search

cisagov / untitledgoosetool

Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azure Active Directory (AzureAD), Azure, and M365 environments.
Creative Commons Zero v1.0 Universal
904 stars 77 forks source link

Interest in containerization #59

Closed corbin-lounsbury closed 4 weeks ago

corbin-lounsbury commented 7 months ago

💡 Summary

What is the work, as a high-level summary?

Trying this out at work and I wanted to see if there was interest in containerizing the application to make installation and use easier

Why does this work belong in this project?

As stated above, it would be easier to resolve dependencies and provide a way to run regardless of platform

Implementation notes

Still working this out. I have a somewhat working version, but wanted to check if someone else had done it or if there wasn't any interest in maintaining it. Also wanted to inquire about logistics like if CISA had it's own Docker space to publish and what sort of tests or scans were needed.

Acceptance criteria

nkantor-snl commented 4 weeks ago

Containerization was added in the 2.0.1 release of the tool. You can find the Dockerfile here and the documentation for it here

To build and run use the following commands

docker build . -t goosey
docker run -it -v $PWD:/workdir goosey goosey honk --debug