Containerized infrastructure applications have become the de facto standard for fast and easy deployment of security services and other enterprise tools. But something I noticed awhile back while pen testing was that you could discover a lot about the applications logic, configuration, and how it was built by pillaging through the image. I like to look for stored secrets 😉 Researchers have taken that idea and scaled it so that you can search and pillage entire Docker Registries. If you are into Container security check out this tool.