veinmind-weakpass is a weak password scanning tool for image developed by Chaitin Technology
- Quickly scan the weak password in image
- Support weak password macro definition
- Support concurrent scanning for weak passwords
- Support custom username and dictionary
- Support container runtime
containerdanddockerd
- linux/amd64
- linux/386
- linux/arm64
- linux/arm
- install
libveinmindfirstlly ,you can click here offical document for more info
- Install by Parallel Container,pull
veinmind-weakpassiamge and startdocker run --rm -it --mount 'type=bind,source=/,target=/host,readonly,bind-propagation=rslave' veinmind/veinmind-weakpass scan - or start with the script which we provided
chmod +x parallel-container-run.sh && ./parallel-container-run.sh scan
-
Scan image with specified image name or ID(need to have a corresponding image locally)
./veinmind-weakpass scan [imagename/imageid] -
Scan all local images
./veinmind-weakpass scan -
Specify container runtime type
./veinmind-weakpass scan --containerdcontainer runtime type
- dockerd
- containerd
-
Specify the username which you want to scan
./veinmind-weakpass scan -u username -
Specify the custom dict
./veinmind-weakpass scan -d ./pass.dict -
Specify the services name
./veinmind-weakpass scan -a ssh,mysql,redis-
support these service currently
serverName version ssh all mysql 8.X redis all tomcat all
-
-
Extract default dictionary to local disk
./veinmind-weakpass extract
- Scan the image which name is
testand all service supported
- Specify the image
testand scansshservice in the image
- Scan
sshservice in all images
