Skip to content

telekom-security/klepto

BranchesTags

Repository files navigation

Klepto2 Logo

Klepto

KLEPTO - A Docker Image Secrets Scanner

FeaturesInstallationUsageOutputContributing

Klepto is a powerful tool for scanning Docker images to detect secrets and vulnerabilities. It searches public Docker Hub repositories for images matching your criteria and analyzes them using advanced detectors like trufflehog and gitleaks.

✨ Features

  • Search Docker Hub for images by keyword
  • Extract and analyze images for secrets
  • Supports multiple detectors for comprehensive scanning
  • Customizable detection rules

📦 Installation

Tested on:

  • Debian Bookworm
  • WSL Ubuntu 24.04.3 LTS
sudo apt install git curl jq docker.io python3 docker-registry docker-compose
git clone https://github.com/telekom-security/klepto.git

🚀 Usage

sudo ./search.sh SEARCHTERM

Edit configuration:

  • script.sh → Set your API key
  • parser.py → Adjust desired_detector_type and undesired_terms

🖼 Workflow

Klepto Workflow

Steps:

  1. Search Docker Hub
  2. Pull Image
  3. Extract Layers
  4. Scan for Secrets
  5. Generate Report

📌 Roadmap

  • Add support for private registries
  • Implement parallel scanning
  • Enhance reporting with HTML output

🤝 Contributing

Feel free to open issues or submit pull requests.

👏 Authors

Thanks to Maximilian Gutowski and Jakub Sucharkiewicz

📜 License

GPL 3.0

About

Klepto is a docker-image search tool, extraction and secrets searcher within found docker images.

Topics

secrets dockerhub trufflehog gitleaks

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

2 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages