依照下述教程疾速批量扫描您的仓库,一旦新的攻打或 0Day 呈现,通过资产清单即可疾速定位破绽及影响范畴、无效缩短响应工夫。
装置 opensca-cli
办法一:一键装置
-Windows(须要 PowerShell)
iex "&{$(irm https://raw.githubusercontent.com/XmirrorSecurity/OpenSCA-cli/master/scripts/install.ps1)}"
# 如果在下载中遇到网络问题,可尝试应用以下命令
iex "&{$(irm https://gitee.com/XmirrorSecurity/OpenSCA-cli/raw/master/scripts/install.ps1)} gitee"
- Linux/MacOS
curl -sSL https://raw.githubusercontent.com/XmirrorSecurity/OpenSCA-cli/master/scripts/install.sh | sh
# 如果在下载中遇到网络问题,可尝试应用以下命令
curl -sSL https://gitee.com/XmirrorSecurity/OpenSCA-cli/raw/master/scripts/install.sh | sh -s -- gitee
办法二:应用包管理器装置
- Windows(通过 Winget 装置)
winget install opensca-cli
- Windows(通过 Scoop 装置)
scoop bucket add extras
scoop install extras/opensca-cli
- MacOS/Linux(通过 Homebrew 装置)
brew install opensca-cli
办法三:手动装置
从 GitHub 或 Gitee 仓库下载对应零碎和处理器架构的压缩包,解压到任意目录即可应用。
生成 Gitlab Token
登录 Gitlab > User Settings(用户设置)> Access Tokens(拜访令牌)
新建令牌并授予 read\_repository 权限
下载脚本
curl -O https://raw.githubusercontent.com/XmirrorSecurity/OpenSCA-cli/master/scripts/gitlab_scan.py
装置依赖
- python 3.x: https://www.python.org/downloads/
- python-gitlab: pip install python-gitlab
配置脚本
批改 gitlab\_scan.py 中 gitlab\_url 和 gitlab\_token 填入 gitlab 地址和拜访令牌
# ...
if __name__ == "__main__":
scan_gitlab(
gitlab_url="gitlab 地址",
gitlab_token="gitlab token",
)