utility-containers/staticanalysis/Dockerfile

50 lines
2.2 KiB
Docker
Raw Permalink Normal View History

FROM debian:latest
LABEL authors="Johannes Bülow <johannes.buelow@jmbit.de>"
WORKDIR /tmp/crap
RUN export DEBIAN_FRONTEND="noninteractive" \
&& apt-get update \
&& apt-get upgrade -y \
&& apt-get install --no-install-recommends -y bash wget curl yara zip unzip git file binutils msitools exif coreutils \
python3-pip libsqlite3-dev python3-full
## TRID
RUN wget https://mark0.net/download/trid_linux_64.zip \
&& unzip trid_linux_64.zip \
&& chmod +x trid \
&& mv trid /usr/local/bin/trid
## YARA
2023-09-19 09:44:46 +02:00
RUN git clone https://github.com/Yara-Rules/rules.git /usr/local/src/yara-rules \
&& echo "#!/bin/bash" > /usr/local/bin/yara-rules && echo 'yara -w /usr/local/src/yara-rules/index.yar "${*}"' >> /usr/local/bin/yara-rules \
&& chmod +x /usr/local/bin/yara-rules
## Detect-It-Easy
RUN wget https://github.com/horsicq/DIE-engine/releases/download/3.08/die_3.08_Debian_12_amd64.deb -O die.deb\
&& apt-get install --no-install-recommends -y ./die.deb
## PiP stuff
#RUN pip3 install stringsifter pyelftools dotnetfile peframe-ds flare-floss oletools
RUN pip3 install stringsifter pyelftools dotnetfile flare-floss oletools
## Manalyze
RUN apt-get install -y libboost-regex-dev libboost-program-options-dev libboost-system-dev libboost-filesystem-dev libssl-dev build-essential cmake git python3-dev \
&& git clone https://github.com/JusticeRage/Manalyze.git && cd Manalyze \
&& cmake . \
&& make -j5 \
&& make install \
&& cd /tmp/crap
## dllcharacteristics
RUN wget https://raw.githubusercontent.com/accidentalrebel/dllcharacteristics.py/master/dllcharacteristics.py -O /usr/local/bin/dllcharacteristics.py \
&& chmod +x /usr/local/bin/dllcharacteristics.py
## Malchive
RUN git clone https://github.com/MITRECND/malchive.git && cd malchive && pip install . && cd /tmp/crap
## CAPA
RUN wget https://github.com/mandiant/capa/releases/download/v6.1.0/capa-v6.1.0-linux.zip -O capa.zip \
&& unzip capa.zip && chmod +x capa && mv capa /usr/local/bin/
2024-01-13 11:57:32 +01:00
## Box-JS
RUN curl -fsSL https://deb.nodesource.com/setup_21.x | bash - \
&& apt-get install -y nodejs \
&& npm install --global box-js
## CLEANUP
RUN apt-get -y autoremove \
&& apt-get clean -y \
&& unset DEBIAN_FRONTEND \
&& rm -rf /tmp/crap