defencia/knowledge/malware lab
Assemblyline · Docker · Self-host

Malware Lab — Assemblyline

A getting-started guide for standing up Assemblyline — the Canadian open-source malware-analysis platform — on a self-hosted Docker server.

AssemblylineDocker

Assemblyline

A getting-started guide for the CSE/Canada open-source malware-analysis platform. Tested on a server with 32 GB RAM, 16 cores, 360 GB disk (Hetzner CX53) running updated Ubuntu 24.04 with the latest Docker.

Install Docker

sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# add repo, then:
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
sudo docker run hello-world
Standard Docker CE install from the official repo.

Install Assemblyline

<div class="callout warn">This is a getting-started guide, not comprehensive. Always set strong passwords and run it on an isolated host.</div>
git clone https://github.com/CybercentreCanada/assemblyline-docker-compose.git ~/deployments/assemblyline
cd ~/deployments/assemblyline
# edit .env — set strong passwords, choose SERVICE_VERSION=4.6.stable, minimum or full
Clone the compose deployment and adjust the .env file before bringing it up.