Some weeks ago I saw one of my co-workers building a couple of Dockerfiles for some Network Security-related tools that do not have an official Docker Image. In my mind I thought: “this Docker Image will never be updated. I hate this”.
An idea crossed my mind: how many tools do not have an official Docker Image? For hundreds and hundreds of tools, we rely on Docker Images that are built by some guy that lives on the other side of the world and that will probably forget to constantly update that Docker Image. So we rolled up our sleeves and tried to solve this obnoxious problem. What we came up with is RAUDI (Regularly and Automatically Updated Docker Images).
What is RAUDI
RAUDI is what will save you from creating and managing a lot of Docker Images manually. Every time a tool is updated you need to update the Docker Image if you want to use the latest features, the dependencies are not working anymore.
This is messy and time-consuming.
Basically, RAUDI is a Python project that is able to retrieve information about a set of tools and is able to determine whether there is the need to build/publish a new Docker Image for every tool. Let’s describe this step-by-step.
How RAUDI works
Tool Structure
The initial work is, of course, manual. To add a new tool to manage two files must be created:
- config.py
- Dockerfile
The Dockerfile simply contains the instructions to build a Docker Image for that specific tool. What is different? We use build arguments that are dynamically retrieved. Here is a working example of the implementation of a popular tool called Knock:
As you can see the content is pretty simple. We get the .tar.gz, we unpack it and install the requirements. That’s it.
The interesting stuff is that the ARGs that are dynamically provided by the config.py:
The config.py, on the other hand, needs a bit more explanation. Every config.py must have a get_config function that takes two arguments:
- organization: the name of the organization (default value is secsi)
- common_args: common values for different tools (like the version of Alpine to use)
and must return a Python dict with the following keys:
- name: the name of the Docker Image once it gets built;
- version: the version that will be used as tagname;
- buildargs: a dict that contains all the ARGs used in the Dockerfile;
- tests: an array of command to test that the container works before pushing.
As you can see the information like the download URL and the version are retrieved through a helper function that takes the name of the GitHub repo.
Workflow
Given a description of a single tool let’s see what happens when RAUDI is executed (there are different execution modes, the one shown in the image below depicts the normal mode).
So the steps are the following:
- Retrieve common information (e.g. latest Alpine version)
- Load all the tools and retrieve informations for each one of them
- Check if a Docker Image already exists for that version
- IF not build it
- Check if the test commands return a 0 status code
- IF they dot push on Docker Hub
Currently Available Tools
Currently (11/01/2022) the available tools are the following:
| Name | Docker Image |
| Apktool | secsi/apktool |
| BFAC | secsi/bfac |
| dirb | secsi/dirb |
| dirhunt | secsi/dirhunt |
| dirsearch | secsi/dirsearch |
| dnscan | secsi/dnscan |
| EyeWitness | secsi/eyewitness |
| ffuf | secsi/ffuf |
| fierce | secsi/fierce |
| Findsploit | secsi/findsploit |
| Gitrob | secsi/gitrob |
| GitTools | secsi/gittools |
| gobuster | secsi/gobuster |
| hydra | secsi/hydra |
| The JSON Web Token Toolkit | secsi/jwt_tools |
| Knock | secsi/knockpy |
| LFI Suite | secsi/lfisuite |
| MASSCAN | secsi/masscan |
| MassDNS | secsi/massdns |
| Nmap | secsi/nmap |
| pureDNS | secsi/puredns |
| Race The Web | secsi/race-the-web |
| RestfulHarvest | secsi/restfulharvest |
| Retire.js | secsi/retire |
| Sandcastle | secsi/sandcastle |
| sqlmap | secsi/sqlmap |
| Sublist3r | secsi/sublist3r |
| theHarvester | secsi/theharvester |
| vim | secsi/vim |
| waybackpy | secsi/waybackpy |
| WhatWeb | secsi/whatweb |
Conclusions
RAUDI is an open-source and free software released under the GNU GPL v3 License.
So what do you think? If you have any suggestions for improvements or for new tools to be added don’t be shy! You can view the source code of RAUDI by clicking here.