❎
wiki.hackerlab.cz
  • About me
  • Vulnerability Assessment
  • CLOUD PENTESTING
    • AWS
    • GCP
    • Microsoft Azure
    • Labs
  • REST API - Bypasses and Privilege Escalations
  • Python Virtual Environment (VENV)
  • OSINT & Information Gathering
  • Web Pentesting
    • JavaScript .maps
    • SSRF
    • LDAP Injection
    • Django ORM Exploitation
    • HTTP Request Smuggling
    • Server Side Template Injection (SSTI)
    • Insecure Deserialization
    • Brute force
    • Shell Fu - Oneliners
    • CORS
    • Special Chars & NULL Bytes
    • XSS
    • XXE
    • Nuclei
    • SQL Injection
    • Blind SQL Injection
    • SQLmap
    • NoSQL Injection
    • CRLF Injection
    • Input Validation - Fuzz1
    • HTTP Headers - X-Forwarded
    • Log4j
    • Enumeration with Wordlists
    • Bug Bounty - Web Recon
    • HTTP Proxy Override
    • CSV Injection
    • Windows Forbidden File Names
    • Path Traversal
    • OS Command Injection
    • Open Redirect
    • JWT Tool
    • Burp Extensions - TokenJAR & ATOR
    • Upload RCE
    • GUID and UUIDs
  • Toolset
    • Git - Repo and Tools
    • Docker for Pentesters
  • Infrastructure Pentesting
    • Active Directory (AD)
      • Vulnerable Machines (labs)
      • Pass the hash
      • Azure Active Directory
      • Password Cracking
      • Domain Enumeration
      • LLMNR Poisoning with Responder
      • HTB Forest
      • LDAP
      • WinRM
      • SMB & RPC Enumeration
      • SMB Relay
      • Impacket
      • Bloodhound
      • OWA Exchange Server 2019
      • Active Directory Web Services (ADWS)
      • Active Directory Attacks
    • Mail Server Attacks
    • NFS Enumeration
    • Windows PostExploitation
      • Windows Enumeration
      • Powershell Payloads
      • Add RDP Account & Ride on Meterpreter
    • Dump File Analysis
  • Other Pentest Projects
    • Security Projects
  • WIFI Pentesting
    • Kali Linux - Alpha card AWUS 1900 (VirtualBox)
    • Active Card & Monitor Mode
    • Aircrack-ng Suite
  • Certs
    • Burp Suite Certified Practitioner
  • Linux
    • Network Manager
  • Books
    • The Hacker Playbook 3
Powered by GitBook
On this page
  • Kali Linux with Docker Daemon
  • Install Docker
  • Kali Image from DockerHub
  • Start process inside running container
  • Start container
  • Start container with entrypoint - WFUZZ Example
  • Mount Shared Storage
  • Inside Kali container - Install basic tools
  • Create new image - Commit
  • Start container with data persistence
  • Docker Logs
  • Docker Pentesting Methodology
  • Azure Container Registry (ACR)
  • Docker login into
  • Docker REST APIs

Was this helpful?

  1. Toolset

Docker for Pentesters

Container virtualization with docker

PreviousGit - Repo and ToolsNextActive Directory (AD)

Last updated 1 year ago

Was this helpful?

Long time it did not make sense to me to use docker. There are many cases when it adds more complexity than benefits. However, you might need docker daemon and run images (containers) when:

  • You want to deploy Kali Linux as docker image, for example, to be close to a cloud infrastructure.

  • You need an isolated software with all its dependencies, It's faster to run an existing docker image.

  • You need to restore software to its original state quickly and securely (safe money, reduce SLAs)

Kali Linux with Docker Daemon

Install Docker

There is already a package named "docker", the correct package you want to install is "docker.io".

Kali Image from DockerHub

docker pull kalilinux/kali-rolling

Start process inside running container

docker exec -it <container> bash

Start container

docker run -ti kalilinux/kali-rolling /bin/bash

Start container with entrypoint - WFUZZ Example

docker run -it  --entrypoint /bin/ash dominicbreuker/wfuzz



Mount Shared Storage

docker run -it  --entrypoint /bin/ash --mount  type=bind,src=/usr/share,dst=/usr/share  dominicbreuker/wfuzz
/wfuzz/wfuzz.py -c -w /usr/share/wordlists/dirbuster/directory-list-lowercase-2.3-small.txt https://example.com/FUZZ

Inside Kali container - Install basic tools

apt update
apt dist-upgrade
apt autoremove
apt clean
apt install kali-tools-top10
apt install man-db

Create new image - Commit

Commit the container to transform changes into a new image

docker ps -a
docker commit <CONTAINER ID> my-kali

Start container with data persistence

Configure data persistence for two directories before you start container

docker run -ti --rm --mount type=bind,src=/some/path/kali-root,dst=/root --mount type=bind,src=/some/path/kali-postgres,dst=/var/lib/postgresql my-kali bash

Docker Logs

docker logs <container>
docker logs <container> 2>&1 | grep "PIN"

Docker Pentesting Methodology

Azure Container Registry (ACR)

The docker container registry is a docker image repository. You can push or pull images based on tags in organized way.

Docker login into

If you have installed docker locally or you have docker CLI toolset, you can interact with a local or remote docker container repository

docker login <registryNameDNS> -u <username>

docker pull ...
docker run -p 8580:8580 --name localRunner001 <registryNameDNS>/<repository-item-name>:tag

Docker REST APIs

There are more REST APIs available for docker

  • remote control API which servers as REST API for docker daemon control

  • repository REST API which controls basic docker registry operation

Repository REST API

Kali linux can be deployed as a docker image -

(video)

https://hub.docker.com/r/kalilinux/kali-rolling
https://medium.com/@airman604/kali-linux-in-a-docker-container-5a06311624eb
https://www.cs.ru.nl/bachelors-theses/2020/Joren_Vrancken___4593847___A_Methodology_for_Penetration_Testing_Docker_Systems.pdf
Getting Started with the Azure Container Registry
Installing Docker on Kali Linux | Kali Linux DocumentationKali Linux
Kali Linux In a Docker ContainerMedium
Azure Container Registry | Microsoft AzureMicrosoft Azure
HTTP API V2Docker Documentation
Logo
Logo
Logo
Logo