SHARE
Mondoo : Native Security & Vulnerability Risk Management

Mondoo Cloud is a native security & vulnerability risk management.

Quick Start

Installing

Workstation

export MONDOO_REGISTRATION_TOKEN=’changeme’
curl -sSL http://mondoo.io/download.sh | bash

Service

export MONDOO_REGISTRATION_TOKEN=’changeme’
curl -sSL http://mondoo.io/install.sh | bash

For other installation methods, have a look at our documentation.

Run a scan:

# scan a docker image from remote registry
mondoo vuln -t docker://centos:7

# scan docker container (get ids from docker ps)
mondoo vuln -t docker://00fa961d6b6a

# scan a ssh instance
mondoo vuln -t ssh://ec2-user@54.76.229.223

Also Read – Ehtools : Penetration Tools That Can Be Explored Easily

Repository Structure

Deployment

  • ansible – Ansible role for the tool
  • chef – Chef cookbook for the tool
  • install.sh – The tool Agent Bash Installer for Servers
  • download.sh – The tool Agent Bash Downloader for Workstation
  • Dockerfile – Build script for official the tool container

Integration

Examples

Docs

  • docs – Source for the tool documentation (uses docsify)