Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/iknowjason/AriaCloud

A Docker container for remote penetration testing.
https://github.com/iknowjason/AriaCloud

cloud-security docker-container kali-linux penetration-testing

Last synced: 3 months ago
JSON representation

A Docker container for remote penetration testing.

Awesome Lists containing this project

README

        

# Aria Cloud Overview
Aria Cloud Penetration Testing Tools Container. **Aria Cloud** is a Docker Container ideal for remote pentesting over SSH or RDP, with a primary emphasis on cloud security tools and secondary on Active Directory tools. Use it for an assumed breach pentest where remote access is necessary via RDP or SSH, or for simple AD lab testing. It is built for use cases where one needs to remote into a container using SSH or RDP, and then run their security workflows (i.e., Cloud environments). This repo also included an automated Terraform template + Ansible Playbook to deploy Aria Cloud as a container running on an Ubuntu Linux VM, with remote access over RDP.

Medium Blog: https://medium.com/bugbountywriteup/pentesting-in-the-clouds-introducing-ariacloud-58cb5cc1c50d

# Summary of Tools (Image Built on Kali Linux Rolling)
* Metapackages: kali-linux-core, kali-linux-top10, kali-desktop-core
* xRDP and SSH (for remote access)
* socat, powershell 7, smbclient
* AWS cli tools (aws, s3cmd)
* Azure cli tools (az)
* Google Cloud Platform cli tool (gcloud, kubectl)
* ROADTools (https://github.com/dirkjanm/ROADtools)
* Stormspotter (https://github.com/Azure/Stormspotter)
* ScoutSuite (https://github.com/nccgroup/ScoutSuite)
* Cloud_Enum (https://github.com/initstring/cloud_enum)
* cloudmapper (https://github.com/duo-labs/cloudmapper)
* Bucket Stream (https://github.com/eth0izzle/bucket-stream)
* Pacu (https://github.com/RhinoSecurityLabs/pacu)
* WeirdAAL (https://github.com/carnal0wnage/weirdAAL)
* evil-winrm (https://github.com/Hackplayers/evil-winrm)
* Impacket Python library and tools (https://github.com/SecureAuthCorp/impacket)
* Neo4j (https://neo4j.com/)
* Bloodhound (https://github.com/BloodHoundAD/BloodHound)
* Plumhound (https://github.com/DefensiveOrigins/PlumHound)
* Fox-IT Bloodhound-python data ingestor (https://github.com/fox-it/BloodHound.py)
* gitleaks (https://github.com/zricethezav/gitleaks)
* shhgit (https://github.com/eth0izzle/shhgit)
* gitrob (https://github.com/michenriksen/gitrob)
* Trufflehog (https://github.com/dxa4481/truffleHog)
* detect-secrets (https://github.com/Yelp/detect-secrets)
* Rubeus (https://github.com/GhostPack/Rubeus)
* Mimikatz (https://github.com/gentilkiwi/mimikatz)

# Terraform Automated Deployment

This repo now includes a Terraform template and Ansible Playbook that automatically deploys Aria Cloud into an Azure VM with remote access over RDP. For more information, navigate into the **terraform-azure** directory and see the README.

# Default Credentials

**Username:** aria

**Password:** !aria123!

**Default Tools Directory** Most special tools are installed into **/opt** directory if they aren't in the default /usr/local/bin/ path

# 3 Docker Containers: 3 Potential Use Cases
**Use Case #1:** aria-base: Attach to /bin/bash local console, and do your thing.

**Use Case #2:** aria-rdp: Use an RDP client to remotely access the container. Best for running Bloodhound and other tools that require Neo4j GUI.

**Use Case #3:** aria-ssh: Use an SSH client to remotely access the container.

# Base Image Use Case: Build or Pull, and then Run

**Pre-requisite:** Install docker for your system

**Quickly run it with docker pull:**

```
docker pull iknowjason/aria-base:latest
```
Run it!
```
docker run -ti iknowjason/aria-base:latest
```

You can get the IMAGE_ID with **docker images** command

**Build & Run It**

Clone this repo:

```
git clone https://github.com/iknowjason/AriaCloud.git
cd AriaCloud
```
Build:
```
docker build -f Dockerfile.base -t aria .
```
Run:
```
docker run -ti aria
```

# RDP Container Use Case: Build or Pull, and then Run

**Quickly run it with docker pull:**

```
docker pull iknowjason/aria-rdp:latest
```

Bind the RDP ports from the docker container to expose them on the LAN interface of the host computer

```
docker run -d --name myname -p 3389:3389 iknowjason/aria-rdp:latest
```

You can get the IMAGE_ID with **docker images** command

Verify ports:
```
docker port myname
```
Now RDP to your Host computer's IP address on port 3389.

**Build & Run It**

Clone this repo:
```
git clone https://github.com/iknowjason/AriaCloud.git
cd AriaCloud
```
Build:
```
docker build -f Dockerfile.rdp -t aria .
```
Run:
```
docker run -d --name myname -p 3389:3389 aria
```

# SSH Container Use Case: Build or Pull, and then Run

**Quickly run it with docker pull:**
```
docker pull iknowjason/aria-ssh:latest
```
Bind the SSH ports from the docker container to expose them on the LAN interface of the host computer
```
docker run -d --name myname -p 22:22 iknowjason/aria-ssh:latest
```
You can get the IMAGE_ID with **docker images** command

Verify ports:
```
docker port myname
```
Now SSH to your Host computer's IP address on port 22.

**Build & Run It**

Clone this repo:
```
git clone https://github.com/iknowjason/AriaCloud.git
cd AriaCloud
```
Build:
```
docker build -f Dockerfile.ssh -t aria .
```
Run:
```
docker run -d --name myname -p 22:22 aria
```

# To Do
* Fix small errors after RDP connection and auth success
* Fix MacOS RDP client black screen
* Terraform template deployment for AWS
* K8s tools

# Hat Tips
* Offensive Security team for Kali
* All the other tool authors listed above