Merge pull request #21 from theredguild/tools-scoutsuite-checkov-pmapper

Added scoutsuite, checkov, and pmapper correctly
theredguild · Oct 8, 2024 · cd0b0bc · cd0b0bc
2 parents 5c3c32c + 552e47f
commit cd0b0bc
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 3 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -127,6 +127,15 @@ RUN pipx install semgrep
 # Install nodejsscan
 RUN pipx install nodejsscan
 
+# Install principalmapper
+RUN pipx install principalmapper
+
+# Install checkov
+RUN pipx install checkov
+
+# Install scoutsuite
+RUN pipx install scoutsuite
+
 # pipx environment path set
 RUN pipx ensurepath
 
@@ -224,4 +233,4 @@ RUN echo '\ncat /etc/motd\n' >> ~/.zshrc
 
 # Set working directory
 WORKDIR /home/${USERNAME}
-CMD ["/bin/zsh"]
+CMD ["/bin/zsh"]
diff --git a/README.md b/README.md
@@ -61,9 +61,9 @@ Examples:
 
 - [ ] Container and/or cloud specific:
     - [ ] kube-bench: Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark. (https://github.com/aquasecurity/kube-bench)
-    - [ ] checkov: Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages. (https://github.com/bridgecrewio/checkov)
+    - [x] checkov: Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages. (https://github.com/bridgecrewio/checkov)
     - [ ] scoutsuite: Multi-Cloud Security Auditing Tool. (https://github.com/nccgroup/ScoutSuite)
-    - [ ] pmapper: A tool for quickly evaluating IAM permissions in AWS. (https://github.com/nccgroup/PMapper)
+    - [x] pmapper: A tool for quickly evaluating IAM permissions in AWS. (https://github.com/nccgroup/PMapper)
     - [x] hadolint: Dockerfile linter. (https://github.com/hadolint/hadolint)
 
 - [x] Dependency & lib checkers: