diff --git a/shellcheck/Dockerfile.shellcheck b/shellcheck/Dockerfile.shellcheck
new file mode 100644
index 0000000..e688fdb
--- /dev/null
+++ b/shellcheck/Dockerfile.shellcheck
@@ -0,0 +1,13 @@
+FROM ubuntu:latest
+
+RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y shellcheck
+
+COPY . /opt/debian-cis/
+
+COPY debian/default /etc/default/cis-hardening
+RUN sed -i 's#cis-hardening#debian-cis#' /etc/default/cis-hardening
+
+WORKDIR /opt/debian-cis
+
+ENTRYPOINT ["/opt/debian-cis/shellcheck/launch_shellcheck.sh"]
+
diff --git a/shellcheck/docker_build_and_run_shellcheck.sh b/shellcheck/docker_build_and_run_shellcheck.sh
new file mode 100755
index 0000000..1ce1aac
--- /dev/null
+++ b/shellcheck/docker_build_and_run_shellcheck.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+set -e
+
+dockerfile="$(dirname "$0")/Dockerfile.shellcheck"
+docker build -f "$dockerfile" -t debiancis-shellcheck "$(dirname "$0")"/../
+docker run --rm debiancis-shellcheck "$@"
+
diff --git a/shellcheck/launch_shellcheck.sh b/shellcheck/launch_shellcheck.sh
new file mode 100755
index 0000000..f6f84e1
--- /dev/null
+++ b/shellcheck/launch_shellcheck.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+
+files=""
+
+if [ $# -eq 0 ]; then
+    files=$(find . -name "*.sh")
+else
+    files="$*"
+fi
+
+for f in $files; do
+    printf "\e[1;36mRunning shellcheck on: %s  \e[0m\n" "$f"
+    /usr/bin/shellcheck --color=always --external-sources --shell=bash "$f"
+done