Security related Docker containers

    Published: 2024-10-02. Last Updated: 2024-10-02 18:03:00 UTC
    by Jim Clausing (Version: 1)
    0 comment(s)

    Over the last 9 months or so, I've been putting together some docker containers that I find useful in my day-to-day malware analysis and forensicating. I have been putting them up on hub.docker.com and decided, I might as well let others know they were there. In a couple of cases, I just found it easier to create a docker container than try to remember to switch in and out of a Python virtualenv. In a couple of other cases, it avoids issues I've had with conflicting version of installed packages. In every case, I'm tracking new releases so I can update my containers when new releases come out and I usually do so within a couple of days of the new release. The ones that I have up at the moment are the following:

    clausing/flare-floss

    clausing/capa

    clausing/hayabusa

    clausing/takajo

    clausing/chainsaw

    clausing/yara

    clausing/uac

    clausing/dfir-unfurl

    The USAGE portion of each page should give enough info on how to run thems (and what directories to map into the container). Hopefully, some of the rest of you will find these useful.

     

    ---------------
    Jim Clausing, GIAC GSE #26
    jclausing --at-- isc [dot] sans (dot) edu

    Keywords: docker
    0 comment(s)
    ISC Stormcast For Wednesday, October 2nd, 2024 https://isc.sans.edu/podcastdetail/9162

      Comments

      Login here to join the discussion.


      Diary Archives