{"id":13843777,"url":"https://github.com/pwnpad/pwnpad","last_synced_at":"2025-07-11T20:30:35.343Z","repository":{"id":37623047,"uuid":"192736686","full_name":"pwnpad/pwnpad","owner":"pwnpad","description":"🐳 VMs are bloat. Dockerise your VAPT environment","archived":false,"fork":false,"pushed_at":"2025-04-19T02:43:36.000Z","size":3950,"stargazers_count":73,"open_issues_count":2,"forks_count":8,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-19T11:12:19.735Z","etag":null,"topics":["archlinux","binary-exploitation","capture-the-flag","ctf","ctf-tools","hacking","hacking-tools","ocsp","penetration-testing","pentesting","pentesting-tools","pwnbox","pwnpad","web-security"],"latest_commit_sha":null,"homepage":"https://hub.docker.com/r/platypew/pwnpad","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pwnpad.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-06-19T13:22:35.000Z","updated_at":"2025-04-19T02:43:40.000Z","dependencies_parsed_at":"2023-12-06T08:24:15.988Z","dependency_job_id":"a25c0e2c-5f38-4750-8ee4-212f65305df5","html_url":"https://github.com/pwnpad/pwnpad","commit_stats":null,"previous_names":[],"tags_count":14,"template":false,"template_full_name":null,"purl":"pkg:github/pwnpad/pwnpad","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pwnpad%2Fpwnpad","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pwnpad%2Fpwnpad/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pwnpad%2Fpwnpad/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pwnpad%2Fpwnpad/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pwnpad","download_url":"https://codeload.github.com/pwnpad/pwnpad/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pwnpad%2Fpwnpad/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264891995,"owners_count":23679201,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["archlinux","binary-exploitation","capture-the-flag","ctf","ctf-tools","hacking","hacking-tools","ocsp","penetration-testing","pentesting","pentesting-tools","pwnbox","pwnpad","web-security"],"created_at":"2024-08-04T17:02:26.798Z","updated_at":"2025-07-11T20:30:35.329Z","avatar_url":"https://github.com/pwnpad.png","language":"Shell","funding_links":[],"categories":["Shell"],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n \u003cimg src=\"images/logo.png\" style=\"width: 25%; height: auto;\"/\u003e\n \u003cbr/\u003e\n \u003cbr/\u003e\n \u003ca href=\"https://github.com/pwnpad/pwnpad/blob/master/LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/github/license/pwnpad/pwnpad\"\u003e\u003c/a\u003e\n \u003ca href=\"https://hub.docker.com/_/docker\"\u003e\u003cimg src=\"https://img.shields.io/badge/docker-25.0.3-blue.svg\"\u003e\u003c/a\u003e\n \u003cimg src=\"https://img.shields.io/badge/Coded%20By%20Humans-100%25-brightgreen\" /\u003e\n \u003ca href=\"https://github.com/pwnpad/pwnpad/actions\"\u003e\u003cimg src=\"https://img.shields.io/github/actions/workflow/status/pwnpad/pwnpad/docker-image.yml?label=docker%20build\"\u003e\u003c/a\u003e\n \u003cbr/\u003e\n \u003ca href=\"https://hub.docker.com/r/platypew/pwnpad/tags\"\u003e\u003cimg src=\"https://img.shields.io/docker/image-size/platypew/pwnpad/lite?arch=amd64\u0026label=lite-amd64\"\u003e\u003c/a\u003e\n \u003ca href=\"https://hub.docker.com/r/platypew/pwnpad/tags\"\u003e\u003cimg src=\"https://img.shields.io/docker/image-size/platypew/pwnpad/lite?arch=arm64\u0026label=lite-arm64\"\u003e\u003c/a\u003e\n \u003cbr/\u003e\n \u003ca href=\"https://hub.docker.com/r/platypew/pwnpad/tags\"\u003e\u003cimg src=\"https://img.shields.io/docker/image-size/platypew/pwnpad/latest?arch=amd64\u0026label=latest-amd64\"\u003e\u003c/a\u003e\n \u003ca href=\"https://hub.docker.com/r/platypew/pwnpad/tags\"\u003e\u003cimg src=\"https://img.shields.io/docker/image-size/platypew/pwnpad/latest?arch=arm64\u0026label=latest-arm64\"\u003e\u003c/a\u003e\n \u003cbr/\u003e\n \u003ch1\u003ePwnPad\u003c/h1\u003e\n \u003cp\u003ePerfect for doing Capture-The-Flag challenges and Pentesting on any platform, without needing a clunky, fat, resource hungry virtual machine. PwnPad provides a wide array of tools at your very own fingertips, powered by Arch Linux!\u003c/p\u003e\n \u003cbr/\u003e\n \u003cimg src=\"images/moneyshot.png\" style=\"width: 100%; height: auto;\"/\u003e\n \u003ci\u003eGot OSCP with this btw 👍🏼\u003c/i\u003e\n\u003c/div\u003e\n\n## Contents\n\n1. [Download](#download)\n2. [Usage](#usage)\n3. [Features](#features)\n4. [Tools](#tools)\n5. [License](#license)\n\n\u003cdiv align=\"center\"\u003e\n \u003ch1\u003eDownload\u003c/h1\u003e\n \u003cp\u003eHow to Download and Install PwnPad\u003c/p\u003e\n\u003c/div\u003e\n\n#### Requirements\n\n- Docker installed (Docker Desktop for Windows \u0026 Mac)\n- Nerd Fonts installed\n\n#### Homebrew (macOS)\n\n```\nbrew install pwnpad/tap/pwnpad\n```\n\n### Wget (Linux)\n\n```\nsudo wget https://raw.githubusercontent.com/pwnpad/pwnpad/master/p2 \\\n -O /usr/local/bin/p2 \u0026\u0026 \\\nsudo wget https://raw.githubusercontent.com/pwnpad/pwnpad/master/_p2-autocomplete.zsh \\\n -O /usr/local/share/zsh/site-functions/_p2\n```\n\n#### Git\n\nPwnPad can also be downloaded directly from GitHub\n\n```\ngit clone https://github.com/pwnpad/pwnpad.git\n```\n\n#### Getting Images\n\n```bash\n# Build image locally (Only works if you installed through cloning)\np2 build # Basic image\np2 build -i lite # Lite image\np2 build -i bare # Bare image (Extra image without the user interface)\n\n# Or pull from Docker Hub\ndocker pull platypew/pwnpad:lite # Lite image\ndocker pull platypew/pwnpad:latest # Basic image\ndocker pull platypew/pwnpad:bare # Bare image (Extra image without the user interface)\n```\n\n\u003cbr/\u003e\n\u003cdiv align=\"center\"\u003e\n \u003ch1\u003eUsage\u003c/h1\u003e\n \u003cp\u003eHow to operate PwnPad\u003c/p\u003e\n\u003c/div\u003e\n\n### Quick Start\n\n```bash\n# Using Base Image\np2 attach ctf\n\n# Using Lite Image\np2 attach -i lite ctf\n\n# Using Bare Image\n# Using the privileged flag is not recommended, however, it solves a lot of manual adding of capabilities\ndocker run --privileged -it platypew/pwnpad:bare \u003ctool name\u003e\n```\n\n### General\n\nYou might want to alias `p2` in your bashrc/zshrc\n\n```\n$ p2\nUSAGE:\n p2 \u003cSUBCOMMAND\u003e\n\nSUBCOMMAND:\n build Build Docker image\n attach Attach into container\n rm Remove container and its volumes\n kill Stop container from running\n volume Enter into container's volume\n ls List pwnpad instances\n update Update image to the latest build\n\nHELP:\n p2 build -h\n p2 attach -h\n p2 rm -h\n```\n\n\u003cbr/\u003e\n\u003cdiv align=\"center\"\u003e\n \u003ch1\u003eFeatures\u003c/h1\u003e\n \u003cp\u003eWhy PwnPad over other Docker-based environments?\u003c/p\u003e\n\u003c/div\u003e\n\u003cbr/\u003e\n\n1. It's powered by Arch, giving you access to the AUR and Blackarch (with systemd enabled)\n2. It runs on Windows (WSL2), MacOS and Linux\n3. It's built for both amd64 and arm64\n4. It's super lightweight taking over 3GB of space\n5. You can spawn as many independent instances as you want and remove them just as quick\n6. Supports X11 forwarding\n7. Supports VNC and noVNC with i3\n8. Customised Neovim and Zsh so you look _super_ cool using it\n\n### Integrated Features\n\n#### SSH\n\nYou can ssh into PwnPad by doing these steps.\n\n\u003cdetails\u003e\n\n1. `sudo systemctl start sshd`\n2. Insert your public key into `~/.ssh/authorized_keys`\n3. Use `p2 ls` to the port bound to port 22\n4. Do `ssh -p \u003cport\u003e pwnpad@localhost`\n\n\u003c/details\u003e\n\n#### Proxy\n\nYou can proxy your traffic through PwnPad by doing these steps.\n\n\u003cdetails\u003e\n\n1. Use `p2 ls` to the port bound to port 22\n2. `sshuttle -vHNr pwnpad@localhost:\u003cport\u003e`\n\n\u003c/details\u003e\n\n#### Publish Port to Public\n\nYou can use ngrok to publish a port to the public.\n\n\u003cdetails\u003e\n\n- Start: `publish start` (Insert api key if prompted)\n- Stop: `publish stop`\n- Status: `publish status`\n- Set a port to tunnel: `publish set \u003cport\u003e`\n- Delete a tunnelling port: `publish del \u003cport\u003e`\n\n\u003c/details\u003e\n\n#### Toggle ASLR\n\nYou can turn ASLR on and off.\n\n\u003cdetails\u003e\n\n- On: `aslr on`\n- Off: `aslr off`\n\n\u003c/details\u003e\n\n#### Enable noVNC (not available in lite image)\n\n\u003cdetails\u003e\n\nEnabling VNC (you may need to run your system through a proxy to access the noVNC server).\n\n- Start: `gui start`\n- Stop: `gui stop`\n\n\u003c/details\u003e\n\n#### Create intel environment (only in arm64 image)\n\nCreates a chroot environment to run purely intel binaries.\nYou can still run intel binaries that uses only glibc within the regular context.\n\n\u003cdetails\u003e\n\n- Use pacman: `intel-pacman`\n- Run command: `intel-run`\n\n\u003c/details\u003e\n\n### Included Infosec Tools\n\n| Tools | Description |\n| ---------------- | ------------------------------------------------------------------------------------------------ |\n| aflplusplus | American Fuzzing Lop fuzzer with community patches and additional features |\n| arp-scan | A tool that uses ARP to discover and fingerprint IP hosts on the local network |\n| binwalk | Tool for searching a given binary image for embedded files |\n| commix | Automated All-in-One OS Command Injection and Exploitation Tool |\n| creddump | A python tool to extract various credentials and secrets from Windows registry hives |\n| crunch | A wordlist generator for all combinations/permutations of a given character set |\n| dnsenum | Script that enumerates DNS information from a domain |\n| dnsrecon | Python script for enumeration of hosts, subdomains and emails from a given domain using google. |\n| enum4linux-ng | A tool for enumerating information from Windows and Samba systems |\n| evil-winrm | The ultimate WinRM shell for hacking/pentesting |\n| exiftool | Meta information reader/writer |\n| exploitdb | The official Exploit Database repository |\n| foremost | A console program to recover files based on their headers, footers, and internal data structures |\n| fping | Utility to ping multiple hosts at once |\n| gdb-multiarch | The GNU Debugger for all gdb supported architectures (i386/arm/mips...) |\n| gobuster | URI and DNS subdomain bruteforcer |\n| hashcat-utils | Set of small utilities that are useful in advanced password cracking |\n| hexedit | Terminal-based hex editor |\n| hping | A command-line oriented TCP/IP packet assembler/analyzer |\n| impacket | Collection of classes for working with network protocols |\n| jadx | Java decompiler |\n| john | John the Ripper password cracker |\n| lbd | Load Balancing detector |\n| ldapenum | Enumerate domain controllers using LDAP |\n| ligolo-ng | An advanced, yet simple, tunneling tool that uses a TUN interface |\n| metasploit | Platform for developing, testing, and executing exploits |\n| nbtscan | Scan networks searching for NetBIOS information |\n| ncrack | High-speed network authentication cracking tool |\n| netcat | Network piping application |\n| netexec | A swiss army knife for pentesting Windows/Active Directory environments |\n| ngrok | Secure introspectable tunnels to localhost webhook development tool and debugging tool |\n| nmap | Utility for network discovery and security auditing |\n| onesixtyone | An SNMP scanner that sends multiple SNMP requests to multiple IP addresses |\n| pwndbg | Makes debugging with GDB suck less |\n| pwntools | Useful CTF utilities. |\n| revshellgen | Simple script to generate commands to achieve reverse shells |\n| rizin | Open-source tools to disasm, debug, analyze and manipulate binary files (With Ghidra Decompiler) |\n| ropper | Gadget finder. |\n| rsactftool | RSA attack tool (mainly for CTFs) |\n| rustscan | A modern port scanner |\n| scalpel | A frugal, high performance file carver |\n| sleuthkit | File system and media management forensic analysis tools |\n| smbmap | A handy SMB enumeration tool |\n| sqlmap | Automatic SQL injection and database takeover tool |\n| swaks | Swiss Army Knife SMTP; Command line SMTP testing, including TLS and AUTH |\n| wafw00f | Identify and fingerprint Web Application Firewall (WAF) products protecting a website |\n| whatweb | Next generation web scanner that identifies what websites are running |\n| whois | Intelligent WHOIS client |\n| windows-binaries | A collection of pentesting Windows binaries |\n| xortool | XOR analysis tool. |\n| yafu | Yafu factor input integers in a completely automated way. |\n| z3 | Theorem prover from Microsoft Research. |\n\n\u003cdetails\u003e\n \u003csummary\u003eTools available in lite image\u003c/summary\u003e\n\n| Tools | Description |\n| ------------- | ------------------------------------------------------------------------------------------------ |\n| aflplusplus | American Fuzzing Lop fuzzer with community patches and additional features |\n| binwalk | Tool for searching a given binary image for embedded files |\n| exiftool | Meta information reader/writer |\n| exploitdb | The official Exploit Database repository |\n| foremost | A console program to recover files based on their headers, footers, and internal data structures |\n| gdb-multiarch | The GNU Debugger for all gdb supported architectures (i386/arm/mips...) |\n| gobuster | URI and DNS subdomain bruteforcer |\n| hexedit | Terminal-based hex editor |\n| jadx | Java decompiler |\n| metasploit | Platform for developing, testing, and executing exploits |\n| netcat | Network piping application |\n| ngrok | Secure introspectable tunnels to localhost webhook development tool and debugging tool |\n| nmap | Utility for network discovery and security auditing |\n| pwndbg | Makes debugging with GDB suck less |\n| pwntools | Useful CTF utilities. |\n| rizin | Open-source tools to disasm, debug, analyze and manipulate binary files (With Ghidra Decompiler) |\n| ropper | Gadget finder. |\n| rsactftool | RSA attack tool (mainly for CTFs) |\n| sqlmap | Automatic SQL injection and database takeover tool |\n| xortool | XOR analysis tool. |\n| yafu | Yafu factor input integers in a completely automated way. |\n| z3 | Theorem prover from Microsoft Research. |\n\n\u003c/details\u003e\n\n### Included QoL Tools\n\n| Software | Description |\n| ------------ | ---------------------------------------------------------------------------------- |\n| autojump | A cd command that learns |\n| bat | Cat clone with syntax highlighting and git integration |\n| exa | ls replacement |\n| fzf | A fuzzy finder |\n| neovim | A fully-fledged personal development environment |\n| openvpn | An easy-to-use, robust and highly configurable VPN |\n| powerlevel0k | Beautiful zsh shell using powerlevel10k theme |\n| qemu-user | Allows emulation of i386 and x86_64 binaries (Only for arm64 builds) |\n| ripgrep | Grep but fasstttt |\n| tmux | Allows multiple terminal sessions to be accessed simultaneously in a single window |\n| zsh | A modern shell with a bunch a plugins powered by zgenom |\n\n\u003cdiv align=\"center\"\u003e\n \u003ch3\u003eAnd many more!\u003c/h1\u003e\n\u003c/div\u003e\n\u003cbr/\u003e\n\n\u003cdiv align=\"center\"\u003e\n \u003ch1\u003eLicense\u003c/h1\u003e\n \u003cp\u003eThis project is released under the \u003ca href=\"https://github.com/pwnpad/pwnpad/blob/master/LICENSE\"\u003eMIT License\u003c/a\u003e\u003c/p\u003e\n\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpwnpad%2Fpwnpad","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpwnpad%2Fpwnpad","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpwnpad%2Fpwnpad/lists"}