Awesome

re_lab

A portable reverse engineering environment using docker.

Getting Started

These instructions will get you a copy of the project up and running on your local machine.

Prerequisites

The environment is base on docker, to install it:

• Install Docker for Windows
• Install Docker for macOS
• Install Docker for Ubuntu

NOTE: You can find a installation guide on the docker web-site for the following distribution: CentOS, Debian, Fedora and Ubuntu. You can also install it from static binaries. But I recommand you to install docker with the package manager of your distribution.

Packages used

• build-essential - Informational list of build-essential packages
• gdb - The GNU Debugger
• radare2 - Free and advanced command line hexadecimal editor
• strace - A system call tracer
• ltace - Tracks runtime library calls in dynamically linked programs
• xxd - Tool to make (or reverse) a hex dump
• bsdiff - Generate/apply a patch between two binary files
• libcapstone-dev - Lightweight multi-architecture disassembly framework - devel files
• libcapstone3 - Lightweight multi-architecture disassembly framework - library
• flasm - Assembler and disassembler for Flash (SWF) bytecode
• python-pip - Alternative Python package installer
• python3 - Interactive high-level object-oriented language (default python3 version)
• python3-pip - Alternative Python package installer - Python 3 version of the package
• libffi-dev - Foreign Function Interface library (development files)
• git - Fast, scalable, distributed revision control system
• vim - Vi IMproved - enhanced vi editor
• wget - Retrieves files from the web
• llvm - Low-Level Virtual Machine (LLVM)
• clang - Low-Level Virtual Machine (LLVM), C language family frontend
• lldb - Next generation, high-performance debugger
• volatility - Advanced memory forensics framework
• binwalk - Tool for searching binary images for embedded files and executable code
• python3-binwalk - Python3 library for analyzing binary blobs and executable code
• gdb-peda - Python Exploit Development Assistance for GDB
• angr - A powerful and user-friendly binary analysis platform!
• sudo - Provide limited super user privileges to specific users
• gcc-multilib - GNU C compiler (multilib files)
• locales - Embedded GNU C Library: National Language (locale) data
• tmux - Terminal multiplexer

Installing

$ docker build -t re_lab .

$ docker run -it \
    --privileged \
    -v $(pwd)/share_ro:/share_ro:ro \
    -v $(pwd)/share_rw:/share_rw \
    re_lab

Shared folders

• /share_ro - read only access to access installation of packages
• /share_rw - to be able to write and share the results with host system

Authors

• Clément Boin - Initial work - cboin

License

This project is licensed under the GNU General Public License v3.0 - see the LICENSE.md file for details

Acknowledgments

• PurpleBooth - README-Template.md