Skip to content

Commit

Permalink
Intial Commit
Browse files Browse the repository at this point in the history
  • Loading branch information
Pegleg committed Jun 5, 2018
0 parents commit 10fc0d3
Show file tree
Hide file tree
Showing 4 changed files with 1,300 additions and 0 deletions.
30 changes: 30 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
# WhaleTail


WhaleTail is a Go program which is designed to reverse engineer a Docker Image into the Dockerfile that created it. It currently performs the following actions

- Generates a Dockerfile from an Image
- Searches added filenames for potential secret files
- Extracts files that were added by the Docker ADD/COPY Instructions
- It also displays misc. information such as ports open, the user it runs as and environment variables.

![alt text](https://samaritan.ai/wp-content/uploads/2018/06/Screen-Shot-2018-06-04-at-8.51.22-PM.png "Logo Title Text 1")

### How to build it
Git clone the project into your $GOPATH/src directory and perform the following command
```go
cd $GOPATH/src
git clone https://github.com/P3GLEG/WhaleTail
go build .
```
### How to run it
```go
./WhaleTail
Usage of ./WhaleTail:
-f string
File containing images to analyze seperated by line
-filter
Filters filenames that create noise such as node_modules. Check ignore.go file for more details (default true)
-v Print all details about the image
-x Save layers to current directory
```
163 changes: 163 additions & 0 deletions ignore.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,163 @@
package main
//This file is copied from https://raw.githubusercontent.com/github/linguist/master/lib/linguist/vendor.yml
//This file filters items that are considered noisey and not useful in most situations.
var InternalWordlist = []string{
".npm/",
"usr/share/",
"(^|/)cache/",
"^[Dd]ependencies/",
"(^|/)dist/",
"^deps/",
"(^|/)configure$",
"(^|/)config.guess$",
"(^|/)config.sub$",
"(^|/)aclocal.m4",
"(^|/)libtool.m4",
"(^|/)ltoptions.m4",
"(^|/)ltsugar.m4",
"(^|/)ltversion.m4",
"(^|/)lt~obsolete.m4",
"cpplint.py",
"node_modules/",
"bower_components/",
"^rebar$",
"erlang.mk",
"Godeps/_workspace/",
".indent.pro",
"(\\.|-)min\\.(js|css)$",
"([^\\.]*)import\\.(css|less|scss|styl)$",
"(^|/)bootstrap([^.]*)\\.(js|css|less|scss|styl)$",
"(^|/)custom\\.bootstrap([^\\.]*)(js|css|less|scss|styl)$",
"(^|/)font-awesome\\.(css|less|scss|styl)$",
"(^|/)font-awesome/.*\\.(css|less|scss|styl)$",
"(^|/)foundation\\.(css|less|scss|styl)$",
"(^|/)normalize\\.(css|less|scss|styl)$",
"(^|/)skeleton\\.(css|less|scss|styl)$",
"(^|/)[Bb]ourbon/.*\\.(css|less|scss|styl)$",
"(^|/)animate\\.(css|less|scss|styl)$",
"(^|/)materialize\\.(css|less|scss|styl|js)$",
"(^|/)select2/.*\\.(css|scss|js)$",
"third[-_]?party/",
"3rd[-_]?party/",
"vendors?/",
"extern(al)?/",
"(^|/)[Vv]+endor/",
"^debian/",
"run.n$",
"bootstrap-datepicker/",
"(^|/)jquery([^.]*)\\.js$",
"(^|/)jquery\\.\\.\\.\\.+(\\.\\.+)?\\.js$",
"(^|/)jquery\\.ui(\\.\\.\\.\\.+(\\.\\.+)?)?(\\.\\.+)?\\.(js|css)$",
"(^|/)jquery\\.(ui|effects)\\.([^.]*)\\.(js|css)$",
"jquery.fn.gantt.js",
"jquery.fancybox.(js|css)",
"fuelux.js",
"(^|/)jquery\\.fileupload(-\\.+)?\\.js$",
"jquery.dataTables.js",
"bootbox.js",
"pdf.worker.js",
"(^|/)slick\\.\\.+.js$",
"(^|/)Leaflet\\.Coordinates-\\.+\\.\\.+\\.\\.+\\.src\\.js$",
"leaflet.draw-src.js",
"leaflet.draw.css",
"Control.FullScreen.css",
"Control.FullScreen.js",
"leaflet.spin.js",
"wicket-leaflet.js",
".sublime-project",
".sublime-workspace",
".vscode",
"(^|/)prototype(.*)\\.js$",
"(^|/)effects\\.js$",
"(^|/)controls\\.js$",
"(^|/)dragdrop\\.js$",
"(.*?)\\.d\\.ts$",
"(^|/)mootools([^.]*)\\.+\\.\\.+.\\.+([^.]*)\\.js$",
"(^|/)dojo\\.js$",
"(^|/)MochiKit\\.js$",
"(^|/)yahoo-([^.]*)\\.js$",
"(^|/)yui([^.]*)\\.js$",
"(^|/)ckeditor\\.js$",
"(^|/)tiny_mce([^.]*)\\.js$",
"(^|/)tiny_mce/(langs|plugins|themes|utils)",
"(^|/)ace-builds/",
"(^|/)fontello(.*?)\\.css$",
"(^|/)MathJax/",
"(^|/)Chart\\.js$",
"(^|/)[Cc]ode[Mm]irror/(\\.+\\.\\.+/)?(lib|mode|theme|addon|keymap|demo)",
"(^|/)shBrush([^.]*)\\.js$",
"(^|/)shCore\\.js$",
"(^|/)shLegacy\\.js$",
"(^|/)angular([^.]*)\\.js$",
"(^|\\.)d3(\\.v\\.+)?([^.]*)\\.js$",
"(^|/)react(-[^.]*)?\\.js$",
"(^|/)flow-typed/.*\\.js$",
"(^|/)modernizr\\.\\.\\.\\.+(\\.\\.+)?\\.js$",
"(^|/)modernizr\\.custom\\.\\.+\\.js$",
"(^|/)knockout-(\\.+\\.){3}(debug\\.)?js$",
"(^|/)docs?/_?(build|themes?|templates?|static)/",
"(^|/)admin_media/",
"(^|/)env/",
"^fabfile\\.py$",
"^waf$",
"^.osx$",
"\\.xctemplate/",
"\\.imageset/",
"(^|/)Carthage/",
"(^|/)Sparkle/",
"Crashlytics.framework/",
"Fabric.framework/",
"BuddyBuildSDK.framework/",
"Realm.framework",
"RealmSwift.framework",
"gitattributes$",
"gitignore$",
"gitmodules$",
"(^|/)gradlew$",
"(^|/)gradlew\\.bat$",
"(^|/)gradle/wrapper/",
"(^|/)mvnw$",
"(^|/)mvnw\\.cmd$",
"(^|/)\\.mvn/wrapper/",
"-vsdoc\\.js$",
"\\.intellisense\\.js$",
"(^|/)jquery([^.]*)\\.validate(\\.unobtrusive)?\\.js$",
"(^|/)jquery([^.]*)\\.unobtrusive\\.ajax\\.js$",
"(^|/)[Mm]icrosoft([Mm]vc)?([Aa]jax|[Vv]alidation)(\\.debug)?\\.js$",
"^[Pp]ackages\\..+\\.\\.+\\.",
"(^|/)extjs/.*?\\.js$",
"(^|/)extjs/.*?\\.xml$",
"(^|/)extjs/.*?\\.txt$",
"(^|/)extjs/.*?\\.html$",
"(^|/)extjs/.*?\\.properties$",
"(^|/)extjs/.sencha/",
"(^|/)extjs/docs/",
"(^|/)extjs/builds/",
"(^|/)extjs/cmd/",
"(^|/)extjs/examples/",
"(^|/)extjs/locale/",
"(^|/)extjs/packages/",
"(^|/)extjs/plugins/",
"(^|/)extjs/resources/",
"(^|/)extjs/src/",
"(^|/)extjs/welcome/",
"(^|/)html5shiv\\.js$",
"^[Tt]ests?/fixtures/",
"^[Ss]pecs?/fixtures/",
"(^|/)cordova([^.]*)\\.js$",
"(^|/)cordova\\.\\.\\.\\.(\\.\\.)?\\.js$",
"foundation(\\..*)?\\.js$",
"^Vagrantfile$",
".[Dd][Ss]_[Ss]tore$",
"^vignettes/",
"^inst/extdata/",
"octicons.css",
"sprockets-octicons.scss",
"(^|/)activator$",
"(^|/)activator\\.bat$",
"proguard.pro",
"proguard-rules.pro",
"^puphpet/",
"(^|/)\\.google_apis/",
"^Jenkinsfile$",
}
Loading

0 comments on commit 10fc0d3

Please sign in to comment.