admin / Synapse-NetscanXi
publicNetwork Scanning, Vulnerability and Compliance Application
Synapse-NetscanXi / NetscanXiVersion13 / Dockerfile
1343 B · main
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 | FROM python:3.12-slim # nmap + the NSE vuln scripts the deep profile relies on RUN apt-get update \ && apt-get install -y --no-install-recommends nmap ca-certificates curl gnupg \ && rm -rf /var/lib/apt/lists/* # v10r1: Trivy for container-image vulnerability scanning (optional but enables # the Docker image CVE + SBOM features out of the box). Falls back gracefully if # unavailable. Pinned via the official Aqua Security apt repo. RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh \ | sh -s -- -b /usr/local/bin \ || echo "Trivy install skipped - image CVE scanning will be disabled until a scanner is installed" WORKDIR /app COPY requirements.txt . # Python deps. This also installs paramiko (v13 Patch and Remedy: OS # updates/upgrades over SSH). paramiko is a pure-Python SSH client - it does NOT # shell out to the system ssh binary, so no openssh-client package is needed. # Its native deps (cryptography, cffi, pynacl, bcrypt) ship manylinux wheels for # this base image, so no compiler/build tooling is required here. RUN pip install --no-cache-dir -r requirements.txt COPY app/ ./app/ # Persisted SQLite DB + caches live here; mount a volume to keep history. VOLUME ["/app/data"] EXPOSE 5000 CMD ["python", "-m", "app.server", "--host", "0.0.0.0", "--port", "5000"] |