Doc-Reversing

Docker image containing various tools useful for reverse engineering and exploit development activities.

Included Tools

• binwalk
• cwe_checker
• gdb with GEF
• Ghidra for headless scripting
• Golang
• pwntools
• ropper
• qiling
  • includes qltool
  • Root FS distributed with the project are located in ~/toolschest/qiling/examples/rootfs.
• QEMU
• radare2
  • r2ghidra plugin
• Rust

And many others.

High Level Workflow

Clone the repository:

git clone https://github.com/0xor0ne/doc-revexp
cd doc-revexp

Build the docker image (this is going to take a while):

./scripts/docker_build.sh

run the container interactively:

./scripts/docker_run_inter.sh

inside the container the directory ${HOME}/shared is shared with the host and the directory ${HOME}/workspace is where the optional persistent volume is mounted (see below).

NOTE: by running the container without a mounted persistent volume, all the work done is volatile unless saved in the shared directory.

It is possible to set a custom persistent volume or a custom shared directory (or both) by using the options --volume and --shared with the script ./scripts/docker_run_inter.sh.

For example, create a new volume with:

docker volume create --name doc-revexp-vol

and then run:

./scripts/docker_run_inter.sh --volume doc-revexp-vol --shared /tmp

With the previous command, the container will use the newly create volume dov-revexp-vol and the host will share the directory /tmp. When option --shared is not used, by default the root directory of doc-revexp project is shared inside the container.

If you need to attach another terminal to the running container, use:

./scripts/docker_attach.sh

For removing both the container and the image, run:

./scripts/docker_remove_all.sh

Examples

• ARM (32 bits) Emulation and Debugging