docker infosecaddicts

We all know that with the arrival of docker it is no longer necessary to use a virtual machine for some things due to the ease and speed that docker offers. In this publication we will see some basic concepts and the way of use.

Doker is designed for the world of software developers, so you can create an application that can run on any operating system and in addition to that it facilitates the deployment of it.

  • Docker installation for windows

https://docs.docker.com/install/linux/docker-ce/ubuntu/

  • Docker installation for linux

https://docs.docker.com/docker-for-windows/install/

Simple use example:

$ sudo docker pull hello-world

$ sudo docker images hello-world

$ sudo docker run hello-world

As everything is learned with practice then let’s start with a simple ubuntu Linux image.

In this link https://hub.docker.com/ you can find many popular images among those of Linux ubuntu that will be the one we will work with.

After performing a correct docker installation, we open a terminal and type the following command.

$ sudo docker pull ubuntu

$ sudo docker run --name infosecaddicts -it ubuntu

Right now we have our ubuntu linux image running ready to do any kind of tests

We can install any tools such as nmap and use it without any problem.

In the following you can find many interesting images https://hub.docker.com/, I will list some interesting ones that we will be seeing further.

Docker Images for Penetration Testing & Security

docker pull kalilinux/kali-linux-docker official Kali Linux

docker pull owasp/zap2docker-stable – official OWASP ZAP

docker pull wpscanteam/wpscan – official WPScan

docker pull pandrew/metasploit – docker-metasploit

docker pull citizenstig/dvwa – Damn Vulnerable Web Application (DVWA)

docker pull wpscanteam/vulnerablewordpress – Vulnerable WordPress Installation

docker pull hmlio/vaas-cve-2014-6271 – Vulnerability as a service: Shellshock

docker pull hmlio/vaas-cve-2014-0160 – Vulnerability as a service: Heartbleed

docker pull opendns/security-ninjas – Security Ninjas

docker pull usertaken/archlinux-pentest-lxde – Arch Linux Penetration Tester

docker pull diogomonica/docker-bench-security – Docker Bench for Security

docker pull ismisepaul/securityshepherd – OWASP Security Shepherd

docker pull danmx/docker-owasp-webgoat – OWASP WebGoat Project docker image

docker-compose build && docker-compose up – OWASP NodeGoat

docker pull citizenstig/nowasp – OWASP Mutillidae II Web Pen-Test Practice Application

docker pull bkimminich/juice-shop – OWASP Juice Shop

 

Related courses:

Ultimate Hacklab Self Paced

[ihc-select-level]

References:

https://hub.docker.com/

https://docs.docker.com/install/linux/docker-ce/ubuntu/

https://docs.docker.com/docker-for-windows/install/

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.