diff --git a/README.md b/README.md index 0ac68da..2df0401 100644 --- a/README.md +++ b/README.md @@ -68,7 +68,7 @@ Before **Dagda** usage, you must have installed the next requirements: The requirements can be installed with pip: ```bash - sudo pip3 install -r requirements.txt +sudo pip3 install -r requirements.txt ``` ### Installation of Docker @@ -85,8 +85,8 @@ If you need instructions for MongoDB installation, see the [How-to install Mongo You can also run MongoDB using docker: ```bash - docker pull mongo - docker run -d -p 27017:27017 mongo +docker pull mongo +docker run -d -p 27017:27017 mongo ``` ### Installation of kernel headers in the host OS @@ -110,8 +110,8 @@ You must run `python3 dagda.py start` for starting the **Dagda** server. See the After the **Dagda** server started and before the **Dagda** CLI usage, you must set the next environment variables as you need: ```bash - export DAGDA_HOST='127.0.0.1' - export DAGDA_PORT=5000 +export DAGDA_HOST='127.0.0.1' +export DAGDA_PORT=5000 ``` Although in this usage documentation only the CLI usage is shown, **Dagda** has a REST API for using it. See [REST API](https://github.com/eliasgranderubio/dagda/wiki/REST-API) documentation page for details. @@ -120,7 +120,7 @@ Although in this usage documentation only the CLI usage is shown, **Dagda** has For the initial run, you need to populate the vulnerabilities and the exploits in the database by running: ```bash - python3 dagda.py vuln --init +python3 dagda.py vuln --init ``` The previous command can take several minutes for finishing so be patient. @@ -128,7 +128,7 @@ If you need repopulating your database for updating with the new vulnerabilities Also, you can run queries on your personal database with `dagda.py vuln`. A usage example would be the next one: ```bash - python3 dagda.py vuln --product openldap --product_version 2.2.20 +python3 dagda.py vuln --product openldap --product_version 2.2.20 ``` The expected output for the previous query is shown below: @@ -345,7 +345,7 @@ The expected output for the previous query is shown below: For getting all information about a specific CVE, you must run the next command: ```bash - python3 dagda.py vuln --cve_info CVE-2009-2890 +python3 dagda.py vuln --cve_info CVE-2009-2890 ``` The expected output for the previous query is shown below: ```json @@ -401,7 +401,7 @@ In the next subsections, both, performing static analysis of known vulnerabiliti #### Performing static analysis of known vulnerabilities and other malicious threats One of the main **Dagda** targets is perform the analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers, so if you want perform an analysis over a docker image/container, you must type: ```bash - python3 dagda.py check --docker_image jboss/wildfly +python3 dagda.py check --docker_image jboss/wildfly ``` See the [*check* sub-command](https://github.com/eliasgranderubio/dagda/wiki/CLI-Usage#check-sub-command) wiki page for details. @@ -417,7 +417,7 @@ The expected output for the previous command will be the next one. In this outpu Also, if you want run a static analysis in a remote way, you can use the [*agent* sub-command](https://github.com/eliasgranderubio/dagda/wiki/CLI-Usage#agent-sub-command): ```bash - python3 dagda.py agent localhost:5000 -i jboss/wildfly +python3 dagda.py agent localhost:5000 -i jboss/wildfly ``` The expected output for the previous command will be the next one. In this output, **Dagda** responses with the analysis `id`. @@ -431,7 +431,7 @@ The expected output for the previous command will be the next one. In this outpu If you want review a concrete docker analysis, you must type: ```bash - python3 dagda.py history --id +python3 dagda.py history --id ``` For more details about `dagda.py history`, type `python3 dagda.py history --help` or see the [*history* sub-command](https://github.com/eliasgranderubio/dagda/wiki/CLI-Usage#history-sub-command) in the wiki page. @@ -727,7 +727,7 @@ The analysis can take several minutes for finishing, so be patient. If you typed #### Monitoring running containers for detecting anomalous activities Another of the main **Dagda** targets is perform the monitoring of running docker containers for detecting anomalous activities, so if you want perform the monitoring over a running docker container, you must type: ```bash - python3 dagda.py monitor 69dbf26ab368 --start +python3 dagda.py monitor 69dbf26ab368 --start ``` See the [*monitor* sub-command](https://github.com/eliasgranderubio/dagda/wiki/CLI-Usage#monitor-sub-command) wiki page for details. @@ -743,7 +743,7 @@ The expected output looks like as shown below: You can stop the monitoring when you want if you type: ```bash - python3 dagda.py monitor 69dbf26ab368 --stop +python3 dagda.py monitor 69dbf26ab368 --stop ``` The expected output when you stop the monitoring over a running container looks like as shown below: @@ -784,7 +784,7 @@ If you want review all your reports, see the [*history*](https://github.com/elia **Dagda** includes the gathering of real time events from docker daemon, so if you want get all docker daemon events, you must type: ```bash - python3 dagda.py docker events +python3 dagda.py docker events ``` The expected output looks like as shown below: @@ -843,8 +843,8 @@ This section describes the installation of **Dagda** using Docker containers, in Execute the following commands in the root folder of **Dagda** and then, the **Dagda** server will start listening at port 5000: ```bash - docker-compose build - docker-compose up -d +docker-compose build +docker-compose up -d ``` ## Internal workflows