Requirements:
- Connectivity with the DocDocker API
- DocExploit CLI:
- Working API-KEY
- Company created
This is the syntax to launch an analysis throught the DocExploit CLI tool:
docexploit-cli docdocker analyze IMAGE_NAME --key=API-KEY --${CRITICITY}=MAX_NUMBER --repository=REPOSITORY --company=COMPANY --o=OUTPUT_FILE- IMAGE_NAME: Name of the image to analyze
- API-KEY: The key created in DocExploit dashboard.
- CRITICITY–>MAX_NUMBER: The maximum vulnerabilities allowed, the criticities are [“blocker”,”critical”,”major”,”minor”,”info”]. OPTIONAL
- REPOSITORY: The name of the repository, by default it is “manual”. If is provided a new name repository it will created. OPTIONAL
- COMPANY: The name of the company, it must exist. If is not provided then the first company in your config will be selected. OPTIONAL
- OUTPUT_FILE: File where analysis results will be saved in XLSX format. OPTIONAL
Some configurations can be added through a configuration file called docexploit.properties.
- APIKEY = ${API-KEY}
- DOCDOCKER_API = ${CUSTOM-DOCDOCKER-API}
- more soon….
