GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → P3GLEG → Whaler

P3GLEG / Whaler

Licence: gpl-3.0
Program to reverse Docker images into Dockerfiles

Programming Languages

go
31211 projects - #10 most used programming language

Labels

securitydockerfilereverse-engineeringsecurity-toolsdocker-imagesecretspasswords

Projects that are alternatives of or similar to Whaler

Androidlibrary
Android library to reveal or obfuscate strings and assets at runtime
Stars: ✭ 162 (-75.82%)
Mutual labels:  security-tools, reverse-engineering
ink
A Logger backend that logs JSON
Stars: ✭ 64 (-90.45%)
Mutual labels:  secrets, passwords
Rebel Framework
Advanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (-72.69%)
Mutual labels:  security-tools, reverse-engineering
Sojobo
A binary analysis framework
Stars: ✭ 116 (-82.69%)
Mutual labels:  security-tools, reverse-engineering
Cryptr
Cryptr: a GUI for Hashicorp's Vault
Stars: ✭ 324 (-51.64%)
Mutual labels:  secrets, passwords
Awesome Mobile Security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+174.18%)
Mutual labels:  security-tools, reverse-engineering
Shed
.NET runtime inspector
Stars: ✭ 229 (-65.82%)
Mutual labels:  security-tools, reverse-engineering
Envkey App
Secure, human-friendly, cross-platform secrets and config.
Stars: ✭ 83 (-87.61%)
Mutual labels:  security-tools, secrets
Polichombr
Collaborative malware analysis framework
Stars: ✭ 307 (-54.18%)
Mutual labels:  security-tools, reverse-engineering
OpenVAS-Docker
A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)
Stars: ✭ 16 (-97.61%)
Mutual labels:  docker-image, security-tools
M4ngl3m3
Common password pattern generator using strings list
Stars: ✭ 103 (-84.63%)
Mutual labels:  security-tools, passwords
Hashview
A web front-end for password cracking and analytics
Stars: ✭ 601 (-10.3%)
Mutual labels:  security-tools, passwords
Fugacious
OSSSM (awesome). Open source short-term secure messaging
Stars: ✭ 100 (-85.07%)
Mutual labels:  security-tools, passwords
Execution Trace Viewer
Tool for viewing and analyzing execution traces
Stars: ✭ 149 (-77.76%)
Mutual labels:  security-tools, reverse-engineering
Squealer
Telling tales on you for leaking secrets!
Stars: ✭ 97 (-85.52%)
Mutual labels:  security-tools, secrets
Replica
Ghidra Analysis Enhancer 🐉
Stars: ✭ 194 (-71.04%)
Mutual labels:  security-tools, reverse-engineering
Subdomainizer
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Stars: ✭ 915 (+36.57%)
Mutual labels:  security-tools, secrets
Appmon
Documentation:
Stars: ✭ 1,157 (+72.69%)
Mutual labels:  security-tools, reverse-engineering
envy
Use envy to manage environment variables with your OS keychain
Stars: ✭ 23 (-96.57%)
Mutual labels:  secrets, passwords
Dexcalibur
[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
Stars: ✭ 512 (-23.58%)
Mutual labels:  security-tools, reverse-engineering
View All Similar Projects ➔

Whaler

Whaler is a Go program which is designed to reverse engineer docker images into the Dockerfile that created it. It currently performs the following actions

  • Generates a Dockerfile from an Image
  • Searches added filenames for potential secret files
  • Extracts files that were added by the Docker ADD/COPY Instructions
  • It also displays misc. information such as ports open, the user it runs as and environment variables.

alt text

You can read more about this on my blog Here

How to run it

The easiest way is to run the tool in docker container:

docker pull pegleg/whaler
docker run -t --rm -v /var/run/docker.sock:/var/run/docker.sock:ro pegleg/whaler -sV=1.36 nginx:latest

docker build --rm -t pegleg/whaler .
alias whaler="docker run -t --rm -v /var/run/docker.sock:/var/run/docker.sock:ro pegleg/whaler"
whaler -sV=1.36 nginx:latest

This tool will pull target docker image automatically. Parameter -sV=1.36 is not always required.

How to build it

Git clone the project into your $GOPATH/src directory and perform the following command

go get -u github.com/P3GLEG/Whaler
cd $GOPATH/src/github.com/P3GLEG/Whaler
go build .

How to run it

./Whaler
Usage of ./Whaler:
  -f string
    	File containing images to analyze seperated by line
  -filter
    	Filters filenames that create noise such as node_modules. Check ignore.go file for more details (default true)
  -sV string
    	Set the docker client ID to a specific version -sV=1.36
  -v	Print all details about the image
  -x	Save layers to current directory
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].