Prerequisites前置要求
- Docker 20.10+
- At least 10 GB free disk space
- 至少 10 GB 可用磁盘空间
- 8 GB+ RAM recommended
- 建议 8 GB+ 内存
Quick Start快速开始
Build the image构建镜像
docker build -t rikune:latest .
Verify the build验证构建
docker run --rm rikune:latest node -e "console.log('ok')"
Install script (Windows)安装脚本(Windows)
Services Overview服务概览
The container runs multiple services in a single Node.js process:
容器在单个 Node.js 进程中运行多个服务:
| Service服务 |
Protocol协议 |
Description描述 |
| MCP Server |
stdio |
160+ tools, 3 prompts, 16 resources160+ 工具、3 个提示、16 个资源 |
| HTTP API |
:18080 |
Sample upload, artifact download, health check, SSE样本上传、产物下载、健康检查、SSE 推送 |
| Dashboard |
:18080/dashboard |
Dark-theme web UI — tools, plugins, samples, config暗色主题看板 — 工具、插件、样本、配置 |
| Task Runner |
Internal内部 |
Background async job queue with Python worker pool后台异步任务队列与 Python 工作进程池 |
Production Mode生产模式
docker run --rm -i \
--network=none \
--read-only \
--tmpfs /tmp:rw,noexec,nosuid,size=512m \
--security-opt no-new-privileges:true \
--cap-drop=ALL \
--memory=8g \
--cpus=2 \
-v ~/.rikune/workspaces:/app/workspaces \
-v ~/.rikune/data:/app/data \
-v ~/.rikune/cache:/app/cache \
-v ~/.rikune/ghidra-projects:/ghidra-projects \
-v ~/.rikune/ghidra-logs:/ghidra-logs \
-e WORKSPACE_ROOT=/app/workspaces \
-e DB_PATH=/app/data/database.db \
-e GHIDRA_PROJECT_ROOT=/ghidra-projects \
rikune:latest
Docker Compose
docker-compose up -d mcp-server
docker-compose logs -f mcp-server
docker-compose exec mcp-server bash
docker-compose down
Note: Docker Compose is ideal for persistent volumes and the HTTP upload API. For MCP stdio connections, use a separate docker run -i invocation.
注意:Docker Compose 适合持久卷和 HTTP 上传 API。MCP stdio 连接请使用单独的 docker run -i。
Environment Variables环境变量
| Variable变量名 |
Default默认值 |
Description描述 |
WORKSPACE_ROOT | /app/workspaces | Workspace root directory工作空间根目录 |
DB_PATH | /app/data/database.db | SQLite database pathSQLite 数据库路径 |
CACHE_ROOT | /app/cache | Cache root directory缓存根目录 |
GHIDRA_PROJECT_ROOT | /ghidra-projects | Ghidra project rootGhidra 项目根目录 |
LOG_LEVEL | info | trace / debug / info / warn / error |
API_PORT | 18080 | HTTP API portHTTP API 端口 |
API_KEY | — | API key for authentication (optional)API 认证密钥(可选) |
QILING_ROOTFS | /opt/qiling-rootfs | Qiling Windows rootfs mountQiling Windows rootfs 挂载点 |
ANGR_PYTHON | /opt/angr-venv/bin/python | Isolated angr interpreter隔离的 angr 解释器 |
RETDEC_PATH | /opt/retdec/bin/retdec-decompiler | RetDec decompiler pathRetDec 反编译器路径 |
GHIDRA_INSTALL_DIR | /opt/ghidra | Ghidra installation directoryGhidra 安装目录 |
JAVA_HOME | /usr/lib/jvm/java-21-openjdk-amd64 | Java runtime for GhidraGhidra 用 Java 运行时 |
CAPA_PATH | /opt/capa/capa | capa binary pathcapa 二进制路径 |
DIE_PATH | /opt/die/diec | Detect It Easy CLI pathDetect It Easy CLI 路径 |
RIZIN_PATH | /usr/bin/rizin | Rizin binary pathRizin 二进制路径 |
UPX_PATH | /usr/bin/upx | UPX binary pathUPX 二进制路径 |
WINE_PATH | /usr/bin/wine | Wine executable pathWine 可执行路径 |
GRAPHVIZ_DOT_PATH | /usr/bin/dot | Graphviz dot binaryGraphviz dot 二进制 |
QILING_PYTHON | /opt/qiling-venv/bin/python | Isolated Qiling interpreter隔离的 Qiling 解释器 |
MAX_PYTHON_WORKERS | 4 | Concurrent Python worker limit并发 Python 工作进程限制 |
PLUGINS | — | Comma-separated plugin names to enable逗号分隔的启用插件名 |
Web Dashboard
After starting the container, open your browser to:
容器启动后,在浏览器中访问:
http://localhost:18080/dashboard
The dashboard provides 6 tabs: Overview, Tools, Plugins, Samples, Config, and System, with SSE real-time event stream and auto-refresh.
看板提供 6 个选项卡:Overview、Tools、Plugins、Samples、Config 和 System,支持 SSE 实时事件流和自动刷新。
Bundled Toolchain内置工具链
The Docker image ships with all of these pre-installed:
Docker 镜像预装了以下所有工具:
Ghidra 12.0.4
Decompilation & analysis反编译分析
Rizin
Binary analysis二进制分析
YARA-X
Pattern matching模式匹配
capa + rules
Capability detection能力检测
FLOSS
String extraction字符串提取
Frida
Dynamic instrumentation动态插桩
angr
Symbolic execution符号执行
Qiling
Emulation framework仿真框架
RetDec
Retargetable decompiler可重定目标反编译
Wine
Windows compat layerWindows 兼容层
UPX
Unpacking脱壳
DIE
Compiler/packer detection编译器/加壳检测
Troubleshooting故障排除
Build Problems构建问题
| Symptom症状 | Solution解决方案 |
|---|
| BuildKit cache corruption / download failureBuildKit 缓存损坏 / 下载失败 |
docker builder prune -a then rebuild with然后使用 --no-cache |
| Ghidra download fails (DNS / network)Ghidra 下载失败(DNS / 网络) |
Download manually and pass via --build-arg GHIDRA_ZIP_PATH手动下载并通过 --build-arg GHIDRA_ZIP_PATH 传入 |
| No space left on device磁盘空间不足 |
docker system prune -a --volumes |
Runtime Issues运行时问题
| Symptom症状 | Solution解决方案 |
|---|
GHIDRA_INSTALL_DIR is not set |
Set explicitly via -e GHIDRA_INSTALL_DIR=/opt/ghidra or use --env-file通过 -e GHIDRA_INSTALL_DIR=/opt/ghidra 显式设置或使用 --env-file |
| Permission denied on mounted volumes挂载卷权限被拒 |
sudo chown -R 1000:1000 ~/.rikune/ |
| Sample file not found样本文件未找到 |
Verify mount path: -v /absolute/path:/samples:ro验证挂载路径:-v /绝对路径:/samples:ro |
MCP CommunicationMCP 通信
| Symptom症状 | Solution解决方案 |
|---|
write EPIPE / stdio brokenstdio 中断 |
Use -i (not -it) — TTY mode breaks stdio使用 -i(而非 -it)— TTY 模式会干扰 stdio |
| MCP client cannot connect / timeoutMCP 客户端无法连接 / 超时 |
Set timeout to 300000ms; increase --memory=8g --cpus=4设置超时为 300000ms;增加 --memory=8g --cpus=4 |
Ghidra AnalysisGhidra 分析
| Symptom症状 | Solution解决方案 |
|---|
OutOfMemoryError |
Increase Java heap: -e JAVA_OPTS="-Xmx4g" and container memory增加 Java 堆:-e JAVA_OPTS="-Xmx4g" 并增加容器内存 |
| Lock file conflict锁文件冲突 |
Remove stale locks: rm -f /ghidra-projects/*.lock删除过期锁:rm -f /ghidra-projects/*.lock |