Vulnerability Analysiscontainersoptimizationsecuritydockerimages

SlimToolkit

SlimToolkit optimizes containers by making them smaller, more secure, and providing advanced visibility. It offers commands like build, xray, and lint to simplify developer workflows with container images.

Description

SlimToolkit, previously known as DockerSlim, is a developer tool designed to enhance container management. It provides a suite of commands including xray, lint, build, merge, images, registry, vulnerability, and profile to inspect, analyze, optimize, and debug container images. The tool auto-generates Seccomp and AppArmor security profiles, reverse-engineers Dockerfiles, and performs vulnerability operations, improving usability and security.

Use cases include optimizing bloated container images for production, analyzing Dockerfile instructions for best practices, merging minified images, and generating reports on fat images. Developers benefit from its ability to profile images, check vulnerabilities, and execute registry operations, all while offering detailed visibility into container contents.

Installed size is 67.39 MB and requires dependencies like docker.io, libc6, and slim-sensor. It supports global options for logging, reporting, and verbosity to customize output and debugging.

How It Works

SlimToolkit operates by analyzing container images through commands like xray to reverse-engineer Dockerfiles and reveal internals, build to profile and optimize with auto-generated Seccomp/AppArmor profiles, and lint to check Dockerfile instructions. It collects image information via profile for fat container reports, executes vulnerability scans, and supports merging images. Global options control reporting (slim.report.json), logging levels, and debug modes, with slim-sensor handling lifecycle events and BOM generation.

Installation

bash

sudo apt install slimtoolkit

Flags

--reportcommand report location (enabled by default; set it to "off" to disable it) (default: "slim.report.json")

--check-versioncheck if the current version is outdated (default: true) [$DSLIM_CHECK_VERSION]

--debugenable debug logs (default: false) [$DSLIM_DEBUG]

--verboseenable info logs (default: false) [$DSLIM_VERBOSE]

--quietQuiet CLI execution mode (default: false) [$DSLIM_QUIET]

--log-levelset the logging level ('debug', 'info', 'warn' (default), 'error', 'fatal', 'panic') (default: "warn") [$DSLIM_LOG_LEVEL]

-aset path to an executable that'll be invoked at various sensor lifecycle events (post-start, pre-shutdown, etc)

-appbomget sensor application BOM

-bget sensor application BOM

Examples

Display help and usage information for slimtoolkit

slimtoolkit -h

Shows what's inside of your container image and reverse engineers its Dockerfile

slimtoolkit xray

Analyzes container instructions in Dockerfiles

slimtoolkit lint

Analyzes, profiles and optimizes your container image auto-generating Seccomp and AppArmor security profiles

slimtoolkit build

Merge two container images (optimized to merge minified images)

slimtoolkit merge

Get information about container images

slimtoolkit images

Display help for slim-sensor usage and flags

slim-sensor -h

Execute vulnerability related tools and operations

slimtoolkit vulnerability

Updated 2026-04-16kali.org ↗