-
Notifications
You must be signed in to change notification settings - Fork 355
Docker
A docker image is available on Dockerhub and Github Container Registry. You can get it by running either:
docker pull leonjza/gowitness
or
docker pull ghcr.io/sensepost/gowitness:latest
Depending on the image you choose, you may need to replace the leonjza/gowitness
in the steps below with ghcr.io/sensepost/gowitness:latest
.
Using the docker container means you need to take into account that the gowitness binary will run in the container, but in order for you to access the database and files generated by gowitness, you need to mount a volume into the container to persist those.
The basic way to invoke gowitness via docker, without saving anything is:
docker run --rm leonjza/gowitness gowitness
However, that itself is not very useful, as any output generated (db & screenshots) will get blown away when the command finishes and the container is cleaned up. Instead, we can mount in a volume to persist data. Do that with:
docker run --rm -v $(pwd):/data leonjza/gowitness gowitness
This way, the current working directory will get the data (db & screenshots) gowitness generates.
A more complete example of taking a screenshot with docker is therefore:
docker run --rm -v $(pwd):/data leonjza/gowitness gowitness single https://www.google.com
This will create a gowitness.sqlite3
database and a screenshots/
directory in the current working directory just as if the golang binary was invoked from your local system.
The gowitness report server by default listens on localhost on port 7171. In the docker world, this server needs to be told to listen on all interfaces, and then a mapping needs to be added to expose that port to your host. This can be done with:
docker run --rm -v $(pwd):/data -p7171:7171 leonjza/gowitness gowitness report serve --address :7171
This command should be run in the directory where the gowitness.sqlite3
and screenshots/
file and directory lives. Of course, if you customised those in the screenshotting phase, you would need to update the paths accordingly.
If you have an nmap file or a targets list you would like to access in the container, using the volume mount to /data means the gowitness binary in the container will find your files there. For example:
docker run --rm -v $(pwd):/data -p7171:7171 leonjza/gowitness gowitness nmap -f /data/nmap.xml