How to use Docker with Mayhem

Welcome to Mayhem Tips and Tricks series! Our goal is to help you learn about the best features of Mayhem in small bite-size chunks. Today, we will explain Docker integrations.

Real-world software relies on dependencies to provide functionality so that developers can focus on the domain in which their program operates. However, this means that the dependencies must be present when the application runs. With Mayhem, applications are analyzed at runtime, so the dependencies must be available during analysis. Docker is a popular way to package applications with their runtime dependencies, so Mayhem supports analysis of Docker images. Packaging an application as a Docker image allows Mayhem to run your application in a repeatable manner, so we recommend that you package your targets with Docker.

If you’re not familiar with Docker, we recommend following the getting started documentation: Orientation and setup | Docker Documentation. The getting started documentation will show you how to run applications in a Docker container and also package a sample application as a Docker image.

Once you’ve packaged your targets with Docker, using them in Mayhem is the easy part. In the web interface, you can specify which image to run using the web interface.

You can also specify which Docker image to use in your Mayhemfile. The benefit here is that you can store the Mayhemfile in your project’s repository which allows you to treat the Mayhem configuration as code, allowing you to track the history in your version control system and integrate with a continuous integration and delivery pipeline.

version: '1.17'
baseimage: $MAYHEM_DOCKER_REGISTRY/forallsecure/lighttpd
project: mayhemuser/lighttpd
target: lighttpd
advanced_triage: true
…

In conclusion, Mayhem needs your targets’ dependencies for analysis, so it supports analyzing targets that are packaged into Docker images.

We hope that you found this Tips and Tricks article helpful.