Free browser tool

Explore Docker image files and layers

Browse files and layers from a registry image or docker save tar, right in your browser.

Image source

Inspect image contents

Load a public registry image or a local docker save tar, then browse files in a RepoFlow-style file view.

Source

Pull from a registry reference

Use the same registry, token, and proxy path as Docker Save, then inspect the indexed result locally.

Frequently asked questions

How can I view the contents of a Docker image online?

Enter a public Docker or OCI registry image reference, such as alpine:latest, choose an architecture, and select Inspect image. You can also upload an uncompressed tar created by docker save. The explorer builds the merged filesystem so you can search folders, inspect files, and trace them to image layers.

Is this the same as docker image inspect?

No. docker image inspect returns image configuration and metadata as JSON. RepoFlow Docker Image Explorer also lets you browse the image filesystem, preview supported file contents, review layer commands, and see which layer contributed a file.

Can I inspect a Docker image without installing or running Docker?

Yes. The explorer runs in your web browser and does not require Docker Engine or Docker Desktop. It resolves the manifest, fetches the selected image layers, and indexes them locally in the browser.

Can I inspect a docker save tar file?

Yes. You can upload an uncompressed .tar created with docker save or a compatible OCI export. The archive is read and indexed locally in your browser and is not uploaded to RepoFlow. Compressed archives are not supported yet.

Can I inspect Docker image layers and see which layer added a file?

Yes. You can browse the final merged filesystem or select an individual layer, review layer commands, and inspect file provenance. Files removed by a later layer are hidden from the final merged image but may be visible when examining an earlier layer.

Does Docker Image Explorer detect vulnerabilities or secrets?

The explorer can flag suspicious filenames, baked-in environment values, possible token material, installed-package vulnerabilities, and common image optimization opportunities. These checks are for triage and do not prove that an image is secure. Runtime secrets injected by Kubernetes, Compose, ECS, or environment settings are not part of the image.

Why is a proxy sometimes needed?

Some registries block direct browser requests with CORS rules. When that happens, the same proxy used by Docker Save Online can relay the registry API requests.

Deploy your own proxy from GitHub

Is this tool open source?

It uses the same open source browser and proxy project as Docker Save Online.

View the open source project on GitHub

Join our mailing list