veinmind-webshell is a Webshell scanning tool developed by Changting Technology
- Quickly scan Webshell in image/container
- Support for the 'containerd'/' dockerd 'container runtime
- linux/amd64
- linux/386
- linux/arm64
Please install libveinmind
, installation method can refer to [official documentation] (https://github.com/chaitin/libveinmind)
make run ARG="scan xxx"
Compile the executable
make build
Run the executable file for scanning
chmod +x veinmind-webshell && ./veinmind-webshell scan xxx
Make sure you have 'docker' and 'docker-compose' installed on your machine
make run.docker ARG="scan xxxx"
Build the 'veinmind-webshell' image
make build.docker
Run the container to scan
docker run --rm -it --mount 'type=bind,source=/,target=/host,readonly,bind-propagation=rslave' veinmind-webshell scan xxx
- Login bacc the platform (https://rivers.chaitin.cn/), activate the guanshan Webshell detection products
- Click on the bottom left corner to organize the configuration and create the API Token (the basic version is limited to 100 times per day, and the advanced version can be obtained by contacting the Wenmai assistant/Baichuan platform)
- Scan the specified image with a token
./veinmind-webshell scan image [imageID/imageName] --token [Guan Shan token]
4. Scan all local images using token
./veinmind-webshell scan image --token [Guan Shan token]
- Scan the specified container with a token
./veinmind - webshell scan the container containerID/containerName - token [guanshan token]
6.Scan all local containers using token
./veinmind-webshell scan container --token [token]
Specify the output format Supported output formats:
- html
- json
- cli (default)
./veinmind-webshell scan container [containerID/containerName] --token [token] -f html