AI-powered container diagnostics, forensics, and optimization in a TUI.
- inspect images and containers
- run live container forensics
- export reports in
json,csv, andhtml - use agentic AI follow-up inside the TUI
- optionally use YARA during threat hunting
curl -fsSL https://raw.githubusercontent.com/khbarkar/BoneStack/main/install.sh | bashRequirements:
- Go
- Git
- Docker
The installer:
- clones or updates BoneStack in
~/.bonestack - builds the binary locally
- links
bonestackinto~/.local/bin
If ~/.local/bin is not on your PATH, add:
export PATH="$HOME/.local/bin:$PATH"Use the built-in update command:
bonestack updateIf you have not installed BoneStack yet, use:
curl -fsSL https://raw.githubusercontent.com/khbarkar/BoneStack/main/install.sh | bashbonestackUseful commands:
bonestack help
bonestack version
bonestack update- inspect images and containers
- analyze image layers and bloat
- generate optimization reports
- generate starter Dockerfiles and policy files
- run AI-assisted and agentic forensic analysis inside the TUI
- run container forensics:
- filesystem
- processes
- volumes
- logs
- environment
- resources
- threat hunt
- container diff
- timeline
- export reports in
json,csv, andhtml - optionally use YARA during threat hunting
Safe training examples live in training/containers.
They are intentionally suspicious-looking or poorly built, but not malicious.
Examples include:
- cron persistence style artifacts
- suspicious SSH and shell-history artifacts
- a badly built, bloated Node image
go build -o bonestack ./cmd/bonestack/main.go
./bonestack