-
Notifications
You must be signed in to change notification settings - Fork 345
Docker
A docker image is available on Dockerhub and Github Container Registry. You can get it by running either:
docker pull leonjza/gowitness
or
docker pull ghcr.io/sensepost/gowitness:latest
Depending on the image you choose, you may need to replace the leonjza/gowitness in the steps below with ghcr.io/sensepost/gowitness:latest.
Using the docker container means you need to take into account that the gowitness binary will run in the container, but in order for you to access the database and files generated by gowitness, you need to mount a volume into the container to persist those.
The basic way to invoke gowitness via docker, without saving anything is:
docker run --rm leonjza/gowitness gowitnessHowever, that itself is not very useful, as any output generated (db & screenshots) will get blown away when the command finishes and the container is cleaned up. Instead, we can mount in a volume to persist data. Do that with:
docker run --rm -v $(pwd):/data leonjza/gowitness gowitnessThis way, the current working directory will get the data (db & screenshots) gowitness generates.
A more complete example of taking a screenshot with docker is therefore:
docker run --rm -v $(pwd):/data leonjza/gowitness gowitness single https://www.google.comThis will create a gowitness.sqlite3 database and a screenshots/ directory in the current working directory just as if the golang binary was invoked from your local system.
The gowitness report server by default listens on localhost on port 7171. In the docker world, this server needs to be told to listen on all interfaces, and then a mapping needs to be added to expose that port to your host. This can be done with:
docker run --rm -v $(pwd):/data -p7171:7171 leonjza/gowitness gowitness report serve --address :7171This command should be run in the directory where the gowitness.sqlite3 and screenshots/ file and directory lives. Of course, if you customised those in the screenshotting phase, you would need to update the paths accordingly.
If you have an nmap file or a targets list you would like to access in the container, using the volume mount to /data means the gowitness binary in the container will find your files there. For example:
docker run --rm -v $(pwd):/data -p7171:7171 leonjza/gowitness gowitness nmap -f /data/nmap.xmlAn example docker-compose.yml file is provided here which is configured with Traefik to have authentication enabled in front of the report server. This way you could expose the server to a wider network to consume.