RAUDI: Regularly and Automatically Updated Docker Images

Written by Angelo Delicato - 11 Jan 2022
RAUDI

Some weeks ago I saw one of my co-workers building a couple of Dockerfiles for some Network Security-related tools that do not have an official Docker Image. In my mind I thought: “this Docker Image will never be updated. I hate this”.

An idea crossed my mind: how many tools do not have an official Docker Image? For hundreds and hundreds of tools, we rely on Docker Images that are built by some guy that lives on the other side of the world and that will probably forget to constantly update that Docker Image. So we rolled up our sleeves and tried to solve this obnoxious problem. What we came up with is RAUDI (Regularly and Automatically Updated Docker Images).

What is RAUDI

RAUDI is what will save you from creating and managing a lot of Docker Images manually. Every time a tool is updated you need to update the Docker Image if you want to use the latest features, the dependencies are not working anymore.

This is messy and time-consuming.

RAUDI GitHub

Basically, RAUDI is a Python project that is able to retrieve information about a set of tools and is able to determine whether there is the need to build/publish a new Docker Image for every tool. Let’s describe this step-by-step.

How RAUDI works

Tool Structure

The initial work is, of course, manual. To add a new tool to manage two files must be created:

  • config.py
  • Dockerfile

The Dockerfile simply contains the instructions to build a Docker Image for that specific tool. What is different? We use build arguments that are dynamically retrieved. Here is a working example of the implementation of a popular tool called Knock:

Dockerfile Knock

As you can see the content is pretty simple. We get the .tar.gz, we unpack it and install the requirements. That’s it.

The interesting stuff is that the ARGs that are dynamically provided by the config.py:

config.py knock

The config.py, on the other hand, needs a bit more explanation. Every config.py must have a get_config function that takes two arguments:

  • organization: the name of the organization (default value is secsi)
  • common_args: common values for different tools (like the version of Alpine to use)

and must return a Python dict with the following keys:

  • name: the name of the Docker Image once it gets built;
  • version: the version that will be used as tagname;
  • buildargs: a dict that contains all the ARGs used in the Dockerfile;
  • tests: an array of command to test that the container works before pushing.

As you can see the information like the download URL and the version are retrieved through a helper function that takes the name of the GitHub repo.

Workflow

Given a description of a single tool let’s see what happens when RAUDI is executed (there are different execution modes, the one shown in the image below depicts the normal mode).

RAUDI Workflow

So the steps are the following:

  1. Retrieve common information (e.g. latest Alpine version)
  2. Load all the tools and retrieve informations for each one of them
  3. Check if a Docker Image already exists for that version
  4. IF not build it
  5. Check if the test commands return a 0 status code
  6. IF they dot push on Docker Hub

Currently Available Tools

Currently (11/01/2022) the available tools are the following:

NameDocker Image
Apktoolsecsi/apktool
BFACsecsi/bfac
dirbsecsi/dirb
dirhuntsecsi/dirhunt
dirsearchsecsi/dirsearch
dnscansecsi/dnscan
EyeWitnesssecsi/eyewitness
ffufsecsi/ffuf
fiercesecsi/fierce
Findsploitsecsi/findsploit
Gitrobsecsi/gitrob
GitToolssecsi/gittools
gobustersecsi/gobuster
hydrasecsi/hydra
The JSON Web Token Toolkitsecsi/jwt_tools
Knocksecsi/knockpy
LFI Suitesecsi/lfisuite
MASSCANsecsi/masscan
MassDNSsecsi/massdns
Nmapsecsi/nmap
pureDNSsecsi/puredns
Race The Websecsi/race-the-web
RestfulHarvestsecsi/restfulharvest
Retire.jssecsi/retire
Sandcastlesecsi/sandcastle
sqlmapsecsi/sqlmap
Sublist3rsecsi/sublist3r
theHarvestersecsi/theharvester
vimsecsi/vim
waybackpysecsi/waybackpy
WhatWebsecsi/whatweb

Conclusions

RAUDI is an open-source and free software released under the GNU GPL v3 License.

So what do you think? If you have any suggestions for improvements or for new tools to be added don’t be shy! You can view the source code of RAUDI by clicking here.

RAUDI: Regularly and Automatically Updated Docker Images
Scroll to top