`w3af`

Note: The w3af console profile is available here

Spin up a Docker container (docker run) using the remnux/pescanner image, mapping the host /tmp (or wherever your suspicious file resides) to the Docker /tmp (/tmp:/tmp), drop directly into a terminal (-it, bash), and delete Docker after use (--rm). To be clear, when mapping host directories into Docker containers its /host:/container:

docker run --rm -it -v /tmp:/tmp andresiancho/w3af bash

Once you get into the w3af Docker, you will want to load the merc_w3af_profile.pw3af located here. What is interesting is that w3af is loading the profiles from the profiles directory within the .w3af directory under ~ instead of the profilesdirectory in the default directory of the w3af Docker.

Correct profiles directory:

Default Docker directory:

Now at this point you should have merc_w3af_profile.pw3af, you will want to have this inside of the directory of your host OS that is mounted to the Docker. For this example, we are using /tmp for both host and container. Now move the file from the /tmp to /home/w3af/.w3af/profiles:

mv /tmp/merc_w3af_profile.pw3af /home/w3af/.w3af/profiles/

You are now ready to launch w3af_console and to load the merc_w3af_profile: