Skip to content
Leon Jacobs edited this page Aug 7, 2021 · 7 revisions

installation

A docker image is available on Dockerhub and Github Container Registry. You can get it by running either:

  • docker pull leonjza/gowitness

or

  • docker pull ghcr.io/sensepost/gowitness:latest

Depending on the image you choose, you may need to replace the leonjza/gowitness in the steps below with ghcr.io/sensepost/gowitness:latest.

usage

Using the docker container means you need to take into account that the gowitness binary will run in the container, but in order for you to access the database and files generated by gowitness, you need to mount a volume into the container to persist those.

The basic way to invoke gowitness via docker, without saving anything is:

docker run --rm leonjza/gowitness gowitness

However, that itself is not very useful, as any output generated (db & screenshots) will get blown away when the command finishes and the container is cleaned up. Instead, we can mount in a volume to persist data. Do that with:

docker run --rm -v $(pwd):/data leonjza/gowitness gowitness

This way, the current working directory will get the data (db & screenshots) gowitness generates.

screenshots

A more complete example of taking a screenshot with docker is therefore:

docker run --rm -v $(pwd):/data leonjza/gowitness gowitness single https://www.google.com

This will create a gowitness.sqlite3 database and a screenshots/ directory in the current working directory just as if the golang binary was invoked from your local system.

report server

The gowitness report server by default listens on localhost on port 7171. In the docker world, this server needs to be told to listen on all interfaces, and then a mapping needs to be added to expose that port to your host. This can be done with:

docker run --rm -v $(pwd):/data -p7171:7171 leonjza/gowitness gowitness report serve --address :7171

This command should be run in the directory where the gowitness.sqlite3 and screenshots/ file and directory lives. Of course, if you customised those in the screenshotting phase, you would need to update the paths accordingly.

accessing files / scans in the container

If you have an nmap file or a targets list you would like to access in the container, using the volume mount to /data means the gowitness binary in the container will find your files there. For example:

docker run --rm -v $(pwd):/data -p7171:7171 leonjza/gowitness gowitness nmap -f /data/nmap.xml

Table of Contents

Table of Contents

Guides

Clone this wiki locally