Kali Linux

RAUDI : A Repo To Automatically Generate And Keep Updated A Series Of Docker Images

RAUDI (Regularly and Automatically Updated Docker Images) automatically generates and keep updated a series of Docker Images through GitHub Actions for tools that are not provided by the developers.

What is RAUDI

RAUDI is what will save you from creating and managing a lot of Docker Images manually. Every time a software is updated you need to update the Docker Image if you want to use the latest features, the dependencies are not working anymore.

This is messy and time-consuming.

Don’t worry anymore, we got you covered.

You may either fork this repo and use the GitHub Workflow yourself or use it locally (and manage its execution the way you want).

Fork

If you want to fork this repo you also have to set up some secrets to be able to push your images on your personal Docker Hub account. Two GitHub secrets must be set:

  • DOCKER_USER: Your Docker Hub Username;
  • DOCKER_API_TOKEN: Your Docker Hub Password or API Token.

After setting those secrets you have to edit the organization variable set in the tools/main.py file since it is configured to push on the Docker Hub for SecSI.

That’s all guys: go to Action, enable it for your forked repo, wait until midnight, and the Workflow will do the heavy work!

Setup

This repo can also be executed locally. The requirements to be met are the following:

  • Python 3.x
  • Docker (with BuildX)

Here is the documentation for working with BuildX: https://docs.docker.com/buildx/working-with-buildx/

The setup phase is pretty straightforward, you just need the following commands:

git clone https://github.com/cybersecsi/RAUDI
cd RAUDI
pip install -r requirements.txt

You’re ready to go!

Test

To run the test you need to install pytest with the command pip install pytest (it is not in requirements.txt since it is needed only for testing purposes) and then you may run:

pytest -s

or

python -m pytest -s

to run the tests.

Local Usage

RAUDI can build and push all the tools that are put into the tools directory. There are different options that can be used when running it. Before using it locally you should create a .env file (you can just copy the .env.sample file) and add your GitHub Personal Access Token to avoid Rate Limiting. For unauthenticated users GitHub allows up to 60 requests per hour, while authenticated users are allowed up to 15.000 requests per hour. For this reason we advice you to add it! You can also create a personal access token without any scope since anything we do is read some info for every GitHub repo.

Execution Modes

Normal Execution

In this mode RAUDI tries to build all the tools if needed. The command to run it is simply:

python3 ./raudi.py –all

Single Build

In this mode RAUDI tries to build only the specified tool. The command in this case is:

python3 ./raudi.py –single

tool_name MUST be the name of the directory inside the tools folder.

Test tool

Since the tests parameter has been added to the configuration structure of the tool is can be helpful to test if the inserted commands do return a 0 status code. The command to test a specific tool is:

python3 ./raudi.py –test

tool_name MUST be the name of the directory inside the tools folder.

Show tools

If you want to know the available tools you can run this command:

python3 ./raudi.py –list

Bootstrap tool

If you want to quickly add a new tool folder starting from one of the available templates you can run this command:

python3 ./raudi.py –bootstrap

Options

OptionDescriptionDefault Value
–pushWhether automatically push to Docker HubFalse
–remoteWhether check against Docker Hub instead of local Docker before buildFalse
–forceWhether build or not if an image with the same tagname has been foundFalse

Available Tools

This is the current list of tools that have been added. Those are all tools that do not have an official Docker Image provided by the developer:

NameDocker ImageSource
3proxysecsi/3proxyhttps://github.com/3proxy/3proxy
Altdnssecsi/altdnshttps://github.com/infosec-au/altdns
Apktoolsecsi/apktoolhttps://github.com/iBotPeaches/Apktool
Arjunsecsi/arjunhttps://github.com/s0md3v/Arjun
bfacsecsi/bfachttps://github.com/mazen160/bfac
CloudFailsecsi/cloudfailhttps://github.com/m0rtem/CloudFail
CMSeeKsecsi/cmseekhttps://github.com/Tuhinshubhra/CMSeeK
Crowbarsecsi/crowbarhttps://github.com/galkan/crowbar
Dalfoxsecsi/dalfoxhttps://github.com/hahwul/dalfox
datasploitsecsi/datasploithttps://github.com/DataSploit/datasploit
dex2jarsecsi/dex2jarhttps://github.com/pxb1988/dex2jar
dirbsecsi/dirbhttp://dirb.sourceforge.net/
dirhuntsecsi/dirhunthttps://github.com/Nekmo/dirhunt
dirsearchsecsi/dirsearchhttps://github.com/maurosoria/dirsearch
dnscansecsi/dnscanhttps://github.com/rbsec/dnscan
Dorks Eyesecsi/dorks-eyehttps://github.com/BullsEye0/dorks-eye
dvcs-rippersecsi/dvcs-ripperhttps://github.com/kost/dvcs-ripper
ExifToolsecsi/exiftoolhttps://github.com/exiftool/exiftool
EyeWitnesssecsi/eyewitnesshttps://github.com/FortyNorthSecurity/EyeWitness
fast-reconsecsi/fast-reconhttps://github.com/DanMcInerney/fast-recon
ffufsecsi/ffufhttps://github.com/ffuf/ffuf
fiercesecsi/fiercehttps://github.com/mschwager/fierce
Findsploitsecsi/findsploithttps://github.com/1N3/Findsploit
GetJSsecsi/getjshttps://github.com/003random/getJS
Gitrobsecsi/gitrobhttps://github.com/michenriksen/gitrob
GitToolssecsi/gittoolshttps://github.com/internetwache/GitTool
gobustersecsi/gobusterhttps://github.com/OJ/gobuster
GoogD0rkersecsi/googd0rkerhttps://github.com/ZephrFish/GoogD0rker
GoSpidersecsi/gospiderhttps://github.com/jaeles-project/gospider
Ground controlsecsi/ground-controlhttps://github.com/jobertabma/ground-control
Hakrawlersecsi/hakrawlerhttps://github.com/hakluke/hakrawler
hakrevdnssecsi/hakrevdnshttps://github.com/hakluke/hakrevdns
hashIDsecsi/hashidhttps://github.com/psypanda/hashID
httprobesecsi/httprobehttps://github.com/tomnomnom/httprobe
hydrasecsi/hydrahttps://github.com/vanhauser-thc/thc-hydra
impacketsecsi/impackethttps://github.com/SecureAuthCorp/impacket
JoomScansecsi/joomscanhttps://github.com/OWASP/joomscan
The JSON Web Token Toolkitsecsi/jwt_toolhttps://github.com/ticarpi/jwt_tool
knocksecsi/knockpyhttps://github.com/guelfoweb/knock
LFI Suitesecsi/lfisuitehttps://github.com/D35m0nd142/LFISuite
LinkFindersecsi/linkfinderhttps://github.com/GerbenJavado/LinkFinder
MASSCANsecsi/masscanhttps://github.com/robertdavidgraham/masscan
MassDNSsecsi/massdnshttps://github.com/blechschmidt/massdns
Memcrashed DDoS Exploitsecsi/memcrashedhttps://github.com/649/Memcrashed-DDoS-Exploit
Netifysecsi/netifydhttps://gitlab.com/netify.ai/public/netify-agent
niktosecsi/niktohttps://github.com/sullo/nikto
nmapsecsi/nmaphttps://github.com/nmap/nmap
oxml_xxesecsi/oxml_xxehttps://github.com/BuffaloWill/oxml_xxe
Pagodosecsi/pagodohttps://github.com/opsdisk/pagodo
photonsecsi/photonhttps://github.com/s0md3v/Photon
PivotSuitesecsi/pivotsuitehttps://github.com/RedTeamOperations/PivotSuite
psalmsecsi/psalmhttps://github.com/vimeo/psalm
pureDNSsecsi/purednshttps://github.com/d3mondev/puredns
Race The Websecsi/race-the-webhttps://github.com/TheHackerDev/race-the-web
RestfulHarvestsecsi/restfulharvesthttps://github.com/laramies/theHarvester
Retire.jssecsi/retirehttps://github.com/RetireJS/retire.js
RouterSploitsecsi/routersploithttps://github.com/threat9/routersploit
Sandcastlesecsi/sandcastlehttps://github.com/0xSearches/sandcastle
scanlesssecsi/scanlesshttps://github.com/vesche/scanless
seclistssecsi/seclistshttps://github.com/danielmiessler/SecLists
spyse.pysecsi/spysepyhttps://github.com/zeropwn/spyse.py
sqlmapsecsi/sqlmaphttps://github.com/sqlmapproject/sqlmap
spidysecsi/spidyhttps://github.com/rivermont/spidy
Strikersecsi/strikerhttps://github.com/s0md3v/Striker
Subfindersecsi/subfinderhttps://github.com/projectdiscovery/subfinder
Subjacksecsi/subjackhttps://github.com/haccer/subjack
Sublist3rsecsi/sublist3rhttps://github.com/aboul3la/Sublist3r
theHarvestersecsi/theharvesterhttps://github.com/laramies/theHarvester
WAFW00Fsecsi/wafw00fhttps://github.com/EnableSecurity/wafw00f
waybackpysecsi/waybackpyhttps://github.com/akamhy/waybackpy
WhatWebsecsi/whatwebhttps://github.com/urbanadventurer/WhatWeb
xraysecsi/xrayhttps://github.com/evilsocket/xray
XSSersecsi/xsserhttps://github.com/epsylon/xsser
XSSSNIPERsecsi/xsssniperhttps://github.com/gbrindisi/xsssniper
X SStrikesecsi/xsstrikehttps://github.com/s0md3v/XSStrike
XXEinjectorsecsi/xxeinjectorhttps://github.com/enjoiz/XXEinjector

Tool Structure

Every tool in the tools directory contains at least two file:

  • config.py
  • Dockerfile.
  • README.md (optional README for Docker Hub)

If you want to add a new tool you just have to create a folder for that specific tool inside the tools directory. In this folder you have to insert the Dockerfile with defined build args to customize and automate the build. Once you created the Dockerfile you have to create a config.py in the same directory with a function called get_config(organization, common_args). Be careful: the function MUST be called this way and MUST have those two parameters (even if you do not use them). The returning value is the config for that specific tool and has the following structure:

config = {
‘name’: organization+’/’,
‘version’: ”, # Should be an helper function
‘buildargs’: {
},
‘tests’: []
}

The four keys are:

  • name: the name of the Docker Image (e.g. secsi/<tool_name>);
  • version: the version number of the Docker Image. For this you may use a helper function that is able to retrieve the latest available version number (look at tools/ffuf for an example);
  • buildargs: a dict to specify the parts of the Docker Images that are subject to updates (again: look at tools/ffuf for an example);
  • tests: an array of tests (usually just a simple one like ‘–help’).

After doing so you are good to go! Just be careful that the name of the tool MUST BE THE SAME as the directory in which you placed its Dockerfile.

There is a NAMING CONVENTION for the versions: use only DOTS and DIGITS; so please remove any trailing ‘v’ from the version in the specific config.py (for a working example check tools/dirsearch/config.py).

Helpers

To get the latest versions and information about tools and base images a set of helpers has been implemented. If you want to add a new tool you should use these helpers to have a Docker Image that is automatically updated by RAUDI.

get_latest_pip_version

This helper is used to retrieve the latest version of a pip package. All it takes is the name of the package and returns the version number. Example:

VERSION = helper.get_latest_pip_version(package_name)

get_latest_github_release

This helper is used to retrieve information about a GitHub repo that uses Releases and has multiple kind of assets (e.g. executables for different OSes). This helper takes the repo (in the format user/repo) and a target string to be able to identify the correct asset to download. It returns a dict with two keys (url and version). Example:

VERSION = helper.get_latest_github_release(“user/repo”, “linux_amd64”)

get_latest_github_release_no_browser_download

This helper is used to retrieve information about a GitHub repo that uses Releases and has only the source code (which means there is a zipball and a tarball). This helper takes the repo (in the format user/repo) and returns a dict with two keys (url and version). Example:

VERSION = helper.get_latest_github_release_no_browser_download(“user/repo”)

get_latest_github_commit

This helper is used to retrieve information about a GitHub repo that doesn’t use Tags or Releases. In this case, the goal is to retrieve the latest commit. This helper takes the repo (in the format user/repo) and returns a string representing the date of the last commit in the format YYYYYMMDD.

VERSION = helper.get_latest_github_commit(“user/repo”)

Examples

This section provides examples for the currently added Network Security Tools. As you can see the images do provide only the tool, so if you need to use a wordlist you need to mount it.

Generic Example

docker run -it –rm secsi/

Specific example

docker run -it –rm -v : secsi/dirb /

How to Pronounce

We are italians, so we probably pronounce it in a different manner than yours. The correct pronunciation (using the phonetic transcription) is the following:

/ˈraʊdi/

Otherwise think about the stuffed dog in the famous TV Show Scrubs: Rowdy

Download

R K

Leave a Comment
Share
Published by
R K
Tags: Docker ImagesRAUDISeries
3 years ago

Recent Posts

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

1 week ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

2 weeks ago

Red Team Certification – A Comprehensive Guide To Advancing In Cybersecurity Operations

Embark on the journey of becoming a certified Red Team professional with our definitive guide.…

3 weeks ago

CVE-2024-5836 / CVE-2024-6778 : Chromium Sandbox Escape via Extension Exploits

This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…

3 weeks ago

Rust BOFs – Unlocking New Potentials In Cobalt Strike

This took me like 4 days (+2 days for an update), but I got it…

3 weeks ago

MaLDAPtive – Pioneering LDAP SearchFilter Parsing And Security Framework

MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. Its foundation is…

3 weeks ago