diff --git a/Dockerfile b/Dockerfile index 1b57c11..9c93b28 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,11 @@ -FROM ubuntu:18.04 - +# Build stage +FROM ubuntu:18.04 AS build LABEL maintainer="Alexis Ahmed" # Environment Variables ENV HOME /root ENV DEBIAN_FRONTEND=noninteractive - # Working Directory WORKDIR /root RUN mkdir ${HOME}/toolkit && \ @@ -47,15 +46,19 @@ RUN apt-get update && \ sqlmap \ # dirb dirb \ - # dnsenum + # dnsenum dependencies cpanminus \ + libxml-writer-perl \ + libnet-ip-perl \ + libnet-netmask-perl \ + libstring-random-perl \ # wfuzz python-pycurl \ # knock python-dnspython \ # massdns libldns-dev \ - # wpcscan + # wpscan dependencies libcurl4-openssl-dev \ libxml2 \ libxml2-dev \ @@ -110,252 +113,143 @@ RUN pip install wfuzz # seclists RUN cd ${HOME}/wordlists && \ - git clone --depth 1 https://github.com/danielmiessler/SecLists.git + git clone --depth 1 https://github.com/danielmiessler/SecLists.git && \ + cd SecLists && \ + rm -rf .git* && \ + mv /root/wordlists/SecLists /opt/ -# knock -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/guelfoweb/knock.git && \ - cd knock && \ - chmod +x setup.py && \ - apt-get update && apt-get install -y software-properties-common && \ - add-apt-repository ppa:deadsnakes/ppa && \ - apt install python3.7 -y && \ - python3.7 setup.py install - -# massdns -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/blechschmidt/massdns.git && \ - cd massdns/ && \ - make && \ - ln -sf ${HOME}/toolkit/massdns/bin/massdns /usr/local/bin/massdns - -# wafw00f -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/enablesecurity/wafw00f.git && \ - cd wafw00f && \ - chmod +x setup.py && \ - python setup.py install - -# wpscan -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/wpscanteam/wpscan.git && \ - cd wpscan/ && \ - gem install bundler && bundle install --without test && \ - gem install wpscan - -# commix -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/commixproject/commix.git && \ - cd commix && \ - chmod +x commix.py && \ - ln -sf ${HOME}/toolkit/commix/commix.py /usr/local/bin/commix - -# masscan -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/robertdavidgraham/masscan.git && \ - cd masscan && \ - make && \ - ln -sf ${HOME}/toolkit/masscan/bin/masscan /usr/local/bin/masscan +# Runtime stage +FROM ubuntu:18.04 +LABEL maintainer="Alexis Ahmed" -# altdns -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/infosec-au/altdns.git && \ - cd altdns && \ - pip install -r requirements.txt && \ - chmod +x setup.py && \ - python setup.py install +# Environment Variables +ENV HOME /root +ENV DEBIAN_FRONTEND=noninteractive +ENV PATH "$PATH:/root/.local/bin" -# teh_s3_bucketeers -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/tomdev/teh_s3_bucketeers.git && \ - cd teh_s3_bucketeers && \ - chmod +x bucketeer.sh && \ - ln -sf ${HOME}/toolkit/teh_s3_bucketeers/bucketeer.sh /usr/local/bin/bucketeer +# Working Directory +WORKDIR /root -# Recon-ng -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/lanmaster53/recon-ng.git && \ - cd recon-ng && \ - pip3 install -r REQUIREMENTS && \ - chmod +x recon-ng && \ - ln -sf ${HOME}/toolkit/recon-ng/recon-ng /usr/local/bin/recon-ng +# Copy tools and wordlists from build stage +COPY --from=build /opt /opt +COPY --from=build ${HOME}/toolkit ${HOME}/toolkit +COPY --from=build ${HOME}/.zshrc ${HOME}/.zshrc +COPY --from=build ${HOME}/.tmux.conf ${HOME}/.tmux.conf -# XSStrike -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/s0md3v/XSStrike.git && \ - cd XSStrike && \ - pip3 install -r requirements.txt && \ - chmod +x xsstrike.py && \ - ln -sf ${HOME}/toolkit/XSStrike/xsstrike.py /usr/local/bin/xsstrike +# Update and install packages +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + zsh \ + nano \ + tmux \ + nmap \ + python \ + python-pip \ + python3 \ + python3-pip \ + dnsutils \ + net-tools \ + git \ + curl \ + wget \ + awscli \ + hydra \ + nikto \ + masscan \ + # zsh + powerline\ + # zsh + fonts-powerline\ + && rm -rf /var/lib/apt/lists/* -# theHarvester -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/AlexisAhmed/theHarvester.git && \ - cd theHarvester && \ - python3 -m pip install -r requirements.txt && \ - chmod +x theHarvester.py && \ - ln -sf ${HOME}/toolkit/theHarvester/theHarvester.py /usr/local/bin/theharvester +# configure python(s) +RUN python -m pip install --upgrade setuptools && python3 -m pip install --upgrade setuptools && python3.7 -m pip install --upgrade setuptools -# CloudFlair -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/christophetd/CloudFlair.git && \ - cd CloudFlair && \ - pip install -r requirements.txt && \ - chmod +x cloudflair.py && \ - ln -sf ${HOME}/toolkit/CloudFlair/cloudflair.py /usr/local/bin/cloudflair +# Install oh-my-zsh and set as default shell +RUN sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended && \ + sed -i 's/ZSH_THEME=\"robbyrussell\"/ZSH_THEME=\"agnoster\"/g' ${HOME}/.zshrc && \ + sed -i 's/plugins=(git)/plugins=(git nmap)/g' ${HOME}/.zshrc && \ + chsh -s $(which zsh) -# joomscan -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/rezasp/joomscan.git && \ - cd joomscan/ && \ - chmod +x joomscan.pl -COPY joomscan.sh /opt -RUN chmod +x /opt/joomscan.sh && \ - ln -sf /opt/joomscan.sh /usr/local/bin/joomscan - -# go -RUN cd /opt && \ - wget https://golang.org/dl/go1.16.4.linux-amd64.tar.gz && \ - tar -xvf go1.16.4.linux-amd64.tar.gz && \ - rm -rf /opt/go1.16.4.linux-amd64.tar.gz && \ - mv go /usr/local -ENV GOROOT /usr/local/go -ENV GOPATH /root/go -ENV PATH ${GOPATH}/bin:${GOROOT}/bin:${PATH} - -# gobuster -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/OJ/gobuster.git && \ - cd gobuster && \ - go get && go install +# Install fzf +RUN git clone --depth 1 https://github.com/junegunn/fzf.git ${HOME}/.fzf && \ + ${HOME}/.fzf/install --all -# virtual-host-discovery -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/AlexisAhmed/virtual-host-discovery.git && \ - cd virtual-host-discovery && \ - chmod +x scan.rb && \ - ln -sf ${HOME}/toolkit/virtual-host-discovery/scan.rb /usr/local/bin/virtual-host-discovery +# Install searchsploit +RUN git clone https://github.com/offensive-security/exploitdb.git ${HOME}/exploitdb && \ + ln -sf ${HOME}/exploitdb/searchsploit /usr/local/bin/searchsploit -# bucket_finder -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/AlexisAhmed/bucket_finder.git && \ - cd bucket_finder && \ - chmod +x bucket_finder.rb && \ - ln -sf ${HOME}/toolkit/bucket_finder/bucket_finder.rb /usr/local/bin/bucket_finder +# Install metasploit +RUN curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > ${HOME}/msfinstall && \ + chmod 755 ${HOME}/msfinstall && \ + ${HOME}/msfinstall -# dirsearch -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/AlexisAhmed/dirsearch.git && \ - cd dirsearch && \ - chmod +x dirsearch.py && \ - ln -sf ${HOME}/toolkit/dirsearch/dirsearch.py /usr/local/bin/dirsearch - -# s3recon -RUN pip3 install --upgrade setuptools && \ - pip3 install pyyaml pymongo requests s3recon - -# subfinder -RUN GO111MODULE=on go get -u -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder - -# zsh -RUN git clone https://github.com/robbyrussell/oh-my-zsh.git ~/.oh-my-zsh &&\ - cp ~/.oh-my-zsh/templates/zshrc.zsh-template ~/.zshrc &&\ - chsh -s /bin/zsh && \ - git clone https://github.com/zsh-users/zsh-syntax-highlighting.git "$HOME/.zsh-syntax-highlighting" --depth 1 && \ - echo "source $HOME/.zsh-syntax-highlighting/zsh-syntax-highlighting.zsh" >> "$HOME/.zshrc" - -# dotdotpwn -RUN cd ${HOME}/toolkit && \ - cpanm Net::FTP && \ - cpanm Time::HiRes && \ - cpanm HTTP::Lite && \ - cpanm Switch && \ - cpanm Socket && \ - cpanm IO::Socket && \ - cpanm Getopt::Std && \ - cpanm TFTP && \ - git clone https://github.com/AlexisAhmed/dotdotpwn.git && \ - cd dotdotpwn && \ - chmod +x dotdotpwn.pl && \ - ln -sf ${HOME}/toolkit/dotdotpwn/dotdotpwn.pl /usr/local/bin/dotdotpwn - -# whatweb -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/urbanadventurer/WhatWeb.git && \ - cd WhatWeb && \ - chmod +x whatweb && \ - ln -sf ${HOME}/toolkit/WhatWeb/whatweb /usr/local/bin/whatweb +# Add aliases +RUN echo "alias toolkit='cd ${HOME}/toolkit'" >> ${HOME}/.zshrc && \ + echo "alias wordlists='cd ${HOME}/wordlists'" >> ${HOME}/.zshrc && \ + echo "alias msfconsole='sudo msfconsole'" >> ${HOME}/.zshrc -# fierce -RUN python3 -m pip install fierce +# tzdata +RUN ln -fs /usr/share/zoneinfo/America/New_York /etc/localtime && \ + dpkg-reconfigure --frontend noninteractive tzdata -# amass -RUN export GO111MODULE=on && \ - go get -v github.com/OWASP/Amass/v3/... +# configure python(s) +RUN python -m pip install --upgrade setuptools && python3 -m pip install --upgrade setuptools && python3.7 -m pip install --upgrade setuptools -# S3Scanner +# dnsenum RUN cd ${HOME}/toolkit && \ - git clone https://github.com/sa7mon/S3Scanner.git && \ - cd S3Scanner && \ - pip3 install -r requirements.txt + git clone https://github.com/fwaeytens/dnsenum.git && \ + cd dnsenum/ && \ + chmod +x dnsenum.pl && \ + ln -s ${HOME}/toolkit/dnsenum/dnsenum.pl /usr/bin/dnsenum && \ + cpanm String::Random && \ + cpanm Net::IP && \ + cpanm Net::DNS && \ + cpanm Net::Netmask && \ + cpanm XML::Writer -# droopsecan +# Sublist3r RUN cd ${HOME}/toolkit && \ - git clone https://github.com/droope/droopescan.git && \ - cd droopescan && \ - pip install -r requirements.txt - -# subjack -RUN go get github.com/haccer/subjack + git clone https://github.com/aboul3la/Sublist3r.git && \ + cd Sublist3r/ && \ + pip install -r requirements.txt && \ + ln -s ${HOME}/toolkit/Sublist3r/sublist3r.py /usr/local/bin/sublist3r -# SubOver -RUN go get github.com/Ice3man543/SubOver +# wfuzz +RUN pip install wfuzz -# Compress wordlist +# seclists RUN cd ${HOME}/wordlists && \ - tar czf SecList.tar.gz ${HOME}/wordlists/SecLists/ && \ - rm -rf SecLists - -# ZSH configuration -RUN export SHELL=/usr/bin/zsh && \ - cd ${HOME} && \ - rm .zshrc && \ - wget https://raw.githubusercontent.com/AlexisAhmed/BugBountyToolkit-ZSH/main/.zshrc - -# ffuf -RUN go get -u github.com/ffuf/ffuf - -# httprobe -RUN go get -u github.com/tomnomnom/httprobe - -# gitGraber -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/hisxo/gitGraber.git && \ - cd gitGraber && \ - ln -sf ${HOME}/toolkit/gitGraber/gitGraber.py /usr/local/bin/gitGraber - - -# waybackurls -RUN go get github.com/tomnomnom/waybackurls - -# Katoolin -RUN cd ${HOME}/toolkit && \ - git clone https://github.com/LionSec/katoolin.git && \ - cd katoolin && \ - chmod +x katoolin.py - - -# Clean Go Cache -RUN go clean -cache && \ - go clean -testcache && \ - go clean -modcache - + git clone --depth 1 https://github.com/danielmiessler/SecLists.git && \ + ln -s ${HOME}/wordlists/SecLists /usr/share/seclists +# Final stage +FROM ubuntu:18.04 +LABEL maintainer="Alexis Ahmed" +# Environment Variables +ENV HOME /root +ENV DEBIAN_FRONTEND=noninteractive +# Copy Toolkit and Wordlists +COPY --from=build ${HOME}/toolkit ${HOME}/toolkit +COPY --from=build ${HOME}/wordlists ${HOME}/wordlists +# Copy Dotfiles +COPY .zshrc ${HOME}/.zshrc +COPY .tmux.conf ${HOME}/.tmux.conf +COPY .vimrc ${HOME}/.vimrc - +# Install ZSH +RUN apt-get update && \ + apt-get install -y zsh && \ + chsh -s $(which zsh) +# Install Oh My Zsh +RUN sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" +# Change work directory +WORKDIR ${HOME} +# Set default command to zsh +CMD ["zsh"]