-
Notifications
You must be signed in to change notification settings - Fork 33
/
Copy pathDockerfile
71 lines (71 loc) · 4.06 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
FROM alpine:3
# Properties
LABEL org.opencontainers.image.authors="[email protected]"
LABEL org.opencontainers.image.vendor="Dominique RIGHETTO (righettod)"
LABEL org.opencontainers.image.url="https://github.com/righettod/toolbox-pentest-web"
LABEL org.opencontainers.image.source="https://github.com/righettod/toolbox-pentest-web"
LABEL org.opencontainers.image.documentation="https://github.com/righettod/toolbox-pentest-web"
LABEL org.opencontainers.image.licenses="GPL-3.0-only"
LABEL org.opencontainers.image.title="toolbox-pentest-web"
LABEL org.opencontainers.image.description="Web Application Pentest customized toolbox based on a ALPINE image"
LABEL org.opencontainers.image.base.name="righettod/toolbox-pentest-web:latest"
# Install system packages
## Use the command below to sort the package list:
## echo "$PACKAGE_LIST" | tr " " "\n" | sort | tr "\n" " "
ENV DEBIAN_FRONTEND noninteractive
RUN apk update
RUN apk add --no-cache bash bind-tools build-base cargo colordiff coreutils curl curl-dev dos2unix exiftool file gcompat git go grep highlight httpie hydra hydra-doc inetutils-telnet jq libc6-compat libcap libcap-ng libcap-ng-utils libcurl libpcap libpcap-dev ltrace make masscan miller nano nano-syntax netcat-openbsd nmap nmap-scripts openjdk17-jdk openssh openssl openssl-dev procps py3-cryptography py3-curl py3-lxml py3-pip py3-psutil py3-pycryptodome py3-requests py3-setuptools py3-virtualenv python3 python3-dev rust sqlite sslscan strace tmux unzip vim wget whois xmlstarlet zip zsh
# Pretty shell
RUN sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended
# Create the base folder of all tools
RUN mkdir /tools
# Install utility scripts
COPY scripts /tools/scripts
# Install utility templates
COPY templates /tools/templates
# Install static binaries folder
COPY static-binaries /tools/static-binaries
# Install docs folder
COPY docs /tools/docs
# Install misc folder
COPY misc /tools/misc
# Install dictionaries
COPY dictionaries /tools/dictionaries
# Install tools and extra materials
COPY build /tmp/build
RUN for f in $(ls /tmp/build/add-*.sh); do chmod +x $f;bash $f; done
# Set execute access right
RUN chmod -R +x /tools/
# Set final settings of the toolbox
RUN echo "export PATH=$PATH:/tools/scripts:/root/go/bin:/root/.cargo/bin" >> /root/.zshrc
RUN echo "export NUCLEI_TPL_HOME=/root/nuclei-templates" >> /root/.zshrc
RUN echo "export NUCLEI_FUZZING_TPL_HOME=/tools/nuclei-fuzzing-templates" >> /root/.zshrc
RUN echo "alias list-http-scripts-nmap='ls /usr/share/nmap/scripts/http-*'" >> /root/.zshrc
RUN echo "alias list-python-packages='python -m pip list'" >> /root/.zshrc
RUN echo "alias cat-colorized='highlight -O ansi --force'" >> /root/.zshrc
RUN echo "alias dig-formatted='dig +multiline +noall +answer +nocmd '" >> /root/.zshrc
RUN echo "alias default-creds-search='creds search '" >> /root/.zshrc
RUN echo "alias load-zsh-theme='(){ export ZSH_THEME=\"$@\" && source $ZSH/oh-my-zsh.sh }'" >> /root/.zshrc
RUN echo "alias image-info='cat /root/build-datetime.txt'" >> /root/.zshrc
RUN echo "alias scan-nuclei='nuclei -config /tools/templates/nuclei_http_scan_profile.yaml -duc -silent '" >> /root/.zshrc
RUN echo "alias scan-tls='bash /tools/testssl/testssl.sh -s -p -U --quiet '" >> /root/.zshrc
RUN echo "alias scan-sqlmap='python /tools/sqlmap/sqlmap.py --thread=1 --tamper=space2comment --time-sec=20 --ignore-redirects '" >> /root/.zshrc
RUN echo "source /root/pyenv/bin/activate" >> /root/.zshrc
RUN find /usr/share/nano/ -iname "*.nanorc" -exec echo include {} \; >> /root/.nanorc
RUN touch /root/.hushlogin
RUN echo "set -g mouse on" > /root/.tmux.conf
# Setup SSH server for remove access
RUN rm -rf /etc/ssh/ssh_host_*
RUN ssh-keygen -A
COPY ssh-public-key.pem /root/.ssh/
RUN mv /root/.ssh/ssh-public-key.pem /root/.ssh/authorized_keys
RUN chmod -R 700 /root/.ssh;mkdir -p /run/sshd;sshd -t
# Final cleanup and tunning
RUN chmod +x /tmp/build/remove-build-cache.sh; bash /tmp/build/remove-build-cache.sh
RUN rm -rf /tmp/*
WORKDIR /tools
VOLUME /tools/reports
EXPOSE 80
EXPOSE 443
EXPOSE 22
CMD ["/usr/sbin/sshd","-e","-D"]