https://github.com/itboxltda/pentestlab

Script to manage and create local pentesting training virtual lab
https://github.com/itboxltda/pentestlab

cybersecurity cybersecurity-training-lab laboratory-automation owasp pentesting-resources security-testing

Last synced: 21 days ago
JSON representation

Script to manage and create local pentesting training virtual lab

• Host: GitHub
• URL: https://github.com/itboxltda/pentestlab
• Owner: itboxltda
• Created: 2019-07-17T19:39:54.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2020-06-07T10:37:16.000Z (over 4 years ago)
• Last Synced: 2024-11-01T23:19:02.095Z (about 1 month ago)
• Topics: cybersecurity, cybersecurity-training-lab, laboratory-automation, owasp, pentesting-resources, security-testing
• Language: Shell
• Size: 36.1 KB
• Stars: 48
• Watchers: 4
• Forks: 11
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• awesome-hacking-lists - itboxltda/pentestlab - Script to manage and create local pentesting training virtual lab (Shell)

README

        
## Local PentestLab Management Script

Bash script to manage web apps using docker and hosts aliases.  

Made for Kali linux, but should work fine with pretty much any debian linux distro.

### Current available webapps

* bWAPP

* WebGoat 7.1

* WebGoat 8.0

* NodeGoat 1.3

* Damn Vulnerable Web App

* Mutillidae II

* OWASP Juice Shop

* WPScan Vulnerable Wordpress

* OpenDNS Security Ninjas

### Get started 

Clone repo and use the pentestlab.sh script as described below  

```

git clone https://github.com/itboxltda/pentestlab.git

cd pentestlab

# If you have not installed docker on your x64 Kali system

# you can run this script (tested as of Jul 2019)

# Note: I always add a regular user and login with it 

#       before actually using kali, so sudo is added in all scripts

./install_docker_kali_x64.sh

# Then run

./pentestlab.sh start bwapp

# ... to download bwapp docker image and map it onto localhost at http://bwapp

# Print a complete list of available projects use the list command

./pentestlab.sh list 

# Running just the script will print help info

./pentestlabs.sh 

```

### Usage

```

Usage: ./pentestlab.sh {list|status|info|start|stop} [projectname]

 This scripts uses docker and hosts alias to make web apps available on localhost"

Ex.

./pentestlab.sh list

   List all available projects  

   

./pentestlab.sh status

   Show status for all projects  

   

./pentestlab.sh start bwapp

   Start docker container with bwapp and make it available on localhost  

./pentestlab.sh stop bwapp

   Stop docker container

./pentestlab.sh info bwapp

   Show information about bwapp project

```

 ### Dockerfiles from

 DVWA     		- Ryan Dewhurst (vulnerables/web-dvwa)  

 Mutillidae II		- Nikolay Golub (citizenstig/nowasp)  

 bWapp     		- Rory McCune (raesene/bwapp)  

 WebGoat7		  - OWASP Project (webgoat/webgoat-7.1)  

 WebGoat8    - OWASP Project (webgoat/webgoat-8.0)  

 NodeGoat    - Brian Huang (brianhuangyl/nodegoat)  

 Juice Shop  - Bjoern Kimminich (bkimminich/juice-shop)  

 Vulnerable Wordpress	- Jayson Grace (l505/vulnerablewordpress)  

 Security Ninjas	- OpenDNS Security Ninjas