irt/docker_file_analysis
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
169ef5fb03dd27eabe29adae10df9be7213c9bf7
docker_file_analysis/tool-comparison.md
Tobias Kessels 169ef5fb03 Migrate from Kali to REMnux base image 
- Created new Dockerfile.remnux based on remnux/remnux-distro:latest
- Added comprehensive tool testing suite (test-tools.sh, test-containers.sh)
- Tool comparison analysis shows we get all original tools plus additional ones from REMnux:
  * Additional PDF tools: qpdf, pdfresurrect, pdftool, base64dump, tesseract
  * All original tools preserved: pdfid.py, pdf-parser.py, peepdf, origami, capa, box-js, visidata, unfurl
- Updated README.md with new usage instructions
- Updated WARP.md documentation
- All 21 tools tested and verified working
- Migration maintains full functionality while adding REMnux capabilities
2025-09-30 12:40:55 +02:00

74 lines
2.6 KiB
Markdown
Raw Blame History

# Tool Comparison: Current Kali vs REMnux
## Current Tools in Kali-based Container
### PDF Analysis Tools
- **pdfid.py** - Schnelle Übersicht über PDF-Aufbau
- **pdf-parser.py** - Zerlegen und extrahieren von PDF-Elementen
- **peepdf** - PDF-Analyse Framework mit Javascript Analyse
- **pdftk** - Tool um das PDF zu "flatten"
- **origami** (Ruby gems) - pdfcop, pdfextract, pdfmetadata
### Malware Analysis Tools
- **capa** - Malware capability detection
- **box-js** - JavaScript sandbox analysis
- **oletools** (oledump.py, rtfdump.py, emldump.py, etc.)
- **visidata** - Data exploration and analysis
- **unfurl** - URL/data analysis
### General Tools
- **exiftool** - Metadata extraction
- **catdoc**, **docx2txt** - Document conversion
- **unrtf** - RTF processing
- **ImageMagick** - Image processing
- **DidierStevens suite** - many analysis tools in /opt/didierstevenssuite/
### System Tools
- **mc** - Midnight Commander
- **wget**, **git**, **p7zip-full**, **npm**
## REMnux PDF Tools (Already Available)
### PDF Analysis Suite (✅ Already have most)
- **peepdf** ✅ - same tool
- **origami** ✅ - same Ruby gem suite
- **pdf-parser.py** ✅ - same Didier Stevens tool
- **pdfid.py** ✅ - same Didier Stevens tool
- **pdftk-java** ✅ - same as pdftk but Java version
- **qpdf** ❌ - PDF manipulation tool we don't have
- **pdfresurrect** ❌ - Extract previous PDF versions, we don't have
- **pdftool** ❌ - Analyze PDF incremental updates, we don't have
### General Document Analysis (REMnux has)
- **base64dump** ❌ - Didier Stevens Base64 decoder, we don't have
- **tesseract** ❌ - OCR tool, we don't have
## Analysis: What We Need to Add
### Tools REMnux has that we don't:
1. **qpdf** - PDF manipulation (merge, convert, transform)
2. **pdfresurrect** - Extract previous versions from PDFs
3. **pdftool** - PDF incremental update analysis
4. **base64dump.py** - Base64 decoder (Didier Stevens)
5. **tesseract** - OCR tool
### Tools we have that REMnux doesn't explicitly list:
1. **capa** - Malware capability detection
2. **box-js** - JavaScript sandbox
3. **visidata** - Data exploration
4. **unfurl** - URL/data analysis
5. **ImageMagick** - Image processing
6. **catdoc/docx2txt** - Document conversion
## Migration Strategy
REMnux base image will provide:
- All our current PDF tools (peepdf, origami, pdf-parser.py, pdfid.py, pdftk)
- Plus additional tools (qpdf, pdfresurrect, pdftool, base64dump, tesseract)
We need to add:
- capa (malware analysis)
- box-js (JavaScript analysis)
- visidata (data exploration)
- unfurl (URL analysis)
- Our German documentation files
Reference in New Issue View Git Blame Copy Permalink