sS https://github.com/Ullaakut/Gorsair/releases/download/$GORSAIR_VERSION/gorsair_$OS_$ARCH --output /usr/local/bin/gorsair && chmod +x /usr/local/bin/gorsair

From the sources

Command line options

How can I protect my containers from this attack