PSFalcon-Docker
is an open source project, not a formal CrowdStrike product, to assist users and developers to implement CrowdStrike's APIs within their application, or tools. As such it carries no formal support, express or implied.
This repo is designed for running the PowerShell PSFalcon Module in a Container with a Linux base.
- Ubuntu - 20.04 - This is the Default Dockerfile and is used with
latest
tags. - Alpine - Lightweight workload (3.x) (~250mb)
- UBI8 - RedHat Official Universal Container Build (8.x)
Additional, and bump versions of the mcr.microsoft.com
versions are availble by pulling curl -L https://mcr.microsoft.com/v2/powershell/tags/list
There a few files included in repo to assist with building and publishing the docker container.
-
image.config
- simple file with configurations for building/publishing the image. -
test.sh
- Ensure your environment is ready to build/publish the docker image. -
build.sh
- Build thelatest
image based onimage.config
. Build can take an argument withDockerfile name
. -
release.sh
- Build theversion
based on theimage.config
and publish the image to docker.hub. Can take argumentrepush
if authentication fails. -
VERSION
- Current version of this container wrapper. (i.e. 0.0.2) The published container on docker.hub will have a paired version with psfalcon like (v1.0.8-0.0.2). -
interactive
- Allows for running the PSFalcon Container in interactive mode with an argument for the tag defaulted tolatest
.
docker-image.yml
runsbuild.sh Dockerfile
which defaults to Ubuntu 20.04 for the CI test.
README - MITM Proxy - Intercepting PSFalcon Container communications.
- Windows Server Based Containers.