dockersec

A fast, offline CLI tool that scans your Dockerfile and docker-compose.yml for security vulnerabilities and bad practices.

Screenshot of dockersec

An offline CLI security scanner for Docker. Analyzes Dockerfiles and docker-compose files for 28 known vulnerabilities and misconfigurations — root containers, hardcoded secrets, unpinned images, missing resource limits — before anything ships to production.