irt/docker_file_analysis
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
169ef5fb03dd27eabe29adae10df9be7213c9bf7
docker_file_analysis/tool-comparison.md
Tobias Kessels 169ef5fb03 Migrate from Kali to REMnux base image 
- Created new Dockerfile.remnux based on remnux/remnux-distro:latest
- Added comprehensive tool testing suite (test-tools.sh, test-containers.sh)
- Tool comparison analysis shows we get all original tools plus additional ones from REMnux:
  * Additional PDF tools: qpdf, pdfresurrect, pdftool, base64dump, tesseract
  * All original tools preserved: pdfid.py, pdf-parser.py, peepdf, origami, capa, box-js, visidata, unfurl
- Updated README.md with new usage instructions
- Updated WARP.md documentation
- All 21 tools tested and verified working
- Migration maintains full functionality while adding REMnux capabilities
2025-09-30 12:40:55 +02:00

2.6 KiB
Raw Blame History

Tool Comparison: Current Kali vs REMnux

Current Tools in Kali-based Container

PDF Analysis Tools

  • pdfid.py - Schnelle Übersicht über PDF-Aufbau
  • pdf-parser.py - Zerlegen und extrahieren von PDF-Elementen
  • peepdf - PDF-Analyse Framework mit Javascript Analyse
  • pdftk - Tool um das PDF zu "flatten"
  • origami (Ruby gems) - pdfcop, pdfextract, pdfmetadata

Malware Analysis Tools

  • capa - Malware capability detection
  • box-js - JavaScript sandbox analysis
  • oletools (oledump.py, rtfdump.py, emldump.py, etc.)
  • visidata - Data exploration and analysis
  • unfurl - URL/data analysis

General Tools

  • exiftool - Metadata extraction
  • catdoc, docx2txt - Document conversion
  • unrtf - RTF processing
  • ImageMagick - Image processing
  • DidierStevens suite - many analysis tools in /opt/didierstevenssuite/

System Tools

  • mc - Midnight Commander
  • wget, git, p7zip-full, npm

REMnux PDF Tools (Already Available)

PDF Analysis Suite ( Already have most)

  • peepdf - same tool
  • origami - same Ruby gem suite
  • pdf-parser.py - same Didier Stevens tool
  • pdfid.py - same Didier Stevens tool
  • pdftk-java - same as pdftk but Java version
  • qpdf - PDF manipulation tool we don't have
  • pdfresurrect - Extract previous PDF versions, we don't have
  • pdftool - Analyze PDF incremental updates, we don't have

General Document Analysis (REMnux has)

  • base64dump - Didier Stevens Base64 decoder, we don't have
  • tesseract - OCR tool, we don't have

Analysis: What We Need to Add

Tools REMnux has that we don't:

  1. qpdf - PDF manipulation (merge, convert, transform)
  2. pdfresurrect - Extract previous versions from PDFs
  3. pdftool - PDF incremental update analysis
  4. base64dump.py - Base64 decoder (Didier Stevens)
  5. tesseract - OCR tool

Tools we have that REMnux doesn't explicitly list:

  1. capa - Malware capability detection
  2. box-js - JavaScript sandbox
  3. visidata - Data exploration
  4. unfurl - URL/data analysis
  5. ImageMagick - Image processing
  6. catdoc/docx2txt - Document conversion

Migration Strategy

REMnux base image will provide:

  • All our current PDF tools (peepdf, origami, pdf-parser.py, pdfid.py, pdftk)
  • Plus additional tools (qpdf, pdfresurrect, pdftool, base64dump, tesseract)

We need to add:

  • capa (malware analysis)
  • box-js (JavaScript analysis)
  • visidata (data exploration)
  • unfurl (URL analysis)
  • Our German documentation files
Reference in New Issue View Git Blame Copy Permalink