From 64b9062c9eae2082ff11c1b9633250a713429193 Mon Sep 17 00:00:00 2001 From: Hardik Zinzuvadiya <25708027+Z4nzu@users.noreply.github.com> Date: Sun, 15 Mar 2026 14:27:36 +0530 Subject: [PATCH] Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions --- .dockerignore | 30 ++++++++++++++++++++++++++++++ Dockerfile | 25 +++++++++++++++++++------ README.md | 44 ++++++++++++++++++++++++++++++++++++++++---- README_template.md | 44 ++++++++++++++++++++++++++++++++++++++++---- docker-compose.yml | 34 +++++++++++++++++++++++++++++----- 5 files changed, 158 insertions(+), 19 deletions(-) create mode 100644 .dockerignore diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..a087df4 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,30 @@ +# Version control +.git/ +.gitignore + +# GitHub / docs +.github/ +images/ +*.md + +# Python cache +__pycache__/ +*.py[cod] +*.pyo +.mypy_cache/ +.ruff_cache/ +.pytest_cache/ + +# Tests +tests/ +test_*.py + +# Docker files themselves (don't recurse) +Dockerfile +docker-compose.yml +.dockerignore + +# OS / editor noise +.DS_Store +*.swp +*.swo diff --git a/Dockerfile b/Dockerfile index 3777f0d..42b1c0d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,21 +1,34 @@ +# syntax=docker/dockerfile:1 +# Enables BuildKit features (cache mounts, faster builds) FROM kalilinux/kali-rolling:latest +LABEL org.opencontainers.image.title="hackingtool" \ + org.opencontainers.image.description="All-in-One Hacking Tool for Security Researchers" \ + org.opencontainers.image.source="https://github.com/Z4nzu/hackingtool" \ + org.opencontainers.image.licenses="MIT" + +# Install system dependencies +# - sudo and python3-venv are not needed (container runs as root, venv unused) +# - --no-install-recommends keeps the layer lean RUN apt-get update && \ apt-get install -y --no-install-recommends \ - git python3-pip python3-venv sudo curl wget php && \ + git python3-pip curl wget php && \ rm -rf /var/lib/apt/lists/* WORKDIR /root/hackingtool + +# Copy requirements first so this layer is cached unless requirements change COPY requirements.txt ./ -# Bug 21 fix: boxes/lolcat/flask are NOT pip packages — removed -# --break-system-packages needed on Kali (PEP 668 externally-managed env) -RUN pip3 install --no-cache-dir --break-system-packages -r requirements.txt +# --mount=type=cache persists the pip cache across rebuilds (BuildKit only) +# --break-system-packages required on Kali (PEP 668 externally-managed env) +RUN --mount=type=cache,target=/root/.cache/pip \ + pip3 install --break-system-packages -r requirements.txt +# Copy the rest of the source (respects .dockerignore) COPY . . -# Bug 20 fix: path file must be in /root/ not /home/ (running as root in Docker) +# Ensure the tools directory exists for installs performed at runtime RUN mkdir -p /root/.hackingtool/tools -# Vuln 3 fix: removed EXPOSE 1-65535 — this tool is a CLI, not a server ENTRYPOINT ["python3", "/root/hackingtool/hackingtool.py"] diff --git a/README.md b/README.md index 33361ec..091ca10 100644 --- a/README.md +++ b/README.md @@ -309,15 +309,51 @@ sudo hackingtool ## Docker +### Step 1 — Clone the repository + +```bash +git clone https://github.com/Z4nzu/hackingtool.git +cd hackingtool +``` + +### Step 2 — Build the image + ```bash -# Build image docker build -t hackingtool . +``` -# Run -docker-compose up -d +> First build takes a few minutes (Kali base + apt packages). Subsequent builds are fast thanks to BuildKit layer caching. -# Interact +### Step 3 — Run + +**Option A — Direct (no Compose):** +```bash +docker run -it --rm hackingtool +``` + +**Option B — With Docker Compose (recommended):** +```bash +# Start in background +docker compose up -d + +# Open an interactive shell docker exec -it hackingtool bash + +# Then launch the tool inside the container +python3 hackingtool.py +``` + +**Option C — Dev mode (live source mount, changes reflected without rebuild):** +```bash +docker compose --profile dev up +docker exec -it hackingtool-dev bash +``` + +### Stopping + +```bash +docker compose down # stop and remove container +docker compose down -v # also remove the tools data volume ``` ## Requirements diff --git a/README_template.md b/README_template.md index 8493981..da1cbde 100644 --- a/README_template.md +++ b/README_template.md @@ -91,15 +91,51 @@ sudo hackingtool ## Docker +### Step 1 — Clone the repository + +```bash +git clone https://github.com/Z4nzu/hackingtool.git +cd hackingtool +``` + +### Step 2 — Build the image + ```bash -# Build image docker build -t hackingtool . +``` -# Run -docker-compose up -d +> First build takes a few minutes (Kali base + apt packages). Subsequent builds are fast thanks to BuildKit layer caching. -# Interact +### Step 3 — Run + +**Option A — Direct (no Compose):** +```bash +docker run -it --rm hackingtool +``` + +**Option B — With Docker Compose (recommended):** +```bash +# Start in background +docker compose up -d + +# Open an interactive shell docker exec -it hackingtool bash + +# Then launch the tool inside the container +python3 hackingtool.py +``` + +**Option C — Dev mode (live source mount, changes reflected without rebuild):** +```bash +docker compose --profile dev up +docker exec -it hackingtool-dev bash +``` + +### Stopping + +```bash +docker compose down # stop and remove container +docker compose down -v # also remove the tools data volume ``` ## Requirements diff --git a/docker-compose.yml b/docker-compose.yml index fe45210..94802ab 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,16 +1,40 @@ -version: "3.9" +# docker-compose.yml +# Use: docker compose up -d then docker exec -it hackingtool bash +# +# Profiles: +# (default) — runs the built image; code is embedded at build time +# dev — mounts source directory for live editing without rebuilding +# docker compose --profile dev up + services: hackingtool: - # Bug 23 fix: was using external unverified image vgpastor/hackingtool - # Now builds from local Dockerfile — no third-party trust required - build: . + build: + context: . + dockerfile: Dockerfile + image: hackingtool:latest container_name: hackingtool stdin_open: true tty: true + # Persist tools installed at runtime across container restarts volumes: + - hackingtool_data:/root/.hackingtool + restart: unless-stopped + + hackingtool-dev: + build: + context: . + dockerfile: Dockerfile + image: hackingtool:latest + container_name: hackingtool-dev + stdin_open: true + tty: true + profiles: + - dev + volumes: + # Live source mount — code changes are visible without rebuilding - .:/root/hackingtool - hackingtool_data:/root/.hackingtool - # Bug 22 fix: removed port 22:22 — this is a CLI tool, SSH exposure is unnecessary + restart: "no" volumes: hackingtool_data: