Container & Network Scanning Commands Cheat Sheet
Summary
Accurate-Cyber-Defense shares a concise command cheat sheet covering Trivy SBOM and version commands, Grype scans and output options, Docker Trust sign/revoke/key commands, and extensive Nmap scan types such as SYN, UDP, OS detection, version detection, full port scans and vulnerability scripts. This announcement helps community members run consistent security checks and triage findings quickly.
- Repository scan
║ trivy sbom <image> - Generate SBOM
║ trivy version - Show version
║
║ grype docker:<image> - Grype vulnerability scan
║ grype -o json <image> - JSON output
║ grype -o table <image> - Table output
║ grype --fail-on high <image> - Fail on high severity
║ grype --only-fixed <image> - Only show fixed
║ grype --version - Show version
║ grype --help - Show help
║
║ docker trust inspect <image> - Trust inspection
║ docker trust sign <image> - Sign image
║ docker trust revoke <image> - Revoke signature
║ docker trust key generate <name> - Generate trust key
║
║?[92m🔍 NMAP NETWORK SCANNING:?[0m
║ !nmap <target> - Basic scan
║ !nmap -sS <target> - SYN stealth scan
║ !nmap -sT <target> - TCP connect scan
║ !nmap -sU <target> - UDP scan
║ !nmap -sN <target> - Null scan
║ !nmap -sF <target> - FIN scan
║ !nmap -sX <target> - Xmas scan
║ !nmap -sV <target> - Version detection
║ !nmap -O <target> - OS detection
║ !nmap -A <target> - Aggressive scan
║ !nmap -p <ports> <target> - Port scan
║ !nmap -p- <target> - All ports (1-65535)
║ !nmap -T4 <target> - Timing template
║ !nmap --script vuln <target> - Vulnerability scripts
║ !nmap --script discovery <target> - Discovery scripts
║ !nmap -sn <target> - Ping sweep
║ !nmap --traceroute <target> - Traceroute
║ !nmap -6 <target> - IPv6 scan
║ !nmap -V - Show version
║ !nmap -h - Show help
║ !nmap 192.168.1.1-10 - R