Dockerized Kali Linux and Ubuntu 20.04
Dockerized Kali Linux + Ubuntu 20.04 for Bug Bounty, Penetration Testing, Security Research, Computer Forensics and Reverse Engineering
I am using Official Kali Linux Docker image kalilinux/kali-rolling, also this page describes Official Kali Linux Docker Images
Docker Hub
There you can find prebuilt Kali Linux with systemd Docker Image
If you want to use prebuilt Kali Linux with systemd Docker Image just use command bellow,
if you want to build locally, read the documentation!
make docker-p-b #Makefile dockerprebuilt Kali
docker exec -it -u root kali_p bash #docker exec to the prebuilt Kali Linux Docker container with systemd supportInstallation
Installing Dive - Tool for exploring Docker Image, layer, contents to shrink image
One liner to install Dive by specific version - Linux:
DIVE_VERSION=0.11.0; curl -sSLO https://github.com/wagoodman/dive/releases/download/v${DIVE_VERSION}/dive_${DIVE_VERSION}_linux_amd64.deb && sudo dpkg -i dive_${DIVE_VERSION}_linux_amd64.debif you want to build your image then jump straight into analyzing it:
cd kali/
dive build -t kali . -f Dockerfile_systemdInstalling Trivy - Docker Vuln. scanner
Trivy installation for Docker Image vulnerabilities:
If you are not using Debian/Ubuntu, read docs
One liner to install Trivy by specific version (Linux/Ubuntu):
TRIVY_VERSION=0.44.0; curl -sSLO https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.deb && sudo dpkg -i trivy_${TRIVY_VERSION}_Linux-64bit.debTrivy usage:
trivy image <image>Installing Docker + Docker compose
Install Docker engine by your way you or you can install it by shell script:
curl -fsSL https://get.docker.com -o get-docker.sh; sudo sh get-docker.sh; rm -rf get-docker.sh
#Permissions:
sudo usermod -aG docker $USER
newgrp dockerDocker compose installation (latest release), it is expected you're using only docker compose v2! Used version of docker-compose.yaml is 3.8
mkdir -p ~/.docker/cli-plugins/; DOCKER_COMPOSE=2.20.2; curl -SL https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE}/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose; chmod +x ~/.docker/cli-plugins/docker-compose #permission
docker compose version #verifyRun Kali Linux in Docker
I am using docker-compose.yaml and Dockerfile, so to create docker service kali use, also I am using Docker BuildKit, so if you want to build this repository with Docker BuildKit you need to run script sudo script.sh, script checks if the /etc/docker/daemon.json exists or not, if not it creates a one with default config for BuildKit, if file exists it creates a default config, if there is not any daemon.json then it creates a new /etc/docker/daemon.json and then it restarts Linux docker.service with systemctl to apply a changes for Docker Engine
If you want to run the docker-compose.yaml use the command:
docker compose up -d --build #detachedDevelopment
Edit Dockerfiles for other services and you can develop with proper commands below
docker compose up -d #detached
docker compose up -d --build #rebuild new changes for all services
docker compose up -d --build ubuntu #rebuild new changes for ubuntu service
docker compose up -d --build kali #rebuild new changes for kali service
docker compose down --rmi all #remove
docker ps -a #check if container is running
docker image ls #list images
docker image rmi -f <container_id> #remove image/s
docker logs <service> #logs
docker stats <image> #docker image statistics
# Docker stop all running images and remove them, then you can use docker prune
docker stop $(docker ps -a -q); docker rm $(docker ps -a -q)
# PRUNE
docker system prune
docker image pruneDevelopment v2 + Usage
You can use multiple options to run Kali Linux in Docker or Kali Linux + Ubuntu 20.04 in Docker (docker run, docker build or docker-compose.yaml usage or by Makefile), examples are below:
#Detached Kali Linux without systemd/journalctl support docker run
docker run -p 127.0.0.1:88:8088 --name kali -itd kalilinux/kali-rolling
docker attach kali
#Docker compose usage
docker compose up -d --build;
docker compose run -d --rm kali_systemd_2 bash #run Kali Linux with systemd detached
docker exec -it -u root <kali_without_systemd> bash #docker exec to Kali container without systemd
docker exec -it -u root <ubuntu> bash #docker exec to ubuntu container
docker exec -it -u root <kali_with_systemd> bash #docker exec to Kali container with systemd
#Detached Kali Linux with systemd/journalctl support docker run + docker build
cd kali/
docker build -t kali -f Dockerfile_systemd . #Dockerfile for support systemd in docker container
docker run -it --rm --privileged --workdir /usr --name kali-systemd kali /bin/bash #Docker build
#Makefile
#command explanation is in Makefile
make build-run-plain
make create-build-s
make image-run-s
make kali-scan
make docker-c-build
make docker-c-build-systemd
make docker-p-b
make cc
make dcRun Kali Linux in Docker with systemd in container
Use it in one Dockerfile for Kali and build up images via bash script or docker-compose.yaml
I've used this Github repo
cd kali/
docker build -t kali -f Dockerfile_systemd . #Dockerfile for support systemd in docker container
docker run -it --rm --privileged --workdir /usr --name kali-systemd kali /bin/bash #Docker buildExec to Kali Linux container in Docker:
docker exec -it -u root kali bash #exec into kali containerRun Kali Docker detached - docker run
docker run -p 127.0.0.1:88:8088 --name kali -itd kalilinux/kali-rolling
docker attach kaliTODO
- Install Starship + add there my starship.toml
Tools List
| Tools in Kali Linux | Usage |
|---|---|
| aircrack-ng | Complete suite of tools to assess WiFi network security |
| amap | Application Mapper |
| amass | Perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques. |
| apktool | Reverse engineering 3rd party, closed, binary Android apps |
| arp-scan | ARP protocol to discover and fingerprint IP hosts on the local network. It is available for Linux and BSD under the GPL licence. |
| arjun | Can find query parameters for URL endpoints |
| arping | Sends ARP and/or ICMP requests to the specified host and displays the replies. The host may be specified by its hostname, its IP address, or its MAC address. |
| axel | Accelerate the downloading process by using multiple connections for one file, similar to DownThemAll and other famous programs. It can also use multiple mirrors for one download. |
| beef-xss | Browser Exploitation Framework |
| binwalk | Searching a given binary image for embedded files or executable |
| blackbird | OSINT |
| burpsuite | Integrated platform for performing security testing of web apps |
| crackmapexec | Swiss army knife for pentesting Windows/Active Directory envs. |
| cri-tools | contains a series of debugging and validation tools for Kubelet CRI, which includes(critest,crictl) |
| dex2jar | Dex-reader is designed to read the Dalvik Executable format |
| dirb | Web Content Scanner |
| exploitdb | Searchable Exploit Database archive |
| hydra | Parallelized login cracker which supports numerous protocols |
| john | John The Ripper - Password Cracker |
| kube-hunter | Hunts for weakness in K8s cluster/s |
| kubernetes-helm | Tool for managing Helm charts |
| maigret | OSINT |
| mandb | Updates man pages |
| metasploit-framework | vulnerability research, exploit development, and the creation of custom security tools |
| ncrack | High-speed network authentication cracking tool |
| nikto | Pluggable web server and CGI scanner |
| nmap | Network Mapper |
| responder | Responder/MultiRelay, an LLMNR, NBT-NS and MDNS poisoner |
| set | Social Engineering Toolkit |
| sherlock | OSINT |
| sqlmap | Detects and take advantage of SQL injection vulnerabilities in web applications |
| steghide | Steganography program which hides bits of a data file |
| the Harvester | Contains a tool for gathering subdomain names, e-mail addresses, virtual hosts, open ports/ banners, and employee names from different public sources (search engines, pgp key servers). |
| trufflehog | Allows you to find secrets in git repositories |
| uniscan | URL scanner for vuln. + enables directory and dynamic checks |
| wapiti | Allows you to audit the security of your web applications |
| whatmask | Network Admin Helper |
| whatweb | Identifies website |
| wireshark | Network Protocol Analyzer |
| wpscan | Scanner for Wordpress security issues |
| xssRecon | Reflected XSS Scanner |
| xsser | Automation framework to detect XSS |
| yara | Can identify/classify malware samples |
Sort List
sort -t '[' -k 2,2 -i README.md > sorted.txt