utility-containers/staticanalysis/Dockerfile

FROM debian:latest
LABEL authors="Johannes Bülow <johannes.buelow@jmbit.de>"
WORKDIR /tmp/crap
RUN export DEBIAN_FRONTEND="noninteractive" \
  && apt-get update \
  && apt-get upgrade -y \
  && apt-get install --no-install-recommends -y bash wget curl yara zip unzip git file binutils msitools exif coreutils \
     python3-pip libsqlite3-dev
## TRID  
RUN wget https://mark0.net/download/trid_linux_64.zip \
	 && unzip trid_linux_64.zip \
	 && chmod +x trid \
	 && mv trid /usr/local/bin/trid
## YARA
COPY ./yara-rules /usr/local/bin/yara-rules 
RUN git clone https://github.com/Yara-Rules/rules.git /usr/local/src/yara-rules
## Detect-It-Easy
RUN wget https://github.com/horsicq/DIE-engine/releases/download/3.08/die_3.08_Debian_12_amd64.deb -O die.deb\
	 && apt-get install --no-install-recommends -y ./die.deb
##  PiP stuff	
#RUN pip3 install stringsifter pyelftools dotnetfile peframe-ds flare-floss oletools
RUN pip3 install stringsifter pyelftools dotnetfile flare-floss oletools
## Manalyze
RUN apt-get install -y libboost-regex-dev libboost-program-options-dev libboost-system-dev libboost-filesystem-dev libssl-dev build-essential cmake git python3-dev \
    && git clone https://github.com/JusticeRage/Manalyze.git && cd Manalyze \
	 && cmake . \
	 && make -j5 \
	 && make install \
	 && cd /tmp/crap
## dllcharacteristics
RUN wget https://raw.githubusercontent.com/accidentalrebel/dllcharacteristics.py/master/dllcharacteristics.py -O /usr/local/bin/dllcharacteristics.py \
	 && chmod +x /usr/local/bin/dllcharacteristics.py
## Malchive
RUN git clone https://github.com/MITRECND/malchive.git && cd malchive && pip install . && cd /tmp/crap
## CAPA
RUN wget https://github.com/mandiant/capa/releases/download/v6.1.0/capa-v6.1.0-linux.zip -O capa.zip \
    && unzip capa.zip && chmod +x capa && mv capa /usr/local/bin/
## CLEANUP
RUN apt-get -y autoremove \
 	 && apt-get clean -y \
	 && unset DEBIAN_FRONTEND \
	 && rm -rf /tmp/crap