added container for doing static analysis of files
parent
f169d81775
commit
87f9e02685
|
@ -0,0 +1,28 @@
|
||||||
|
# Build and publish Docker images for multible architectures.
|
||||||
|
#
|
||||||
|
# Pushing an image to codeberg as container registry,
|
||||||
|
# package owner will be the repo owner.
|
||||||
|
#
|
||||||
|
# this config also shows usage of yaml aliases and
|
||||||
|
# was taken from https://codeberg.org/6543/docker-images/src/commit/37e29c227717c1c07d2776cddcf14725bf952875/.woodpecker/hello.yml
|
||||||
|
|
||||||
|
when:
|
||||||
|
branch: main
|
||||||
|
|
||||||
|
steps:
|
||||||
|
publish-builder:
|
||||||
|
image: woodpeckerci/plugin-docker-buildx
|
||||||
|
settings:
|
||||||
|
dockerfile: builder/Dockerfile
|
||||||
|
platforms: linux/arm64/v8,linux/amd64
|
||||||
|
repo: git.jmbit.de/filegate/utility-containers
|
||||||
|
registry: git.jmbit.de
|
||||||
|
tags:
|
||||||
|
- builder-latest
|
||||||
|
- builder
|
||||||
|
username: jmb
|
||||||
|
password:
|
||||||
|
from_secret: forgejo_token
|
||||||
|
when:
|
||||||
|
event: push
|
||||||
|
|
|
@ -0,0 +1,28 @@
|
||||||
|
# Build and publish Docker images for multible architectures.
|
||||||
|
#
|
||||||
|
# Pushing an image to codeberg as container registry,
|
||||||
|
# package owner will be the repo owner.
|
||||||
|
#
|
||||||
|
# this config also shows usage of yaml aliases and
|
||||||
|
# was taken from https://codeberg.org/6543/docker-images/src/commit/37e29c227717c1c07d2776cddcf14725bf952875/.woodpecker/hello.yml
|
||||||
|
|
||||||
|
when:
|
||||||
|
branch: main
|
||||||
|
|
||||||
|
steps:
|
||||||
|
publish-builder:
|
||||||
|
image: woodpeckerci/plugin-docker-buildx
|
||||||
|
settings:
|
||||||
|
dockerfile: staticanalysis/Dockerfile
|
||||||
|
platforms: linux/arm64/v8,linux/amd64
|
||||||
|
repo: git.jmbit.de/filegate/utility-containers
|
||||||
|
registry: git.jmbit.de
|
||||||
|
tags:
|
||||||
|
- staticanalysis-latest
|
||||||
|
- staticanalysis
|
||||||
|
username: jmb
|
||||||
|
password:
|
||||||
|
from_secret: forgejo_token
|
||||||
|
when:
|
||||||
|
event: push
|
||||||
|
|
|
@ -10,21 +10,6 @@ when:
|
||||||
branch: main
|
branch: main
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
publish-builder:
|
|
||||||
image: woodpeckerci/plugin-docker-buildx
|
|
||||||
settings:
|
|
||||||
dockerfile: builder/Dockerfile
|
|
||||||
platforms: linux/arm64/v8,linux/amd64
|
|
||||||
repo: git.jmbit.de/filegate/utility-containers
|
|
||||||
registry: git.jmbit.de
|
|
||||||
tags:
|
|
||||||
- builder-latest
|
|
||||||
- builder
|
|
||||||
username: jmb
|
|
||||||
password:
|
|
||||||
from_secret: forgejo_token
|
|
||||||
when:
|
|
||||||
event: push
|
|
||||||
publish-vm-builder:
|
publish-vm-builder:
|
||||||
image: woodpeckerci/plugin-docker-buildx
|
image: woodpeckerci/plugin-docker-buildx
|
||||||
settings:
|
settings:
|
|
@ -0,0 +1,44 @@
|
||||||
|
FROM debian:latest
|
||||||
|
LABEL authors="Johannes Bülow <johannes.buelow@jmbit.de>"
|
||||||
|
WORKDIR /tmp/crap
|
||||||
|
RUN export DEBIAN_FRONTEND="noninteractive" \
|
||||||
|
&& apt-get update \
|
||||||
|
&& apt-get upgrade -y \
|
||||||
|
&& apt-get install --no-install-recommends -y bash wget curl yara zip unzip git file binutils msitools exif coreutils \
|
||||||
|
python3-pip libsqlite3-dev
|
||||||
|
## TRID
|
||||||
|
RUN wget https://mark0.net/download/trid_linux_64.zip \
|
||||||
|
&& unzip trid_linux_64.zip \
|
||||||
|
&& chmod +x trid \
|
||||||
|
&& mv trid /usr/local/bin/trid
|
||||||
|
## YARA
|
||||||
|
COPY ./yara-rules /usr/local/bin/yara-rules
|
||||||
|
RUN git clone https://github.com/Yara-Rules/rules.git /usr/local/src/yara-rules
|
||||||
|
## Detect-It-Easy
|
||||||
|
RUN wget https://github.com/horsicq/DIE-engine/releases/download/3.08/die_3.08_Debian_12_amd64.deb -O die.deb\
|
||||||
|
&& apt-get install --no-install-recommends -y ./die.deb
|
||||||
|
## PiP stuff
|
||||||
|
#RUN pip3 install stringsifter pyelftools dotnetfile peframe-ds flare-floss oletools
|
||||||
|
RUN pip3 install stringsifter pyelftools dotnetfile flare-floss oletools
|
||||||
|
## Manalyze
|
||||||
|
RUN apt-get install -y libboost-regex-dev libboost-program-options-dev libboost-system-dev libboost-filesystem-dev libssl-dev build-essential cmake git python3-dev \
|
||||||
|
&& git clone https://github.com/JusticeRage/Manalyze.git && cd Manalyze \
|
||||||
|
&& cmake . \
|
||||||
|
&& make -j5 \
|
||||||
|
&& make install \
|
||||||
|
&& cd /tmp/crap
|
||||||
|
## dllcharacteristics
|
||||||
|
RUN wget https://raw.githubusercontent.com/accidentalrebel/dllcharacteristics.py/master/dllcharacteristics.py -O /usr/local/bin/dllcharacteristics.py \
|
||||||
|
&& chmod +x /usr/local/bin/dllcharacteristics.py
|
||||||
|
## Malchive
|
||||||
|
RUN git clone https://github.com/MITRECND/malchive.git && cd malchive && pip install . && cd /tmp/crap
|
||||||
|
## CAPA
|
||||||
|
RUN wget https://github.com/mandiant/capa/releases/download/v6.1.0/capa-v6.1.0-linux.zip -O capa.zip \
|
||||||
|
&& unzip capa.zip && chmod +x capa && mv capa /usr/local/bin/
|
||||||
|
## CLEANUP
|
||||||
|
RUN apt-get -y autoremove \
|
||||||
|
&& apt-get clean -y \
|
||||||
|
&& unset DEBIAN_FRONTEND \
|
||||||
|
&& rm -rf /tmp/crap
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,2 @@
|
||||||
|
#!/bin/bash
|
||||||
|
yara -w /usr/local/src/yara-rules/index.yar "${*}"
|
Loading…
Reference in New Issue