RAUDI
A repo to automatically generate and keep updated a series of Docker images through GitHub Actions.
Install / Use
/learn @cybersecsi/RAUDIREADME
🐳 RAUDI: Regularly and Automatically Updated Docker Images
RAUDI (Regularly and Automatically Updated Docker Images) automatically generates and keep updated a series of Docker Images through GitHub Actions for tools that are not provided by the developers.
Table of Contents
- What is RAUDI
- Fork
- Setup
- Test
- Local Usage
- Available Tools
- Tool Structure
- Helpers
- Examples
- How to Pronounce
- Contributions
- Credits
- License
What is RAUDI
RAUDI is what will save you from creating and managing a lot of Docker Images manually. Every time a software is updated you need to update the Docker Image if you want to use the latest features, the dependencies are not working anymore.
This is messy and time-consuming.
Don't worry anymore, we got you covered.
You may either fork this repo and use the GitHub Workflow yourself or use it locally (and manage its execution the way you want).
Fork
If you want to fork this repo you also have to set up some secrets to be able to push your images on your personal Docker Hub account. Two GitHub secrets must be set:
- DOCKER_USER: Your Docker Hub Username;
- DOCKER_API_TOKEN: Your Docker Hub Password or API Token.
After setting those secrets you have to edit the organization variable set in the tools/main.py file since it is configured to push on the Docker Hub for SecSI.
That's all guys: go to Action, enable it for your forked repo, wait until midnight, and the Workflow will do the heavy work!
Setup
This repo can also be executed locally. The requirements to be met are the following:
- Python 3.x
- Docker (with BuildX)
Here is the documentation for working with BuildX: https://docs.docker.com/buildx/working-with-buildx/
The setup phase is pretty straightforward, you just need the following commands:
git clone https://github.com/cybersecsi/RAUDI
cd RAUDI
pip install -r requirements.txt
You're ready to go!
Test
To run the test you need to install pytest with the command pip install pytest (it is not in requirements.txt since it is needed only for testing purposes) and then you may run:
pytest -s
or
python -m pytest -s
to run the tests.
Local Usage
RAUDI can build and push all the tools that are put into the tools directory. There are different options that can be used when running it. Before using it locally you should create a .env file (you can just copy the .env.sample file) and add your GitHub Personal Access Token to avoid Rate Limiting. For unauthenticated users GitHub allows up to 60 requests per hour, while authenticated users are allowed up to 15.000 requests per hour. For this reason we advice you to add it! You can also create a personal access token without any scope since anything we do is read some info for every GitHub repo.
Execution Modes
Normal Execution
In this mode RAUDI tries to build all the tools if needed. The command to run it is simply:
python3 ./raudi.py --all
Single Build
In this mode RAUDI tries to build only the specified tool. The command in this case is:
python3 ./raudi.py --single <tool_name>
tool_name MUST be the name of the directory inside the tools folder.
Test tool
Since the tests parameter has been added to the configuration structure of the tool is can be helpful to test if the inserted commands do return a 0 status code. The command to test a specific tool is:
python3 ./raudi.py --test <tool_name>
tool_name MUST be the name of the directory inside the tools folder.
Show tools
If you want to know the available tools you can run this command:
python3 ./raudi.py --list
Bootstrap tool
If you want to quickly add a new tool folder starting from one of the available templates you can run this command:
python3 ./raudi.py --bootstrap <new_tool_name>
Options
| Option | Description | Default Value | | -------- | --------------------------------------------------------------------- | ------------- | | --push | Whether automatically push to Docker Hub | False | | --remote | Whether check against Docker Hub instead of local Docker before build | False | | --force | Whether build or not if an image with the same tagname has been found | False |
Available Tools
This is the current list of tools that have been added. Those are all tools that do not have an official Docker Image provided by the developer:
| Name | Docker Image | Source | | -------------------------- | -------------------- | ------------------------------------------------ | | 3proxy | secsi/3proxy | https://github.com/3proxy/3proxy | | Altdns | secsi/altdns | https://github.com/infosec-au/altdns | | Apktool | secsi/apktool | https://github.com/iBotPeaches/Apktool | | Arjun | secsi/arjun | https://github.com/s0md3v/Arjun | | bfac | secsi/bfac | https://github.com/mazen160/bfac | | CloudFail | secsi/cloudfail | https://github.com/m0rtem/CloudFail | | CMSeeK | secsi/cmseek | https://github.com/Tuhinshubhra/CMSeeK | | Crowbar | secsi/crowbar | https://github.com/galkan/crowbar | | Dalfox | secsi/dalfox | https://github.com/hahwul/dalfox | | datasploit | secsi/datasploit | https://github.com/DataSploit/datasploit | | dex2jar | secsi/dex2jar | https://github.com/pxb1988/dex2jar | | dirb | secsi/dirb | http://dirb.sourceforge.net/ | | dirhunt | secsi/dirhunt | https://github.com/Nekmo/dirhunt | | dirsearch | secsi/dirsearch | https://github.com/maurosoria/dirsearch | | dnscan | secsi/dnscan | https://github.com/rbsec/dnscan | | Dorks Eye | secsi/dorks-eye | https://github.com/BullsEye0/dorks-eye | | dvcs-ripper | secsi/dvcs-ripper | https://github.com/kost/dvcs-ripper | | ExifTool | secsi/exiftool | https://github.com/exiftool/exiftool | | EyeWitness | secsi/eyewitness | https://github.com/FortyNorthSecurity/EyeWitness | | fast-recon | secsi/fast-recon | https://github.com/DanMcInerney/fast-recon | | ffuf | secsi/ffuf | https://github.com/ffuf/ffuf | | fierce | secsi/fierce | https://github.com/mschwager/fierce | | Findsploit | secsi/findsploit | https://github.com/1N3/Findsploit | | GetJS | secsi/getjs | https://github.com/003random/getJS | | gf | secsi/gf | https://github.com/tomnomnom/gf | | Gitrob | secsi/gitrob | https://github.com/michenriksen/gitrob | | GitTools | secsi/gittools | https://github.com/internetwache/GitTool | | gobuster | secsi/gobuster | https://github.com/OJ/gobuster | | GoogD0rker | secsi/googd0rker | https://github.com/ZephrFish/GoogD0rker | | GoSpider | secsi/gospider | https://github.com/jaeles-project/gospider | | Ground control | secsi/ground-control | https://github.com/jobertabma/ground-control | | Hakrawler | secsi/hakrawler | https://github.com/hakluke/hakrawler | | hakrevdns | secsi/hakrevdns | https://github.com/hakluke/hakrevdns | | hashID | secsi/hashid | https://github.com/psypanda/hashID | | httprobe | secsi/httprobe | https://github.com/tomnomnom/httprobe | | hydra | secsi/hydra | https://github.com/vanhauser-thc/thc-hydra | | impacket | secsi/impacket | https://github.com/SecureAuthCorp/impacket | | JoomScan | secsi/joomscan | https://github.com/OWASP/joomscan | | JSON Hero | secsi/jsonhero | https://github.com/triggerdotdev/jsonhero-web | | The JSON Web Token Toolkit | secsi/jwt_tool | https://github.com/ticarpi/jwt_tool | | knock | secsi/knockpy | https://github.com/guelfoweb/knock | | LFI Suite | secsi/lfisuite | https://github.com/D35
