forked from gauntlt/gauntlt-docker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile-dev
187 lines (162 loc) · 5.17 KB
/
Dockerfile-dev
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
FROM ubuntu:19.04
MAINTAINER [email protected]
ARG ARACHNI_VERSION=arachni-1.5.1-0.5.12
ARG GAUNTLT_BRANCH=master
# Will use this repo for development until https://github.com/gauntlt/gauntlt/pull/120 is merged
ARG GAUNTLT_REPO=https://github.com/millaguie/gauntlt.git
WORKDIR /opt
ENV DEBIAN_FRONTEND noninteractive
# Install Ruby, Gauntlt and everything needing build-essential
RUN apt update && \
apt install -y build-essential \
bzip2 \
ca-certificates \
curl \
gcc \
git \
libcurl4 \
libcurl4-openssl-dev \
wget \
zlib1g-dev \
libyaml-dev \
libfontconfig \
libxml2-dev \
libxml2 \
libxslt1-dev \
libxslt-dev \
libsqlite3-dev \
make \
python-pip \
xmlstarlet \
python2.7 \
python2.7-dev \
python-pip \
python-setuptools \
ruby \
ruby-dev \
openjdk-8-jre \
xvfb \
x11vnc \
ruby-bundler && \
gem install rake && \
wget -O dirb.tar.gz https://downloads.sourceforge.net/project/dirb/dirb/2.22/dirb222.tar.gz && \
tar xvf dirb.tar.gz && \
rm dirb.tar.gz && \
cd dirb222 && \
chmod 755 ./configure && \
./configure && \
make && \
ln -s /opt/dirb222/dirb /usr/local/bin/dirb && \
cd /usr/src && \
git clone --single-branch --branch ${GAUNTLT_BRANCH} ${GAUNTLT_REPO} && \
cd gauntlt && \
gem install bundler && \
bundler update && \
git submodule update --init --recursive --force && \
rake build && \
rake install && \
cd && \
rm -rf /usr/src/* && \
apt remove -y \
ruby-dev \
python2.7-dev \
libxml2-dev \
libxslt1-dev \
build-essential \
libcurl4-openssl-dev \
zlib1g-dev && \
pip install sslyze==1.4.3 && \
gem install zapr && \
rm -rf /var/lib/apt/lists/* && \
apt autoremove -y && \
apt clean
# Install remaining Attack tools
# arachni
RUN wget https://github.com/Arachni/arachni/releases/download/v1.5.1/${ARACHNI_VERSION}-linux-x86_64.tar.gz && \
tar xzvf ${ARACHNI_VERSION}-linux-x86_64.tar.gz > /dev/null && \
mv ${ARACHNI_VERSION} /usr/local && \
rm ${ARACHNI_VERSION}-linux-x86_64.tar.gz && \
ln -s /usr/local/${ARACHNI_VERSION}/bin/* /usr/local/bin/
# Nikto
RUN apt-get update && \
apt-get install -y libtimedate-perl \
libnet-ssleay-perl && \
git clone --depth=1 https://github.com/sullo/nikto.git && \
cd nikto/program && \
echo "EXECDIR=/opt/nikto/program" >> nikto.conf && \
ln -s /opt/nikto/program/nikto.conf /etc/nikto.conf && \
chmod +x nikto.pl && \
ln -s /opt/nikto/program/nikto.pl /usr/local/bin/nikto && \
rm -rf /var/lib/apt/lists/* && \
apt autoremove -y && \
apt clean
# sqlmap
ENV SQLMAP_PATH /opt/sqlmap/sqlmap.py
RUN git clone --depth=1 https://github.com/sqlmapproject/sqlmap.git
# dirdb is installed with stuff needing build esentials
ENV DIRB_WORDLISTS /opt/dirb222/wordlists
# nmap
RUN apt update && \
apt install -y nmap && \
apt clean && \
rm -rf /var/lib/apt/lists/* && \
apt clean
# sslyze is installed with stuff needing build esentials
ENV SSLYZE_PATH /usr/local/bin/sslyze
# Heartbleed
RUN apt update && \
apt install -y golang && \
export GOPATH=/go && \
go get github.com/FiloSottile/Heartbleed && \
go install github.com/FiloSottile/Heartbleed && \
mv /go/bin/Heartbleed /usr/local/bin/ && \
rm -rf /go && \
apt remove -y golang && \
apt autoremove -y && \
apt clean && \
rm -rf /var/lib/apt/lists/* && \
apt clean
# Garmr
RUN pip install beautifulsoup && \
git clone https://github.com/freddyb/Garmr.git && \
cd Garmr && \
python setup.py install
# owasp-zap adapted from https://github.com/zaproxy/zaproxy/blob/develop/docker/Dockerfile-weekly
RUN mkdir /opt/zap && \
cd /opt/zap && \
wget -q https://github.com/zaproxy/zaproxy/releases/download/w2019-05-15/ZAP_WEEKLY_D-2019-05-15.zip && \
unzip *.zip && \
rm *.zip && \
mv ZAP_D*/* . && \
rmdir ZAP_D* && \
# Setup Webswing
curl -s -L https://bitbucket.org/meszarv/webswing/downloads/webswing-2.5.10.zip > webswing.zip && \
unzip webswing.zip && \
rm webswing.zip && \
mv webswing-* webswing && \
# Remove Webswing demos
rm -Rf webswing/demo/ && \
# Accept ZAP license
touch AcceptedLicense && \
pip install zapcli python-owasp-zap-v2.4 && \
mkdir -p /opt/zap/scripts/scripts/httpsender/
COPY vendor/webswing.config /opt/zap/webswing/
COPY vendor/zap-x.sh /usr/local/bin/
COPY vendor/zap-api-scan.py /opt/zap/
COPY vendor/zap_common.py /opt/zap/
COPY vendor/policies /root/.ZAP_D/policies/
COPY vendor/scripts /root/.ZAP_D/scripts/
COPY vendor/.xinitrc /root/
ENV ZAP_PORT 8080
RUN chmod a+x /root/.xinitrc && \
mkdir /root/.vnc
RUN chmod 755 /usr/local/bin/zap*.sh /opt/zap/zap-api-scan.py && \
ln -s /opt/zap/zap-api-scan.py /usr/local/bin/zap-api-scan
ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-amd64/
ENV PATH $JAVA_HOME/bin:/opt/zap/:$PATH
ENV ZAP_PATH /opt/zap/zap.sh
ENV ZAPCLI_PATH /usr/local/bin/zap-cli
ENV ZAPAPISCAN_PATH /usr/local/bin/zap-api-scan
VOLUME [ "/attacks","/output" ]
ENTRYPOINT [ "/usr/local/bin/gauntlt" ]
CMD ["/attacks/*"]