• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
iGuRu

iGuRu

Real-time Technology News. Opinions & Tweaks

  • / news
  • / tools
  • / tweaks
  • / dummies
  • / opinions
  • / support
  • / yourpost
home / tools / Docker for pentest: Environment for pentest easily and quickly

Docker for pentest: Environment for pentest easily and quickly

13/07/2020 14:16 by Anastasis Vasileiadis

Docker for pentest is an image with the most used tools to create a pentest (penetration testing) environment easily and quickly.

banner 1 - Docker for pentest: Environment for pentest easily and quickly

Character

  • Installed OS, networking, development and pentest tools.
  • Connect to HTB (Hack the Box) vpn for access to HTB machines.
  • Popular wordlists installed: SecLists, dirb, dirbuster, fuzzdb, wfuzz and rockyou.
  • Proxy service for sending traffic from any browser and burp suite.
  • Installed on your local drive.
  • Installed database.
  • Tool for breaking passwords.
  • Linux enumeration tools installed.
  • Tools installed on tracking services that work.
  • Tools installed in the fuzzing directory.
  • Monitor linux processes without root privileges
  • Zsh shell installation.

Installed tools

Operative system tools

  •  rdate
  • vim
  • zsh
  • oh-my-zsh
  • locate
  • cifs-utils
  • htop
  • gotop

Network tools

  • traceroute
  • telnet
  • net-tools
  • iputils-ping
  • Tcpdump
  • openvpn
  • whois
  • host
  • prips
  • dig

Developer tools

  • git
  • curl
  • wget
  • ruby
  • go
  • python
  • python-pip
  • python3
  • python3-pip
  • php
  • aws-cli
  • tojson
  • nodejs

? Pentest tools

Port scanning

  • Nmap
  • masscan
  • ScanPorts created by @ s4vitar with some improvements

? Recon

  • Subdomains
    • Amass
    • GoBuster
    • Knock
    • MassDNS
    • Altdns
    • spyse
    • Sublist3r
    • findomain
    • subfinder
    • spiderfoot
    • haktldextract
  • Subdomain takeover
    • subjack
    • SubOver
    • tko-subs
  • DNS Lookups
    • hakrevdns
  • ? Screenshot
    • gowitness
    • aquatone
  • ? ️ crawler
    • hakrawler
    • Photon
    • gospider
    • left
    • otxurls
    • waybackurls
  • ? Search directories
    • dirsearch
  • Fuzzer
    • wfuzz
    • ffuf
  • Web Scanning
    • whatweb
    • wafw00z
    • no one
    • arjun
    • httprobe
    • striker
    • hakcheckurl
  • CMS
    • wpscan
    • joomscan
    • droopescan
    • cmseek
  • Search JS
    • LinkFinder
    • getJS
    • subjs

Wordlist

  • cewl
  • wordlists:
    • wfuzz
    • SecList
    • Fuzzdb
    • Dirbuster
    • Dirb
    • Rockyou
    • all.txt
  • crunch

Git repositories

  • gitleaks
  • gitrob
  • gitGraber
  • github-search
  • GitTools

OWASP

  • sqlmap
  • XSStrike
  • kxss
  • dalfox

Brute force

  • crowbar
  • Hydra
  • patter
  • jellyfish

cracking

  • hashid
  • john the ripper
  • hashcat

OS Enumeration

  • htbenum
  • linux-smart-enumeration
  • linen
  • enum4linux
  • ldapdomaindump
  • PEASS - Privilege Escalation Awesome Scripts SUITE
  • Windows Exploit Suggester - Next Generation
  • smbmap
  • pspy - unprivileged Linux process snooping
  • smbclient
  • ftp

exploits

  • searchsploit
  • Metasploit
  • MS17-010
  • AutoBlue-MS17-010
  • PrivExchange

Windows

  • evil-winrm
  • impacket
  • CrackMapExec
  • Nishang
  • Juicy Potato
  • PowerSploit
  • pass-the-hash
  • mimikatz
  • gpp-decrypt

Reverse shell

  • untroubled
  • rlwrap

Other resources

  • pentest-tools from @ gwen001
  • qsreplace from @tomnomnom

Custom functions

  • NmapExtractPorts from @ s4vitar

Other services

  • apache2
  • squid

Information on installing and using the program, you will find here.

Docker for pentest: Environment for pentest easily and quickly was last modified: 13 July, 2020, 2: 17 mm by Anastasis Vasileiadis

spread the news

  • Facebook
  • Twitter
  • Reddit
  • Printing
  • Email

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News


Competition: toolstag: Docker for pentest

You May Also Like

jSQL Injection: Automatic SQL database injection with Java
ATMMalScan: Find malware on ATMs
Protect yourself online
Garud: Discover subdomains automatically

About Us Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Previous Post: « ESET The 5 most important lessons that quarantine taught us
Next Post: Linuxfx is Linux that looks exactly like Windows 10 »

Reader Interactions

Comment Policy:

IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators


Leave your comment
Ακύρωση απάντησης

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *

 

 © 2021 · iGuRu.gr · ☢ · Keep It Simple Stupid Genesis theme

about  ·   get in touch  ·  rss  ·  sitemap  ·  cough

loading Cancel
Could not post post - check your email address!
Email verification failed, please try again
Your blog can not post posts via email.