- Notifications
You must be signed in to change notification settings - Fork6
Kali Linux in Docker + Ubuntu 22.04 in Docker for Bug Bounty, Penetration Testing, Security Research, Computer Forensics and Reverse Engineering. Kali Linux inside with Docker with or without support with systemd, repository also contains Proof of Concept with kind (Kubernetes in Docker) to test Kali Linux with enabled systemd in K8s cluster
jz543fm/kali-dockerized
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Dockerized Kali Linux + Ubuntu 22.04 for Bug Bounty, Penetration Testing, Security Research, Computer Forensics and Reverse Engineering
I am usingOfficial Kali Linux Docker imagekalilinux/kali-rolling, also this page describesOfficial Kali Linux Docker Images
!!! I am using Docker host network driver, please remember that: The host networking driver only works on Linux hosts, and is not supported on Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server !!! The usage of the host network driver is to optimize performance or to use that in a situation where container needs to handle a wide large range of ports
If you want to run this project on the Mac, Windows, Windows server please remove from all commands --network host!!!
Actually I am managing multiple python versions withpyenv in Kali Linux only
I'm using Python versions:3.7.16, 3.8.15 withpyenv local <version>, for details check outkali/Dockerfile_systemd
There you can find prebuiltKali Linux with systemd Docker Image
If you want to use prebuiltKali Linux with systemd Docker Image just use command bellow,if you want to build locally, read the documentation!
make docker-p-b#Makefile dockerprebuilt Kalidockerexec -it -u root kali_p bash#docker exec to the prebuilt Kali Linux Docker container with systemd support
Local cluster withKind - (K8s in Docker):
# Creates kind cluster, 1 master + 2 worker nodesmake cc# Deletes kind clustermake dc
# Kali Linux with systemdkubectl apply -f kali/deploy/deploy.yaml# Ubuntukubectl apply -f ubuntu/deploy/deploy.yaml
One liner to installDive by specific version - Linux:
DIVE_VERSION=0.11.0; curl -sSLO https://github.com/wagoodman/dive/releases/download/v${DIVE_VERSION}/dive_${DIVE_VERSION}_linux_amd64.deb&& sudo dpkg -i dive_${DIVE_VERSION}_linux_amd64.deb
if you want to build your image then jump straight into analyzing it:
cd kali/dive build -t kali. -f Dockerfile_systemd
Trivy installation for Docker Image vulnerabilities:
If you are not using Debian/Ubuntu, readdocs
One liner to installTrivy by specific version (Linux/Ubuntu):
TRIVY_VERSION=0.44.0; curl -sSLO https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.deb&& sudo dpkg -i trivy_${TRIVY_VERSION}_Linux-64bit.deb
Trivy usage:
trivy image<image>
Install Docker engine by your way you or you can install it by shell script:
curl -fsSL https://get.docker.com -o get-docker.sh; sudo sh get-docker.sh; rm -rf get-docker.sh#Permissions:sudo usermod -aG docker$USERnewgrp docker
Docker compose installation (latest release), it is expected you're using only docker compose v2! Used version ofdocker-compose.yaml is3.8
mkdir -p~/.docker/cli-plugins/; DOCKER_COMPOSE=2.20.2; curl -SL https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE}/docker-compose-linux-x86_64 -o~/.docker/cli-plugins/docker-compose; chmod +x~/.docker/cli-plugins/docker-compose#permissiondocker compose version#verify
If you want to run the docker-compose.yaml use the command:
docker compose up -d --build#detachedEdit Dockerfiles for other services and you can develop with proper commands below
docker compose up -d#detacheddocker compose up -d --build#rebuild new changes for all servicesdocker compose up -d --build ubuntu#rebuild new changes for ubuntu servicedocker compose up -d --build kali#rebuild new changes for kali servicedocker compose down --rmi all#removedocker ps -a#check if container is runningdocker image ls#list imagesdocker image rmi -f<container_id>#remove image/sdocker logs<service>#logsdocker stats<image>#docker image statistics# Docker stop all running images and remove them, then you can use docker prunedocker stop$(docker ps -a -q); docker rm$(docker ps -a -q)# PRUNEdocker system prune docker image prune
You can use multiple options to run Kali Linux in Docker or Kali Linux + Ubuntu 22.04 in Docker (docker run, docker build or docker-compose.yaml usage or by Makefile), examples are below:
#Detached Kali Linux without systemd support docker rundocker run -p 127.0.0.1:88:8088 --name kali -itd kalilinux/kali-rollingdocker attach kali#Docker compose usagedocker compose up -d --build;docker compose run -d --rm kali_systemd_2 bash#run Kali Linux with systemd detacheddockerexec -it -u root<kali_without_systemd> bash#docker exec to Kali container without systemddockerexec -it -u root<ubuntu> bash#docker exec to ubuntu containerdockerexec -it -u root<kali_with_systemd> bash#docker exec to Kali container with systemd#Detached Kali Linux with systemd support docker run + docker buildcd kali/docker build -t kali -f Dockerfile_systemd.#Dockerfile for support systemd in docker containerdocker run -it --rm --privileged --workdir /usr --name kali-systemd kali /bin/bash#Docker build#Makefile#command explanation is in Makefilemake build-run-plainmake create-build-smake image-run-smake kali-scanmake docker-c-buildmake docker-c-build-systemdmake docker-p-bmake ccmake dc
Use it in one Dockerfile for Kali and build up images via bash script or docker-compose.yaml
I've used thisGithub repo
cd kali/docker build -t kali -f Dockerfile_systemd.#Dockerfile for support systemd in docker containerdocker run -it --rm --privileged --workdir /usr --name kali-systemd kali /bin/bash#Docker build
Exec to Kali Linux container in Docker:
dockerexec -it -u root kali bash#exec into kali container
docker run -p 127.0.0.1:88:8088 --name kali -itd kalilinux/kali-rolling docker attach kali
Below is list of tools used in Kali Linux
| Tools in Kali Linux | Usage |
|---|---|
| aircrack-ng | Complete suite of tools to assess WiFi network security |
| amap | Application Mapper |
| amass | Perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques. |
| apktool | Reverse engineering 3rd party, closed, binary Android apps |
| arp-scan | ARP protocol to discover and fingerprint IP hosts on the local network. It is available for Linux and BSD under the GPL licence. |
| arjun | Can find query parameters for URL endpoints |
| arping | Sends ARP and/or ICMP requests to the specified host and displays the replies. The host may be specified by its hostname, its IP address, or its MAC address. |
| axel | Accelerate the downloading process by using multiple connections for one file, similar to DownThemAll and other famous programs. It can also use multiple mirrors for one download. |
| beef-xss | Browser Exploitation Framework |
| binwalk | Searching a given binary image for embedded files or executable |
| blackbird | OSINT |
| burpsuite | Integrated platform for performing security testing of web apps |
| crackmapexec | Swiss army knife for pentesting Windows/Active Directory envs. |
| cri-tools | contains a series of debugging and validation tools for Kubelet CRI, which includes(critest,crictl) |
| dex2jar | Dex-reader is designed to read the Dalvik Executable format |
| dirb | Web Content Scanner |
| exploitdb | Searchable Exploit Database archive |
| hydra | Parallelized login cracker which supports numerous protocols |
| john | John The Ripper - Password Cracker |
| kubernetes-helm | Tool for managing Helm charts |
| maigret | OSINT |
| mandb | Updates man pages |
| metasploit-framework | vulnerability research, exploit development, and the creation of custom security tools |
| ncrack | High-speed network authentication cracking tool |
| nikto | Pluggable web server and CGI scanner |
| nmap | Network Mapper |
| responder | Responder/MultiRelay, an LLMNR, NBT-NS and MDNS poisoner |
| set | Social Engineering Toolkit |
| sherlock | OSINT |
| sqlmap | Detects and take advantage of SQL injection vulnerabilities in web applications |
| steghide | Steganography program which hides bits of a data file |
| the Harvester | Contains a tool for gathering subdomain names, e-mail addresses, virtual hosts, open ports/ banners, and employee names from different public sources (search engines, pgp key servers). |
| trufflehog | Allows you to find secrets in git repositories |
| uniscan | URL scanner for vuln. + enables directory and dynamic checks |
| wapiti | Allows you to audit the security of your web applications |
| whatmask | Network Admin Helper |
| whatweb | Identifies website |
| wireshark | Network Protocol Analyzer |
| wpscan | Scanner for Wordpress security issues |
| xssRecon | Reflected XSS Scanner |
| xsser | Automation framework to detect XSS |
| yara | Can identify/classify malware samples |
sort -t'[' -k 2,2 -i README.md> sorted.txt
About
Kali Linux in Docker + Ubuntu 22.04 in Docker for Bug Bounty, Penetration Testing, Security Research, Computer Forensics and Reverse Engineering. Kali Linux inside with Docker with or without support with systemd, repository also contains Proof of Concept with kind (Kubernetes in Docker) to test Kali Linux with enabled systemd in K8s cluster