Docker for Pentesters

Container virtualization with docker

Long time it did not make sense to me to use docker. There are many cases when it adds more complexity than benefits. However, you might need docker daemon and run images (containers) when:

  • You want to deploy Kali Linux as docker image, for example, to be close to a cloud infrastructure.

  • You need an isolated software with all its dependencies, It's faster to run an existing docker image.

  • You need to restore software to its original state quickly and securely (safe money, reduce SLAs)

Kali Linux with Docker Daemon

Install Docker

There is already a package named "docker", the correct package you want to install is "".

Kali Image from DockerHub

Kali linux can be deployed as a docker image -

docker pull kalilinux/kali-rolling

Start process inside running container

docker exec -it <container> bash

Start container

docker run -ti kalilinux/kali-rolling /bin/bash

Start container with entrypoint - WFUZZ Example

docker run -it  --entrypoint /bin/ash dominicbreuker/wfuzz

Mount Shared Storage

docker run -it  --entrypoint /bin/ash --mount  type=bind,src=/usr/share,dst=/usr/share  dominicbreuker/wfuzz
/wfuzz/ -c -w /usr/share/wordlists/dirbuster/directory-list-lowercase-2.3-small.txt

Inside Kali container - Install basic tools

apt update
apt dist-upgrade
apt autoremove
apt clean
apt install kali-tools-top10
apt install man-db

Create new image - Commit

Commit the container to transform changes into a new image

docker ps -a
docker commit <CONTAINER ID> my-kali

Start container with data persistence

Configure data persistence for two directories before you start container

docker run -ti --rm --mount type=bind,src=/some/path/kali-root,dst=/root --mount type=bind,src=/some/path/kali-postgres,dst=/var/lib/postgresql my-kali bash

Docker Logs

docker logs <container>
docker logs <container> 2>&1 | grep "PIN"

Docker Pentesting Methodology

Azure Container Registry (ACR)

The docker container registry is a docker image repository. You can push or pull images based on tags in organized way.

Getting Started with the Azure Container Registry (video)

Docker login into

If you have installed docker locally or you have docker CLI toolset, you can interact with a local or remote docker container repository

docker login <registryNameDNS> -u <username>

docker pull ...
docker run -p 8580:8580 --name localRunner001 <registryNameDNS>/<repository-item-name>:tag

Docker REST APIs

There are more REST APIs available for docker

  • remote control API which servers as REST API for docker daemon control

  • repository REST API which controls basic docker registry operation

Repository REST API

Last updated