FROM remnux/remnux-distro:latest LABEL maintainer="tabledevil" USER root ARG DEBIAN_FRONTEND=noninteractive ENV TZ=Europe/Berlin # Install additional system packages that REMnux doesn't include RUN apt-get update && apt-get install -y \ busybox \ catdoc \ docx2txt \ fd-find \ fish \ fzf \ mc \ pipx \ ripgrep \ unrtf \ zsh \ zsh-autosuggestions \ zsh-syntax-highlighting \ && rm -rf /var/lib/apt/lists/* # Configure pip ENV PYTHONDONTWRITEBYTECODE=1 ADD pip.conf /etc/pip.conf # Install Mandiant CAPA for malware analysis RUN wget -O- https://github.com/mandiant/capa/releases/download/v7.4.0/capa-v7.4.0-linux.zip | busybox unzip -d /usr/bin - \ && chmod +x /usr/bin/capa # Install JavaScript sandbox RUN npm install box-js --global --production # Install unfurl & dependencies via pipx (for URL analysis) RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps dfir-unfurl \ && PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx inject dfir-unfurl requests six maclookup # Install visidata via pipx (for data exploration) RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps visidata # Install offline help and cheat sheet tools RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps cheat \ && PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install --include-deps tldr # Removed navi - focus on tldr and cheat for reliable help system # Create data directory and set permissions RUN mkdir -p /data \ && chown remnux:remnux /data # Add documentation and streamlined help system ADD files/README /opt/README ADD files/command_help /opt/command_help ADD files/zshrc /etc/zsh/zshrc ADD files/fish_config.fish /etc/fish/conf.d/remnux.fish ADD scripts/create-offline-help-system.sh /usr/local/bin/create-offline-help-system.sh ADD scripts/find-tool /usr/local/bin/find-tool ADD scripts/fhelp /usr/local/bin/fhelp ADD scripts/import-remnux-cheatsheets.sh /usr/local/bin/import-remnux-cheatsheets.sh ADD scripts/convert-remnux-cheats.py /usr/local/bin/convert-remnux-cheats.py ADD scripts/add-tool-cheats.sh /usr/local/bin/add-tool-cheats.sh # Create streamlined offline help system (tldr + cheat) RUN chmod +x /usr/local/bin/create-offline-help-system.sh /usr/local/bin/find-tool /usr/local/bin/fhelp /usr/local/bin/import-remnux-cheatsheets.sh \ && chmod +x /usr/local/bin/convert-remnux-cheats.py /usr/local/bin/add-tool-cheats.sh \ && /usr/local/bin/create-offline-help-system.sh \ && /usr/local/bin/add-tool-cheats.sh # Update bashrc with welcome message and comprehensive help info RUN echo 'cat /opt/README' >> /etc/bash.bashrc \ && echo 'echo ""' >> /etc/bash.bashrc \ && echo 'echo "📚 Comprehensive Help System:"' >> /etc/bash.bashrc \ && echo 'echo " fhelp - Complete file analysis help"' >> /etc/bash.bashrc \ && echo 'echo " fhelp tools pdf - Find PDF analysis tools"' >> /etc/bash.bashrc \ && echo 'echo " fhelp cheat pdfid.py - Show command examples"' >> /etc/bash.bashrc \ && echo 'echo " fhelp examples - Browse all examples"' >> /etc/bash.bashrc \ && echo 'echo " fhelp pdf - PDF analysis workflow"' >> /etc/bash.bashrc \ && echo 'echo ""' >> /etc/bash.bashrc \ && echo 'alias analyse="fhelp"' >> /etc/bash.bashrc \ && echo 'alias ?="fhelp"' >> /etc/bash.bashrc # Switch to remnux user (REMnux default user) USER remnux ENV LANG=en_US.UTF-8 ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/remnux/.local/bin WORKDIR /data CMD ["/bin/bash"]