Auditing Docker Runtime and Endpoints
- Checking for the docker daemon configuration
docker system info
- Checking for the docker API exposed on
0.0.0.0
sudo cat /lib/systemd/system/docker.service
- Checking if the docker socket is mounted to any running container
docker inspect | grep -i '/var/run/'
- Checking other files and data related to docker
sudo ls -l /var/lib/docker/