Search the Community

Docker for Pentesters Docker containerization is the most powerful technology in the current market so I came up with the idea to develop Docker images for Pentesters. Nightingale contains all the required well-known tools that will be required for the Pentesters at the time of Penetration Testing. This docker image has the base support of Debian and it is completely platform Independent. You can either create a docker image in your localhost machine by modifying it according to your requirements or you can directly pull the docker image from the docker hub itself. Why? The Reason behind creating this Docker file is to make a platform-independent penetration toolkit. It includes all the useful tools that will be required for a penetration tester (You can refer to the tool list section for the same). Device Requirements Operating System: Windows, Mac, Linux Docker engine installed as per the Operating System Tools Category Operating System tools (Windows, Mac, Linux) Compression tools (7zip, tar, zip) Development Essentials (Git, GitLab, etc) Programming Languages support (Python, Ruby, Java, etc) Exploit Frameworks (Metasploit, Exploit-DB, etc) Port Scanning Tools (nmap, etc) Network tools (Tcpdump, etc) Forensic tools (exiftool,steghide, binwalk, foremost, etc) Red Team Tools (Metasploit, etc) Information Gathering tools [hide][Hidden Content]]

Docker Images for Penetration Testing & Security • docker pull kalilinux/kali-linux-docker official Kali Linux • docker pull owasp/zap2docker-stable - official OWASP ZAP • docker pull wpscanteam/wpscan - official WPScan • docker pull metasploitframework/metasploit-framework - Official Metasploit • docker pull citizenstig/dvwa - Damn Vulnerable Web Application (DVWA) • docker pull wpscanteam/vulnerablewordpress - Vulnerable WordPress Installation • docker pull hmlio/vaas-cve-2014-6271 - Vulnerability as a service: Shellshock • docker pull hmlio/vaas-cve-2014-0160 - Vulnerability as a service: Heartbleed • docker pull opendns/security-ninjas - Security Ninjas • docker pull noncetonic/archlinux-pentest-lxde - Arch Linux Penetration Tester • docker pull diogomonica/docker-bench-security - Docker Bench for Security • docker pull ismisepaul/securityshepherd - OWASP Security Shepherd • docker pull danmx/docker-owasp-webgoat - OWASP WebGoat Project docker image • docker pull vulnerables/web-owasp-nodegoat - OWASP NodeGoat • docker pull citizenstig/nowasp - OWASP Mutillidae II Web Pen-Test Practice Application • docker pull bkimminich/juice-shop - OWASP Juice Shop • docker pull phocean/msf - Docker Metasploit Make sure you installed docker in your pc

Docker for pentest is an image with the more used tools to create a pentest environment easily and quickly.Docker for pentest Features OS, networking, developing and pentesting tools installed. Connection to HTB (Hack the Box) vpn to access HTB machines. Popular wordlists installed: SecLists, dirb, dirbuster, fuzzdb, wfuzz and rockyou. Proxy service to send traffic from any browsers and burp suite installed in your local directory. Exploit database installed. Tool for cracking password. Linux enumeration tools installed. Tools installed to discovery services running. Tools installed to directory fuzzing. Monitor for linux processes without root permissions Zsh shell installed. Tools installed Operative system tools rdate vim zsh oh-my-zsh locate cifs-utils htop gotop Network tools traceroute telnet net-tools iputils-ping tcpdump openvpn whois host prips dig Developer tools git curl wget ruby go python python-pip python3 python3-pip php aws-cli tojson nodejs 🔪 Pentest tools Port scanning nmap masscan ScanPorts created by @s4vitar with some improvements 🔍 Recon Subdomains Amass GoBuster Knock MassDNS Altdns spyse Sublist3r findomain subfinder spiderfoot haktldextract Subdomain takeover subjack SubOver tko-subs DNS Lookups hakrevdns 📷 Screenshot gowitness aquatone 🕸️ Crawler hakrawler Photon gospider gau otxurls waybackurls 📁 Search directories dirsearch Fuzzer wfuzz ffuf Web Scanning whatweb wafw00z nikto arjun httprobe striker hakcheckurl CMS wpscan joomscan droopescan cmseek Search JS LinkFinder getJS subjs Wordlist cewl wordlists: wfuzz SecList Fuzzdb Dirbuster Dirb Rockyou all.txt crunch Git repositories gitleaks gitrob gitGraber github-search GitTools OWASP sqlmap XSStrike kxss dalfox Brute force crowbar hydra patator medusa Cracking hashid john the ripper hashcat OS Enumeration htbenum linux-smart-enumeration linenum enum4linux ldapdomaindump PEASS – Privilege Escalation Awesome Scripts SUITE Windows Exploit Suggester – Next Generation smbmap pspy – unprivileged Linux process snooping smbclient ftp Exploits searchsploit Metasploit MS17-010 AutoBlue-MS17-010 PrivExchange Windows evil-winrm impacket CrackMapExec Nishang Juicy Potato PowerSploit pass-the-hash mimikatz gpp-decrypt Reverse shell netcat rlwrap Other resources pentest-tools from @gwen001 qsreplace from @tomnomnom Custom functions NmapExtractPorts from @s4vitar Other services apache2 squid [hide][Hidden Content]]

A simple Graphic UI to run Docker Requirements Zenity (sudo apt-get install zenity ) Docker leafpad (for option logs) git or wget Install with Git [Hidden Content][Hidden Content]

A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI. Abstract Trivy (tri pronounced like trigger, vy pronounced like envy) is a simple and comprehensive vulnerability scanner for containers. A software vulnerability is a glitch, flaw, or weakness present in the software or in an Operating System. Trivy detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn etc.). Trivy is easy to use. Just install the binary and you're ready to scan. All you need to do for scanning is to specify an image name of the container. It is considered to be used in CI. Before pushing to a container registry, you can scan your local container image easily. Features Detect comprehensive vulnerabilities OS packages (Alpine, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, Debian, Ubuntu, Amazon Linux and Distroless) Application dependencies (Bundler, Composer, Pipenv, Poetry, npm, yarn and Cargo) Simple Specify only an image name Easy installation apt-get install, yum install and brew install is possible No pre-requisites such as installation of DB, libraries, etc. (The exception is that you need rpm installed to scan images based on RHEL/CentOS. This is automatically included if you use our installers or the Trivy container image.) High accuracy Especially Alpine Linux and RHEL/CentOS Other OSes are also high DevSecOps Suitable for CI such as Travis CI, CircleCI, Jenkins, etc. Gif Demo More info && Download [hide][Hidden Content]]

Proof of concept instructions to exploit a Docker container escape vulnerability. View the full article