Docker for Pentesters
Container virtualization with docker
Long time it did not make sense to me to use docker. There are many cases when it adds more complexity than benefits. However, you might need docker daemon and run images (containers) when:
You want to deploy Kali Linux as docker image, for example, to be close to a cloud infrastructure.
You need an isolated software with all its dependencies, It's faster to run an existing docker image.
You need to restore software to its original state quickly and securely (safe money, reduce SLAs)
Kali Linux with Docker Daemon
Install Docker
There is already a package named "docker", the correct package you want to install is "docker.io".
Kali Image from DockerHub
Kali linux can be deployed as a docker image - https://hub.docker.com/r/kalilinux/kali-rolling
Start process inside running container
Start container
https://medium.com/@airman604/kali-linux-in-a-docker-container-5a06311624eb
Start container with entrypoint - WFUZZ Example
Mount Shared Storage
Inside Kali container - Install basic tools
Create new image - Commit
Commit the container to transform changes into a new image
Start container with data persistence
Configure data persistence for two directories before you start container
Docker Logs
Docker Pentesting Methodology
Azure Container Registry (ACR)
The docker container registry is a docker image repository. You can push or pull images based on tags in organized way.
Getting Started with the Azure Container Registry (video)
Docker login into
If you have installed docker locally or you have docker CLI toolset, you can interact with a local or remote docker container repository
Docker REST APIs
There are more REST APIs available for docker
remote control API which servers as REST API for docker daemon control
repository REST API which controls basic docker registry operation
Repository REST API
Last updated