forked from smicallef/spiderfoot
-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathDockerfile
51 lines (42 loc) · 2.03 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#
# Spiderfoot Dockerfile
#
FROM debian:bullseye-slim
ARG REQUIREMENTS=requirements.txt
RUN apt-get update && apt-get install -y --no-install-recommends gcc git curl swig libxml2-dev libxslt-dev libjpeg-dev zlib1g-dev libffi-dev libssl-dev python3 python3-pip
WORKDIR /home/spiderfoot
COPY $REQUIREMENTS requirements.txt ./
RUN pip install --no-cache-dir -U pip==25.0.1 && pip install --no-cache-dir -r requirements.txt
# Place database and logs outside installation directory
ENV SPIDERFOOT_DATA /var/lib/spiderfoot
ENV SPIDERFOOT_LOGS /var/lib/spiderfoot/log
ENV SPIDERFOOT_CACHE /var/lib/spiderfoot/cache
# Run everything as one command so that only one layer is created
RUN apt-get update && apt-get install -y --no-install-recommends libxml2 libxslt1.1 libjpeg62-turbo zlib1g \
&& addgroup --system spiderfoot \
&& adduser --system --ingroup spiderfoot --home /home/spiderfoot --shell /usr/sbin/nologin \
--gecos "SpiderFoot User" spiderfoot \
&& rm -rf /var/lib/apt/lists/* \
&& mkdir -p $SPIDERFOOT_DATA || true \
&& mkdir -p $SPIDERFOOT_LOGS || true \
&& mkdir -p $SPIDERFOOT_CACHE || true \
&& chown spiderfoot:spiderfoot $SPIDERFOOT_DATA \
&& chown spiderfoot:spiderfoot $SPIDERFOOT_LOGS \
&& chown spiderfoot:spiderfoot $SPIDERFOOT_CACHE
# Install tools/dependencies from apt
RUN apt-get -y update && apt-get install -y --no-install-recommends nbtscan onesixtyone nmap whatweb bsdmainutils dnsutils coreutils libcap2-bin
RUN mkdir /tools
WORKDIR /tools
RUN pip install --no-cache-dir dnstwist snallygaster trufflehog wafw00f -t /tools \
&& git clone --depth 1 https://github.com/testssl/testssl.sh.git \
&& git clone https://github.com/Tuhinshubhra/CMSeeK && cd CMSeeK && pip install --no-cache-dir -r requirements.txt && mkdir Results
## Enable NMAP into the container to be fully used
RUN setcap cap_net_raw,cap_net_admin=eip /usr/bin/nmap
USER spiderfoot
EXPOSE 5001
EXPOSE 8000
WORKDIR /home/spiderfoot
COPY . .
# Run the application.
ENTRYPOINT ["python3"]
CMD ["sf.py", "-l", "0.0.0.0:5001"]