sift-manual

pin up a Docker container (docker run) using the k0st/sift-manual image, mapping the host /tmp (or wherever your suspicious file resides) to the Docker /tmp (/tmp:/tmp), drop directly into a terminal (-it, bash), and delete Docker after use (--rm). To be clear, when mapping host directories into Docker containers its /host:/container:

docker run --rm -it -v /tmp:/tmp k0st/sift-manual

There are many tools within the `sift-manual Docker and thus more documentation coming soon...