From 73d10fa6290e9948ac1d0e1e94deec8debf6cc64 Mon Sep 17 00:00:00 2001
From: Rebel028 <27502053+Rebel028@users.noreply.github.com>
Date: Sat, 6 Dec 2025 16:33:56 +0300
Subject: [PATCH 1/2] feat(docker): added Docker support and GitHub Workflow

---
 .github/workflows/docker.yml | 51 ++++++++++++++++++++++++++++++++++++
 Dockerfile                   |  6 +++++
 2 files changed, 57 insertions(+)
 create mode 100644 .github/workflows/docker.yml
 create mode 100644 Dockerfile

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
new file mode 100644
index 0000000..3fa124a
--- /dev/null
+++ b/.github/workflows/docker.yml
@@ -0,0 +1,51 @@
+name: Publish Docker Image
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - master
+    paths:
+      - scanner.py
+      - requirements.txt
+      - Dockerfile
+
+env:
+  # Use docker.io for Docker Hub if empty
+  REGISTRY: ghcr.io
+
+jobs:
+  docker-build:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Lowercase REPO
+        run: |
+          echo "IMAGE_NAME=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV}
+
+      # Login against a Docker registry
+      # https://github.com/docker/login-action
+      - name: Log into registry ${{ env.REGISTRY }}
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          platforms: linux/amd64
+          push: true
+          labels: org.opencontainers.image.source=https://github.com/${GITHUB_REPOSITORY}
+          tags: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..e0624b7
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,6 @@
+FROM python:3.12.12-alpine
+WORKDIR /opt/react2shell
+RUN --mount=type=bind,src=requirements.txt,target=/opt/react2shell/requirements.txt \
+     pip install -r requirements.txt
+COPY ["scanner.py", "."]
+ENTRYPOINT ["python3", "scanner.py"]
\ No newline at end of file

From e8ed1f852ee89984e3e8de6adf17cd2732805509 Mon Sep 17 00:00:00 2001
From: Rebel028 <27502053+Rebel028@users.noreply.github.com>
Date: Sat, 6 Dec 2025 17:08:59 +0300
Subject: [PATCH 2/2] feat(readme): Update README.md with docker support
 section

---
 Dockerfile |  2 +-
 README.md  | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 49 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index e0624b7..984afd5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,6 @@
 FROM python:3.12.12-alpine
 WORKDIR /opt/react2shell
 RUN --mount=type=bind,src=requirements.txt,target=/opt/react2shell/requirements.txt \
-     pip install -r requirements.txt
+     pip install --no-cache-dir -r requirements.txt
 COPY ["scanner.py", "."]
 ENTRYPOINT ["python3", "scanner.py"]
\ No newline at end of file
diff --git a/README.md b/README.md
index c2bc6b0..8e4cfe0 100644
--- a/README.md
+++ b/README.md
@@ -26,6 +26,10 @@ The `--vercel-waf-bypass` flag uses an alternative payload variant specifically
 
 The `--windows` flag switches the payload from Unix shell (`echo $((41*271))`) to PowerShell (`powershell -c "41*271"`) for targets running on Windows.
 
+### Docker Support
+
+You can use prebuilt Docker Image `ghcr.io/assetnote/react2shell-scanner` or build it locally with Dockerfile provided.
+
 ## Requirements
 
 - Python 3.9+
@@ -34,10 +38,26 @@ The `--windows` flag switches the payload from Unix shell (`echo $((41*271))`) t
 
 ## Installation
 
+### Regular
+
 ```
 pip install -r requirements.txt
 ```
 
+### Docker
+
+#### Pull
+
+```shell
+docker pull ghcr.io/assetnote/react2shell-scanner
+```
+
+#### Or build
+
+```shell
+docker build -t react2shell-scanner:latest .
+```
+
 ## Usage
 
 Scan a single host:
@@ -81,6 +101,34 @@ Scan with WAF bypass:
 ```
 python3 scanner.py -u https://example.com --waf-bypass
 ```
+## Docker
+
+All the scripts above are available using the docker image. For example:
+
+Scan a single host:
+
+```shell
+docker run --rm ghcr.io/assetnote/react2shell-scanner -u https://example.com
+```
+
+### Bind mounts
+Working directory in Docker container is `/opt/react2shell`. Bind mount to this directory if you need to share files between container and Docker host. 
+
+Scan a list of hosts:
+
+```shell
+docker run --rm -v $PWD/hosts.txt:/opt/react2shell/hosts.txt:ro ghcr.io/assetnote/react2shell-scanner -l hosts.txt
+```
+
+Scan with multiple threads and save results:
+```shell
+touch results.json # create file before mount
+docker run --rm \
+  -v $PWD/results.json:/opt/react2shell/results.json \
+  -v $PWD/hosts.txt:/opt/react2shell/hosts.txt:ro \
+  ghcr.io/assetnote/react2shell-scanner -l hosts.txt -t 20 -o results.json
+```
+etc.
 
 ## Options