-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
58 lines (46 loc) · 1.41 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
FROM debian:11.1-slim
LABEL maintainer="[email protected]"
ENV DEBIAN_FRONTEND noninteractive
RUN apt update && apt -y upgrade && \
apt -y --no-install-recommends install python2-minimal git build-essential \
bison ca-certificates file git openssl tini unzip python2-dev \
curl wget unzip gzip tar python-is-python2 sleuthkit && \
apt -y autoremove && \
apt -y autoclean && \
rm -rf /var/lib/apt/lists/*
RUN wget https://bootstrap.pypa.io/pip/2.7/get-pip.py && \
python2 get-pip.py
RUN export PIP_NO_CACHE_DIR=off \
&& export PIP_DISABLE_PIP_VERSION_CHECK=on \
&& python2 -m pip install --upgrade pip wheel \
&& python2 -m pip install \
colorama \
construct \
distorm3==3.4.4 \
haystack \
ipython \
openpyxl \
pycoin \
pytz \
simplejson \
pycrypto \
ujson
#WORKDIR /usr/lib
WORKDIR /tmp
# SHould this be /tmp ? to save disk space?
# Build the Python bindings for YARA
RUN git clone --recursive https://github.com/VirusTotal/yara-python && \
cd yara-python && \
python setup.py build && \
python setup.py install
# Volatility 2
RUN git clone --recursive https://github.com/volatilityfoundation/volatility.git && \
cd volatility && \
python setup.py build && \
python setup.py install
# AutoVol
COPY auto_vol.py /usr/local/bin/
RUN chmod +x /usr/local/bin/auto_vol.py
# Final Cleanup
RUN apt -y autoremove && apt -y autoclean && rm -rf /var/lib/apt/lists/*
WORKDIR /data