Docker containers are the future! It surely seems so from the myriad projects that are being ‘dockerized’! One such cool project is Docker IDA, your answer for large scale reverse engineering, which allows you to run IDA Pro disassembler in Docker containers for automating, scaling and distributing the use of IDAPython scripts.
While there are multiple platform dependent libraries such as pefile, pyelftools, pwntools in Python and objdump and similar tools. Now, there is LIEF, an open source cross platform library to parse, modify and abstract ELF, PE and MachO file formats.
Since I blogged a bit about docker security tools, I thought of continuing the trend and introduce Pwnbox, is an open source docker container that has tools to aid you in reverse engineering and exploitation. It allows you to package up an container with all of the tools of trade you need in a capture-the-flag situation, or elsewhere too!
The Docker security god must surely be smiling and thinking he must have done something right to have tools like Dagda that helps in performing static analysis of known vulnerabilities on Docker containers. If you did not get my “Docker security guard” analogy, I won’t blame you either. Google told me that Dagda is an important god of Irish mythology.
Since my last posts (Anchore & Docker Scan) were about Docker security, I thought I should continue the trend and blog about Sysdig Falco, the open source behavioral activity monitor with container support.
What better way to kick off the first blog post than talk about a tool which deals with Docker security. Docker is an open-source project that automates the deployment of applications inside software containers. These containers bundle up pieces of software in a complete filesystem that has everything it needs to run, so that you can package your applications into a singular unit. This is where Dockerscan comes into the picture.