.png)
3 years ago
335 
Docker for pentest is an image with the more used tools to create an pentest environment easily and quickly.
Features
OS, networking, developing and pentesting tools installed. Connection to HTB (Hack the Box) vpn to access HTB machines. Popular wordlists installed: SecLists, dirb, dirbuster, fuzzdb, wfuzz and rockyou. Proxy service to send traffic from any browsers and burp suite installed in your local directory. Exploit database installed. Tool for cracking password. Linux enumeration tools installed. Tools installed to discovery services running. Tools installed to directory fuzzing. Monitor for linux processes without root permissions Zsh shell installed.Operative system tools
rdate vim zsh oh-my-zsh locate cifs-utilsNetwork tools
traceroute telnet net-tools iputils-ping tcpdump openvpn whois host pripsDeveloper tools
git curl wget ruby go python python-pip python3 python3-pipPentest tools
Port scanning
nmap masscan ScanPorts created by @s4vitar with some improvementsRecon
Subdomains Amass GoBuster Knock MassDNS Altdns spyse Sublist3r findomain subfinder spiderfoot Subdomain takeover subjack DNS Lookups hakrevdns Screenshot gowitness aquatone Crawler hakrawler Photon waybackurls gospider Search directories dirsearch Fuzzer wfuzz ffuf Web Scanning whatweb wafw00z nikto arjun httprobe striker CMS wpscan joomscan droopescan cmseek Search JS LinkFinder getJSWordlist
cewl wordlists: wfuzz SecList Fuzzdb Dirbuster Dirb Rockyou crunchGit repositories
gitleaks gitrob gitGraber github-searchOWASP
sqlmap XSStrikeBrute force
crowbar hydra patator medusaCracking
hashid john the ripper hashcatOS Enumeration
htbenum linux-smart-enumeration linenum enum4linux ldapdomaindump PEASS - Privilege Escalation Awesome Scripts SUITE Windows Exploit Suggester - Next Generation smbmap pspy - unprivileged Linux process snooping smbclient ftpExploits
searchsploit Metasploit MS17-010 AutoBlue-MS17-010 PrivExchangeWindows
evil-winrm impacket CrackMapExec Nishang Juicy Potato PowerSploit pass-the-hash mimikatz gpp-decryptReverse shell
netcat rlwrapOther resources
pentest-tools from @gwen001 qsreplace from @tomnomnomCustom functions
NmapExtractPorts from @s4vitarOther services
apache2 squidDocumentation
See the project's wiki for documentation.
Usage
Prerequisites
Docker service installedYou can use the docker image by the next two options:
Option 1 - Use the github repository
git clone --depth 1 https://github.com/aaaguirrep/pentest.git cd pentest docker build -t pentest . docker run --rm -it --name my-pentest pentest /bin/zshOption 2 - Use the image from docker hub
Use image from docker hub: aaaguirrep/pentest
Considerations to run the container
There are differents use cases for use the image and you should know how to run the container properly.
docker run --rm -it --cap-add=NET_ADMIN --device=/dev/net/tun --sysctl net.ipv6.conf.all.disable_ipv6=0 --name my-pentest aaaguirrep/pentest /bin/zsh Share information from your local directory to container directory and save information on your local directory. You should save information under /pentest directory.
docker run --rm -it -v /path/to/local/directory:/pentest --name my-pentest aaaguirrep/pentest /bin/zsh Expose internal container services (apache, squid) for your local environment.
docker run --rm -it --name my-pentest -p 80:80 -p 3128:3128 aaaguirrep/pentest /bin/zsh Inside the container start apache2 and squid services by the aliases.
apacheUp squidUp Mount directories by umount command.
docker run --rm -it --privileged --name my-pentest aaaguirrep/pentest /bin/zsh Tools are downloaded in /tools directory.
Nice configurations
You can set up the docker image with nice configurations like as:
1. Alias to connect to HTB (Hack the Box) VPN
To use both options you should use -v option to map local directoty with /pentest container directory.
Option 1 - HTB VPN using github repository
Add the next line in step "Create shorcuts" in Dockerfile, build a new image and run a new container with the -v option.
Option 2 - HTB VPN using docker hub image
Create a new Dockerfile with the next steps, build a new image and run a new container with -v option.
2. Save and load command history in your local environment
When you delete a container all information is deleted incluide command history. The next configuration provides you an option for save the command history in your local environment and load it when you run a new container. So, you wont lose your command history when run a new container.
To use both options you should use -v option to map local directoty with /pentest container directory.
Option 1 - Command history using github repository
Add the next line in step "Create shorcuts" in Dockerfile, build a new image and run a new container.
Option 2 - Command history using docker hub image
Create a new Dockerfile with the next steps, build a new image and run a new container.
Environment tested
The image was tested in the following environments:
Docker service for Linux instance on Google Cloud Platform: Docker version 19.03.6, build 369ce74a3c
Warning
Do not save information on container directories because it will be lost after delete the container, you should save information in your local environment using the parameter -v when you run the container. For instance:docker run --rm -it -v /path/to/local/directory:/pentest --name my-pentest aaaguirrep/pentest /bin/zsh The above command specify a path local directory mapped with /pentest container directory. You should save all information under /pentest directory.
Use hashcat and john the ripper on controlled environments as CTF. You can experiment issues.
Contributing
Contributing Guide
Bengali (Bangladesh) · 
English (United States) ·