diff --git a/Makefile b/Makefile index e674086..76b003d 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ export IMAGE_REPOSITORY?=quay.io/deepfenceio -export DF_IMG_TAG?=2.5.0 +export DF_IMG_TAG?=2.5.2 all: yarahunter diff --git a/README.md b/README.md index 06382f3..56a2d53 100644 --- a/README.md +++ b/README.md @@ -37,7 +37,7 @@ Images may be compromised with the installation of a cryptominer such as XMRig. Pull the official **yarahunter** image: ``` -docker pull quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 +docker pull quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 ``` or Build it from source clone this repo and run below command @@ -68,7 +68,7 @@ docker run -i --rm --name=deepfence-yarahunter \ -e DEEPFENCE_LICENSE= \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /tmp:/home/deepfence/output \ - quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 \ + quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 \ --image-name metal3d/xmrig:latest \ --output=json > xmrig-scan.json ``` @@ -83,7 +83,7 @@ docker run -i --rm --name=deepfence-yarahunter \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /tmp:/home/deepfence/output \ -v /tmp/rules:/tmp/rules \ - quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 \ + quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 \ --image-name metal3d/xmrig:latest \ --output=json \ --rules-path=/tmp/rules > xmrig-scan.json diff --git a/docs/docs/yarahunter/configure/cli.md b/docs/docs/yarahunter/configure/cli.md index 6fb1f6c..21ef035 100644 --- a/docs/docs/yarahunter/configure/cli.md +++ b/docs/docs/yarahunter/configure/cli.md @@ -7,7 +7,7 @@ title: Command-Line Options Display the command line options: ```bash -$ docker run -it --rm quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 --help +$ docker run -it --rm quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 --help ``` Note that all files and directories used in YaraHunter configuration are local to the container, not the host filesystem. The examples given illustrate how to map host directories to the container when needed. diff --git a/docs/docs/yarahunter/configure/output.md b/docs/docs/yarahunter/configure/output.md index b630b94..c116741 100644 --- a/docs/docs/yarahunter/configure/output.md +++ b/docs/docs/yarahunter/configure/output.md @@ -12,7 +12,7 @@ docker run -i --rm --name=yara-hunter \ -e DEEPFENCE_PRODUCT= \ -e DEEPFENCE_LICENSE= \ -v /var/run/docker.sock:/var/run/docker.sock \ - quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 \ + quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 \ --image-name node:latest \ # highlight-next-line --output=json > xmrig-scan.json diff --git a/docs/docs/yarahunter/configure/rules.md b/docs/docs/yarahunter/configure/rules.md index efef844..fc5859f 100644 --- a/docs/docs/yarahunter/configure/rules.md +++ b/docs/docs/yarahunter/configure/rules.md @@ -20,7 +20,7 @@ docker run -it --rm --name=yara-hunter \ -v /var/run/docker.sock:/var/run/docker.sock \ # highlight-next-line -v $(pwd)/my-rules:/tmp/my-rules \ - quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 --image-name node:latest \ + quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 --image-name node:latest \ # highlight-next-line --rules-path /tmp/my-rules ``` diff --git a/docs/docs/yarahunter/img/yarahunter.svg b/docs/docs/yarahunter/img/yarahunter.svg index abbb26a..8fc6e62 100644 --- a/docs/docs/yarahunter/img/yarahunter.svg +++ b/docs/docs/yarahunter/img/yarahunter.svg @@ -362,7 +362,7 @@ Deepfence YaraHunter - user@host:~$ d user@host:~$ do user@host:~$ doc user@host:~$ dock user@host:~$ docke user@host:~$ docker user@host:~$ docker user@host:~$ docker p user@host:~$ docker pu user@host:~$ docker pul user@host:~$ docker pull user@host:~$ docker pull user@host:~$ docker pull quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 user@host:~$ docker pull quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 user@host:~$ docker pull quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 latest: Pulling from deepfenceio/yara-hunterDigest: sha256:b82f0143f2a1530720c40ee780f78ab138d04f95b65af7a32a31678a712abe01Status: Image is up to date for quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0docker.io/quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0user@host:~$ user@host:~$ docker pull metal3d/xmrig user@host:~$ docker pull metal3d/xmrig user@host:~$ docker pull metal3d/xmrig Using default tag: latestlatest: Pulling from metal3d/xmriDigest: sha256:c3c27a8b2f6beede6d9c0a7e5b79bb7a7b0002cca40565e7bfd2e447f3a2a628Status: Image is up to date for metal3d/xmrig:latestdocker.io/metal3d/xmrig:latestuser@host:~$ docker run user@host:~$ docker run -it user@host:~$ docker run -it --rm user@host:~$ docker run -it --rm --name=yara-hunter user@host:~$ docker run -it --rm --name=yara-hunter \ -v -v /var/run/docker.sock:/var/run/docker.sock -v /var/run/docker.sock:/var/run/docker.sock \ -v /tmp:/home/deepfence/output -v /tmp:/home/deepfence/output \ quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 \ --image-name --image-name metal3d/xmrig:latest --image-name metal3d/xmrig:latest \ --json-filename=xmrig-scan.json --json-filename=xmrig-scan.json connected successfully using endpoint: unix:///var/run/docker.sock container runtime detected: docker{ "Timestamp": "2022-08-18 13:58:41.543309237 +00:00", "Image Name": "metal3d/xmrig:latest", "Image ID": "a01f1ffa6691423ef43bfaee2a9c9f30fe08ee6df8d9d6586ae9692d90789c5a", "Malware match detected are": [ { "Image Layer ID": "bad74b706fcd3e01f4af74337744cbcc84ab60da82c40dd588469c6360258789", "Matched Rule Name": "XMRIG_Miner", "Strings to match are": [ "stratum+tcp" ], "Category": [], "File Name": "/tmp/Deepfence/YaRadare/df_metal3dxmriglatest/ExtractedFiles/bad74b706fcd3e01f4af74337744cbcc84ab60da82c40dd588469c6360258789/usr/local/bin/xmrig", "ref":"https://gist.github.com/GelosSnake/c2d4d6ef6f93ccb7d3afb5b1e26c7b4e ", "Summary": "The matched rule file's ref is https://gist.github.com/GelosSnake/c2d4d6ef6f93ccb7d3afb5b1e26c7b4e ." } {/bad74b706fcd3e01f4af74337744cbcc84ab60da82c40dd588469c6360258789/xmrig-6.18.0/build/CMakeFiles/xmrig.dir/src/base/net/stratum/Url.cpp.o", "Matched Rule Name": "Cerberus", "cerberus" "Category": ["RAT","memory"],/bad74b706fcd3e01f4af74337744cbcc84ab60da82c40dd588469c6360258789/xmrig-6.18.0/src/3rdparty/fmt/README.rst", "description":"Cerberus ", "author":"Jean-Philippe Teissier / @Jipe_ ", "date":"2013-01-12 ", "filetype":"memory ", "version":"1.0 ", "Summary": "The file /tmp/Deepfence/YaRadare/df_metal3dxmriglatest/ExtractedFiles/bad74b706fcd3e01f4af74337744cbcc84ab60da82c40dd588469c6360258789/xmrig-6.18.0/src/3rdparty/fmt/README.rst has a memory match.The file has a rule match that Cerberus .The matched rule file's author is Jean-Philippe Teissier / @Jipe_ .The matched rule file's date is 2013-01-12 .The matched rule file's filetype is memory .The matched rule file's version is 1.0 ."rc/base/net/stratum/Url.cpp", ] ]}user@host:~$ c user@host:~$ ca user@host:~$ cat user@host:~$ cat user@host:~$ cat / user@host:~$ cat /t user@host:~$ cat /tm user@host:~$ cat /tmp user@host:~$ cat /tmp/ user@host:~$ cat /tmp/x user@host:~$ cat /tmp/xm user@host:~$ cat /tmp/xmr user@host:~$ cat /tmp/xmri user@host:~$ cat /tmp/xmrig user@host:~$ cat /tmp/xmrig- user@host:~$ cat /tmp/xmrig-s user@host:~$ cat /tmp/xmrig-sc user@host:~$ cat /tmp/xmrig-sca user@host:~$ cat /tmp/xmrig-scan user@host:~$ cat /tmp/xmrig-scan. user@host:~$ cat /tmp/xmrig-scan.j user@host:~$ cat /tmp/xmrig-scan.js user@host:~$ cat /tmp/xmrig-scan.jso user@host:~$ cat /tmp/xmrig-scan.json user@host:~$ cat /tmp/xmrig-scan.json user@host:~$ cat /tmp/xmrig-scan.json | user@host:~$ cat /tmp/xmrig-scan.json | user@host:~$ cat /tmp/xmrig-scan.json | j user@host:~$ cat /tmp/xmrig-scan.json | jq user@host:~$ cat /tmp/xmrig-scan.json | jq user@host:~$ cat /tmp/xmrig-scan.json | jq ' user@host:~$ cat /tmp/xmrig-scan.json | jq '. user@host:~$ cat /tmp/xmrig-scan.json | jq '.I user@host:~$ cat /tmp/xmrig-scan.json | jq '.IO user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[ user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | . user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ." user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."M user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Ma user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Mat user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matc user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Match user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matche user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched R user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Ru user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rul user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule N user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule Na user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule Nam user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule Name user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule Name" user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule Name"' user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule Name"'user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule Name"'"XMRIG_Miner""Cerberus" + user@host:~$ d user@host:~$ do user@host:~$ doc user@host:~$ dock user@host:~$ docke user@host:~$ docker user@host:~$ docker user@host:~$ docker p user@host:~$ docker pu user@host:~$ docker pul user@host:~$ docker pull user@host:~$ docker pull user@host:~$ docker pull quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 user@host:~$ docker pull quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 user@host:~$ docker pull quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 latest: Pulling from deepfenceio/yara-hunterDigest: sha256:b82f0143f2a1530720c40ee780f78ab138d04f95b65af7a32a31678a712abe01Status: Image is up to date for quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2docker.io/quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2user@host:~$ user@host:~$ docker pull metal3d/xmrig user@host:~$ docker pull metal3d/xmrig user@host:~$ docker pull metal3d/xmrig Using default tag: latestlatest: Pulling from metal3d/xmriDigest: sha256:c3c27a8b2f6beede6d9c0a7e5b79bb7a7b0002cca40565e7bfd2e447f3a2a628Status: Image is up to date for metal3d/xmrig:latestdocker.io/metal3d/xmrig:latestuser@host:~$ docker run user@host:~$ docker run -it user@host:~$ docker run -it --rm user@host:~$ docker run -it --rm --name=yara-hunter user@host:~$ docker run -it --rm --name=yara-hunter \ -v -v /var/run/docker.sock:/var/run/docker.sock -v /var/run/docker.sock:/var/run/docker.sock \ -v /tmp:/home/deepfence/output -v /tmp:/home/deepfence/output \ quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 \ --image-name --image-name metal3d/xmrig:latest --image-name metal3d/xmrig:latest \ --json-filename=xmrig-scan.json --json-filename=xmrig-scan.json connected successfully using endpoint: unix:///var/run/docker.sock container runtime detected: docker{ "Timestamp": "2022-08-18 13:58:41.543309237 +00:00", "Image Name": "metal3d/xmrig:latest", "Image ID": "a01f1ffa6691423ef43bfaee2a9c9f30fe08ee6df8d9d6586ae9692d90789c5a", "Malware match detected are": [ { "Image Layer ID": "bad74b706fcd3e01f4af74337744cbcc84ab60da82c40dd588469c6360258789", "Matched Rule Name": "XMRIG_Miner", "Strings to match are": [ "stratum+tcp" ], "Category": [], "File Name": "/tmp/Deepfence/YaRadare/df_metal3dxmriglatest/ExtractedFiles/bad74b706fcd3e01f4af74337744cbcc84ab60da82c40dd588469c6360258789/usr/local/bin/xmrig", "ref":"https://gist.github.com/GelosSnake/c2d4d6ef6f93ccb7d3afb5b1e26c7b4e ", "Summary": "The matched rule file's ref is https://gist.github.com/GelosSnake/c2d4d6ef6f93ccb7d3afb5b1e26c7b4e ." } {/bad74b706fcd3e01f4af74337744cbcc84ab60da82c40dd588469c6360258789/xmrig-6.18.0/build/CMakeFiles/xmrig.dir/src/base/net/stratum/Url.cpp.o", "Matched Rule Name": "Cerberus", "cerberus" "Category": ["RAT","memory"],/bad74b706fcd3e01f4af74337744cbcc84ab60da82c40dd588469c6360258789/xmrig-6.18.0/src/3rdparty/fmt/README.rst", "description":"Cerberus ", "author":"Jean-Philippe Teissier / @Jipe_ ", "date":"2013-01-12 ", "filetype":"memory ", "version":"1.0 ", "Summary": "The file /tmp/Deepfence/YaRadare/df_metal3dxmriglatest/ExtractedFiles/bad74b706fcd3e01f4af74337744cbcc84ab60da82c40dd588469c6360258789/xmrig-6.18.0/src/3rdparty/fmt/README.rst has a memory match.The file has a rule match that Cerberus .The matched rule file's author is Jean-Philippe Teissier / @Jipe_ .The matched rule file's date is 2013-01-12 .The matched rule file's filetype is memory .The matched rule file's version is 1.0 ."rc/base/net/stratum/Url.cpp", ] ]}user@host:~$ c user@host:~$ ca user@host:~$ cat user@host:~$ cat user@host:~$ cat / user@host:~$ cat /t user@host:~$ cat /tm user@host:~$ cat /tmp user@host:~$ cat /tmp/ user@host:~$ cat /tmp/x user@host:~$ cat /tmp/xm user@host:~$ cat /tmp/xmr user@host:~$ cat /tmp/xmri user@host:~$ cat /tmp/xmrig user@host:~$ cat /tmp/xmrig- user@host:~$ cat /tmp/xmrig-s user@host:~$ cat /tmp/xmrig-sc user@host:~$ cat /tmp/xmrig-sca user@host:~$ cat /tmp/xmrig-scan user@host:~$ cat /tmp/xmrig-scan. user@host:~$ cat /tmp/xmrig-scan.j user@host:~$ cat /tmp/xmrig-scan.js user@host:~$ cat /tmp/xmrig-scan.jso user@host:~$ cat /tmp/xmrig-scan.json user@host:~$ cat /tmp/xmrig-scan.json user@host:~$ cat /tmp/xmrig-scan.json | user@host:~$ cat /tmp/xmrig-scan.json | user@host:~$ cat /tmp/xmrig-scan.json | j user@host:~$ cat /tmp/xmrig-scan.json | jq user@host:~$ cat /tmp/xmrig-scan.json | jq user@host:~$ cat /tmp/xmrig-scan.json | jq ' user@host:~$ cat /tmp/xmrig-scan.json | jq '. user@host:~$ cat /tmp/xmrig-scan.json | jq '.I user@host:~$ cat /tmp/xmrig-scan.json | jq '.IO user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[ user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | . user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ." user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."M user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Ma user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Mat user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matc user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Match user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matche user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched R user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Ru user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rul user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule N user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule Na user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule Nam user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule Name user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule Name" user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule Name"' user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule Name"'user@host:~$ cat /tmp/xmrig-scan.json | jq '.IOC[] | ."Matched Rule Name"'"XMRIG_Miner""Cerberus" diff --git a/docs/docs/yarahunter/index.md b/docs/docs/yarahunter/index.md index f091df4..8c3c381 100644 --- a/docs/docs/yarahunter/index.md +++ b/docs/docs/yarahunter/index.md @@ -37,7 +37,7 @@ docker run -i --rm --name=deepfence-yarahunter \ -e DEEPFENCE_LICENSE= \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /tmp:/home/deepfence/output \ - quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 \ + quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 \ --image-name metal3d/xmrig:latest \ --output=json > xmrig-scan.json ``` @@ -59,7 +59,7 @@ docker run -i --rm --name=deepfence-yarahunter \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /tmp:/home/deepfence/output \ -v /tmp/rules:/tmp/rules \ - quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 \ + quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 \ --image-name metal3d/xmrig:latest \ --output=json \ --rules-path=/tmp/rules > xmrig-scan.json diff --git a/docs/docs/yarahunter/quickstart.md b/docs/docs/yarahunter/quickstart.md index 09511ea..d503c1f 100644 --- a/docs/docs/yarahunter/quickstart.md +++ b/docs/docs/yarahunter/quickstart.md @@ -9,7 +9,7 @@ Pull the latest YaraHunter image, and use it to scan a `node:latest` container. ## Pull the latest YaraHunter image ```bash -docker pull quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 +docker pull quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 ``` ## Generate License Key @@ -30,7 +30,7 @@ docker run -i --rm --name=yara-hunter \ -e DEEPFENCE_PRODUCT= \ -e DEEPFENCE_LICENSE= \ -v /var/run/docker.sock:/var/run/docker.sock \ - quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 \ + quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 \ --image-name node:latest docker rmi node:latest @@ -46,7 +46,7 @@ docker run -i --rm --name=yara-hunter \ -e DEEPFENCE_LICENSE= \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /tmp:/home/deepfence/output \ - quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 \ + quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 \ --image-name node:latest \ --output=json > node-latest.json diff --git a/docs/docs/yarahunter/using/build.md b/docs/docs/yarahunter/using/build.md index b42da00..7723d78 100644 --- a/docs/docs/yarahunter/using/build.md +++ b/docs/docs/yarahunter/using/build.md @@ -7,11 +7,11 @@ title: Build YaraHunter YaraHunter is a self-contained docker-based tool. Clone the [YaraHunter repository](https://github.com/deepfence/YaraHunter), then build: ```bash -docker build --rm=true --tag=quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 -f Dockerfile . +docker build --rm=true --tag=quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 -f Dockerfile . ``` -Alternatively, you can pull the official deepfence image at `quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0`. +Alternatively, you can pull the official deepfence image at `quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2`. ```bash -docker pull quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 +docker pull quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 ``` diff --git a/docs/docs/yarahunter/using/grpc.md b/docs/docs/yarahunter/using/grpc.md index 4a35827..57a7a42 100644 --- a/docs/docs/yarahunter/using/grpc.md +++ b/docs/docs/yarahunter/using/grpc.md @@ -27,7 +27,7 @@ docker run -it --rm --name=deepfence-malwarescanner \ -v $(pwd):/home/deepfence/output \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /tmp/sock:/tmp/sock \ - quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 \ + quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 \ -socket-path /tmp/sock/s.sock ``` diff --git a/docs/docs/yarahunter/using/scan.md b/docs/docs/yarahunter/using/scan.md index 6a82b89..27f8cdd 100644 --- a/docs/docs/yarahunter/using/scan.md +++ b/docs/docs/yarahunter/using/scan.md @@ -18,7 +18,7 @@ docker run -it --rm --name=yara-hunter \ -e DEEPFENCE_PRODUCT= \ -e DEEPFENCE_LICENSE= \ -v /var/run/docker.sock:/var/run/docker.sock \ - quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 \ + quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 \ # highlight-next-line --image-name node:latest @@ -36,7 +36,7 @@ docker run -it --rm --name=yara-hunter \ -v /var/run/docker.sock:/var/run/docker.sock \ # highlight-next-line -v /:/deepfence/mnt \ - quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 \ + quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 \ # highlight-next-line --host-mount-path /deepfence/mnt --container-id 69221b948a73 ``` @@ -51,7 +51,7 @@ docker run -it --rm --name=yara-hunter \ -e DEEPFENCE_LICENSE= \ # highlight-next-line -v ~/src/YARA-RULES:/tmp/YARA-RULES \ - quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.0 \ + quay.io/deepfenceio/deepfence_malware_scanner_ce:2.5.2 \ # highlight-next-line --local /tmp/YARA-RULES --host-mount-path /tmp/YARA-RULES ```