`dissect.target.plugins.apps.containers.docker`#

Module Contents#

Classes#

DockerPlugin

Resources:

Attributes#

`DockerContainerRecord`
`DockerImageRecord`
`DOCKER_NS_REGEX`

dissect.target.plugins.apps.containers.docker.DockerContainerRecord#

dissect.target.plugins.apps.containers.docker.DockerImageRecord#

dissect.target.plugins.apps.containers.docker.DOCKER_NS_REGEX#

class dissect.target.plugins.apps.containers.docker.DockerPlugin(target: dissect.target.Target)#

Bases: dissect.target.plugin.Plugin

Resources: - https://didactic-security.com/resources/docker-forensics.pdf - https://didactic-security.com/resources/docker-forensics-cheatsheet.pdf - https://github.com/google/docker-explorer

__namespace__ = 'docker'#

DOCKER_PATH = '/var/lib/docker'#

check_compatible() → bool#

Perform a compatibility check with the target.

This function should return None if the plugin is compatible with the current target (self.target). For example, check if a certain file exists. Otherwise it should raise an UnsupportedPluginError.

Raises:: UnsupportedPluginError – If the plugin could not be loaded.

images() → Iterator[DockerImageRecord]#: Returns any pulled docker images on the target system.

containers() → Iterator[DockerContainerRecord]#: Returns any docker containers present on the target system.

dissect.target.plugins.apps.containers.docker#

Module Contents#

Classes#

Attributes#

`dissect.target.plugins.apps.containers.docker`#