Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/jz543fm/kali-dockerized
Kali Linux in Docker + Ubuntu 22.04 in Docker for Bug Bounty, Penetration Testing, Security Research, Computer Forensics and Reverse Engineering. Kali Linux inside with Docker with or without support with systemd, repository also contains Proof of Concept with kind (Kubernetes in Docker) to test Kali Linux with enabled systemd in K8s cluster
https://github.com/jz543fm/kali-dockerized
bug-bounty buildkit computer-forensics cybersecurity docker docker-compose docker-kali-linux dockerfile kali kali-linux makefile pentesting-tools security-tools security-vulnerability systemd trivy ubuntu vulnerability-detection vulnerability-scanners
Last synced: 6 days ago
JSON representation
Kali Linux in Docker + Ubuntu 22.04 in Docker for Bug Bounty, Penetration Testing, Security Research, Computer Forensics and Reverse Engineering. Kali Linux inside with Docker with or without support with systemd, repository also contains Proof of Concept with kind (Kubernetes in Docker) to test Kali Linux with enabled systemd in K8s cluster
- Host: GitHub
- URL: https://github.com/jz543fm/kali-dockerized
- Owner: jz543fm
- Created: 2023-05-28T06:57:02.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-04-18T05:57:36.000Z (7 months ago)
- Last Synced: 2024-04-18T06:50:45.153Z (7 months ago)
- Topics: bug-bounty, buildkit, computer-forensics, cybersecurity, docker, docker-compose, docker-kali-linux, dockerfile, kali, kali-linux, makefile, pentesting-tools, security-tools, security-vulnerability, systemd, trivy, ubuntu, vulnerability-detection, vulnerability-scanners
- Language: Dockerfile
- Homepage:
- Size: 83 KB
- Stars: 13
- Watchers: 2
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Dockerized Kali Linux and Ubuntu 22.04
Dockerized Kali Linux + Ubuntu 22.04 for Bug Bounty, Penetration Testing, Security Research, Computer Forensics and Reverse Engineering
I am using [Official](https://www.kali.org/docs/containers/official-kalilinux-docker-images/) Kali Linux Docker image **kalilinux/kali-rolling**, also this page describes **Official Kali Linux Docker Images**
***!!! I am using Docker host network driver, please remember that: The host networking driver only works on Linux hosts, and is not supported on Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server !!! The usage of the host network driver is to optimize performance or to use that in a situation where container needs to handle a wide large range of ports***
***If you want to run this project on the Mac, Windows, Windows server please remove from all commands --network host!!!***
Actually I am managing multiple python versions with [pyenv](https://github.com/pyenv/pyenv) in Kali Linux only
I'm using Python versions: `3.7.16, 3.8.15` with `pyenv local `, for details check out `kali/Dockerfile_systemd`
## Docker Hub
There you can find prebuilt `Kali Linux with systemd Docker Image`
[lostcauze7/kali-dockerized](https://hub.docker.com/r/lostcauze7/kali-dockerized)
If you want to use prebuilt `Kali Linux with systemd Docker Image` just use command bellow,
**if you want to build locally, read the documentation!**
```bash
make docker-p-b #Makefile dockerprebuilt Kali
docker exec -it -u root kali_p bash #docker exec to the prebuilt Kali Linux Docker container with systemd support
```
## Deployment for Kubernetes
Local cluster with [Kind](http://kind.sigs.k8s.io) - (K8s in Docker):
```bash
# Creates kind cluster, 1 master + 2 worker nodes
make cc
# Deletes kind cluster
make dc
```
```bash
# Kali Linux with systemd
kubectl apply -f kali/deploy/deploy.yaml
# Ubuntu
kubectl apply -f ubuntu/deploy/deploy.yaml
```
## Installation
### Installing Dive - Tool for exploring Docker Image, layer, contents to shrink image
One liner to install [Dive](https://github.com/wagoodman/dive) by specific version - Linux:
```bash
DIVE_VERSION=0.11.0; curl -sSLO https://github.com/wagoodman/dive/releases/download/v${DIVE_VERSION}/dive_${DIVE_VERSION}_linux_amd64.deb && sudo dpkg -i dive_${DIVE_VERSION}_linux_amd64.deb
```
if you want to build your image then jump straight into analyzing it:
```bash
cd kali/
dive build -t kali . -f Dockerfile_systemd
```
### Installing Trivy - Docker Vuln. scanner
[Trivy](https://trivy.dev) installation for Docker Image vulnerabilities:
If you are not using Debian/Ubuntu, read [docs](https://aquasecurity.github.io/trivy/v0.18.3/installation/)
One liner to install [Trivy](https://trivy.dev) by specific version (Linux/Ubuntu):
```bash
TRIVY_VERSION=0.44.0; curl -sSLO https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.deb && sudo dpkg -i trivy_${TRIVY_VERSION}_Linux-64bit.deb
```
Trivy usage:
```bash
trivy image
```
### Installing Docker + Docker compose
Install Docker engine by your way you or you can install it by shell script:
```bash
curl -fsSL https://get.docker.com -o get-docker.sh; sudo sh get-docker.sh; rm -rf get-docker.sh
#Permissions:
sudo usermod -aG docker $USER
newgrp docker
```
Docker compose installation (latest release), it is expected you're using only docker compose v2! Used version of **docker-compose.yaml** is **3.8**
```bash
mkdir -p ~/.docker/cli-plugins/; DOCKER_COMPOSE=2.20.2; curl -SL https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE}/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose; chmod +x ~/.docker/cli-plugins/docker-compose #permission
docker compose version #verify
```
### Run Kali Linux in Docker
If you want to run the docker-compose.yaml use the command:
```bash
docker compose up -d --build #detached
```
### Development
Edit Dockerfiles for other services and you can develop with proper commands below
```bash
docker compose up -d #detached
docker compose up -d --build #rebuild new changes for all services
docker compose up -d --build ubuntu #rebuild new changes for ubuntu service
docker compose up -d --build kali #rebuild new changes for kali service
docker compose down --rmi all #remove
docker ps -a #check if container is running
docker image ls #list images
docker image rmi -f #remove image/s
docker logs #logs
docker stats #docker image statistics
# Docker stop all running images and remove them, then you can use docker prune
docker stop $(docker ps -a -q); docker rm $(docker ps -a -q)
# PRUNE
docker system prune
docker image prune
```
### Development v2 + Usage
You can use multiple options to run Kali Linux in Docker or Kali Linux + Ubuntu 22.04 in Docker (docker run, docker build or docker-compose.yaml usage or by Makefile), examples are below:
```bash
#Detached Kali Linux without systemd support docker run
docker run -p 127.0.0.1:88:8088 --name kali -itd kalilinux/kali-rolling
docker attach kali
#Docker compose usage
docker compose up -d --build;
docker compose run -d --rm kali_systemd_2 bash #run Kali Linux with systemd detached
docker exec -it -u root bash #docker exec to Kali container without systemd
docker exec -it -u root bash #docker exec to ubuntu container
docker exec -it -u root bash #docker exec to Kali container with systemd
#Detached Kali Linux with systemd support docker run + docker build
cd kali/
docker build -t kali -f Dockerfile_systemd . #Dockerfile for support systemd in docker container
docker run -it --rm --privileged --workdir /usr --name kali-systemd kali /bin/bash #Docker build
#Makefile
#command explanation is in Makefile
make build-run-plain
make create-build-s
make image-run-s
make kali-scan
make docker-c-build
make docker-c-build-systemd
make docker-p-b
make cc
make dc
```
### Run Kali Linux in Docker with systemd in container
Use it in one Dockerfile for Kali and build up images via bash script or docker-compose.yaml
I've used this [Github repo](https://github.com/AkihiroSuda/containerized-systemd)
```bash
cd kali/
docker build -t kali -f Dockerfile_systemd . #Dockerfile for support systemd in docker container
docker run -it --rm --privileged --workdir /usr --name kali-systemd kali /bin/bash #Docker build
```
Exec to Kali Linux container in Docker:
```bash
docker exec -it -u root kali bash #exec into kali container
```
### Run Kali Docker detached - docker run
```bash
docker run -p 127.0.0.1:88:8088 --name kali -itd kalilinux/kali-rolling
docker attach kali
```
### TODO
## Tools List
Below is list of tools used in Kali Linux
| Tools in Kali Linux | Usage
| ------------------------------------------------------------------|---------------------------------------------------------------------|
| [aircrack-ng](https://www.kali.org/tools/aircrack-ng/) | Complete suite of tools to assess WiFi network security |
| [amap](https://www.kali.org/tools/amap/) | Application Mapper |
| [amass](https://www.kali.org/tools/amass/) | Perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques. |
| [apktool](https://www.kali.org/tools/apktool/) | Reverse engineering 3rd party, closed, binary Android apps |
| [arp-scan](https://www.kali.org/tools/arp-scan/) | ARP protocol to discover and fingerprint IP hosts on the local network. It is available for Linux and BSD under the GPL licence. |
| [arjun](https://www.kali.org/tools/arjun/) | Can find query parameters for URL endpoints |
| [arping](https://www.kali.org/tools/arping/) | Sends ARP and/or ICMP requests to the specified host and displays the replies. The host may be specified by its hostname, its IP address, or its MAC address. |
| [axel](https://www.kali.org/tools/axel/) | Accelerate the downloading process by using multiple connections for one file, similar to DownThemAll and other famous programs. It can also use multiple mirrors for one download. |
| [beef-xss](https://beefproject.com) | Browser Exploitation Framework |
| [binwalk](https://www.kali.org/tools/binwalk/) | Searching a given binary image for embedded files or executable |
| [blackbird](https://github.com/p1ngul1n0/blackbird/) | OSINT
| [burpsuite](https://www.kali.org/tools/burpsuite/) | Integrated platform for performing security testing of web apps |
| [crackmapexec](https://www.kali.org/tools/crackmapexec/) | Swiss army knife for pentesting Windows/Active Directory envs. |
| [cri-tools](https://www.kali.org/tools/cri-tools/) | contains a series of debugging and validation tools for Kubelet CRI, which includes(critest,crictl) |
| [dex2jar](https://www.kali.org/tools/dex2jar/) | Dex-reader is designed to read the Dalvik Executable format |
| [dirb](https://www.kali.org/tools/dirb/) | Web Content Scanner |
| [exploitdb](https://gitlab.com/kalilinux/packages/exploitdb) | Searchable Exploit Database archive |
| [hydra](https://www.kali.org/tools/hydra/) | Parallelized login cracker which supports numerous protocols |
| [john](https://www.kali.org/tools/john/) | John The Ripper - Password Cracker |
| [kubernetes-helm](https://www.kali.org/tools/kubernetes-helm/#helm) | Tool for managing Helm charts
| [maigret](https://github.com/soxoj/maigret) | OSINT
| [mandb](https://man7.org/linux/man-pages/man8/mandb.8.html) | Updates man pages |
| [metasploit-framework](https://www.kali.org/tools/metasploit-framework/) | vulnerability research, exploit development, and the creation of custom security tools
| [ncrack](https://www.kali.org/tools/ncrack/) | High-speed network authentication cracking tool |
| [nikto](https://www.kali.org/tools/nikto/) | Pluggable web server and CGI scanner |
| [nmap](https://www.kali.org/tools/nmap/) | Network Mapper |
| [responder](https://www.kali.org/tools/responder/) | Responder/MultiRelay, an LLMNR, NBT-NS and MDNS poisoner |
| [set](https://www.kali.org/tools/set/) | Social Engineering Toolkit |
| [sherlock](https://github.com/sherlock-project/sherlock) | OSINT |
| [sqlmap](https://www.kali.org/tools/sqlmap/) | Detects and take advantage of SQL injection vulnerabilities in web applications
| [steghide](https://www.kali.org/tools/steghide/) | Steganography program which hides bits of a data file |
| [the Harvester](https://www.kali.org/tools/theharvester/) | Contains a tool for gathering subdomain names, e-mail addresses, virtual hosts, open ports/ banners, and employee names from different public sources (search engines, pgp key servers). |
| [trufflehog](https://www.kali.org/tools/trufflehog/) | Allows you to find secrets in git repositories |
| [uniscan](https://www.kali.org/tools/uniscan/) | URL scanner for vuln. + enables directory and dynamic checks |
| [wapiti](https://www.kali.org/tools/wapiti/) | Allows you to audit the security of your web applications |
| [whatmask](https://www.kali.org/tools/whatmask/) | Network Admin Helper |
| [whatweb](https://www.kali.org/tools/whatweb/) | Identifies website |
| [wireshark](https://www.kali.org/tools/wireshark/) | Network Protocol Analyzer |
| [wpscan](https://www.kali.org/tools/wpscan/) | Scanner for Wordpress security issues |
| [xssRecon](https://github.com/Ak-wa/XSSRecon) | Reflected XSS Scanner |
| [xsser](https://github.com/epsylon/xsser) | Automation framework to detect XSS |
| [yara](https://www.kali.org/tools/yara/) | Can identify/classify malware samples |
### Sort List
```bash
sort -t '[' -k 2,2 -i README.md > sorted.txt
```