feat: build for release

CODE_OF_CONDUCT.md

@@ -0,0 +1,76 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, sex characteristics, gender identity and expression,
+level of experience, education, socio-economic status, nationality, personal
+appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+ advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+ address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+ professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at dev@artis3nal.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see
+https://www.contributor-covenant.org/faq

Dockerfile

@@ -0,0 +1,54 @@
+FROM kalilinux/kali-rolling:latest AS base
+LABEL maintainer="Artis3n <dev@artis3nal.com>"
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends amass awscli curl \
+    dotdotpwn file finger git hydra impacket-scripts john less locate \
+    lsof man-db netcat nmap python3 python3-pip python3-setuptools \
+    python3-wheel socat ssh-client sslyze sqlmap tmux vim zip \
+    # autorecon dependencies
+    enum4linux gobuster nikto onesixtyone oscanner proxychains4 samba \
+    smbclient smbmap smtp-user-enum snmpcheck sslscan tnscmd10g whatweb \
+    # Slim down layer size
+    && apt-get autoremove -y \
+    && apt-get autoclean -y \
+    # Remove apt-get cache from the layer to reduce container size
+    && rm -rf /var/lib/apt/lists/*
+
+# Second set of installs to slim the layers a bit
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends \
+    exploitdb metasploit-framework \
+    # Slim down layer size
+    && apt-get autoremove -y \
+    && apt-get autoclean -y \
+    # Remove apt-get cache from the layer to reduce container size
+    && rm -rf /var/lib/apt/lists*
+
+# Install and configure AutoRecon
+RUN mkdir /tools \
+    && git clone --depth 1 https://github.com/Tib3rius/AutoRecon.git /tools/AutoRecon \
+    && cd /tools/AutoRecon \
+    && pip3 install -r requirements.txt \
+    && ln -s /tools/AutoRecon/src/autorecon/autorecon.py /usr/local/bin/autorecon
+
+ENV TERM=xterm-256color
+
+ENTRYPOINT ["/bin/bash"]
+
+FROM base AS wordlists
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+# Install Seclists
+RUN mkdir -p /usr/share/seclists \
+    # The apt-get install seclists command isn't installing the wordlists, so clone the repo.
+    && git clone --depth 1 https://github.com/danielmiessler/SecLists.git /usr/share/seclists
+
+# Prepare rockyou wordlist
+RUN mkdir -p /usr/share/wordlists \
+    && cp /usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt.tar.gz /usr/share/wordlists/ \
+    && cd /usr/share/wordlists \
+    && tar -xzf rockyou.txt.tar.gz

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 Ari Kalfus
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

Makefile

@@ -0,0 +1,39 @@
+#!/usr/bin/make
+SHELL=/bin/bash
+
+.PHONY: all
+all: install build
+
+.PHONY: install
+install:
+	if [ ! -f /usr/local/bin/dive ]; then scripts/install-dive.sh; else echo "Dive installed, taking no action"; fi;
+
+.PHONY: size-base
+size-base:
+	dive build --target base -t test/kali:base .
+
+.PHONY: size-wordlists
+size-wordlists:
+	dive build --target wordlists -t test/kali:wordlists .
+
+.PHONY: size
+size:
+	dive build -t test/kali:latest .
+
+.PHONY: build
+build: build-all
+
+.PHONY: build-all
+build-all: base wordlists latest
+
+.PHONY: base
+base:
+	docker build --target base -t test/kali:base .
+
+.PHONY: wordlists
+full:
+	docker build --target wordlists -t test/kali:wordlists .
+
+.PHONY: latest
+latest:
+	docker build --target wordlists -t test/kali .

README.md

@@ -0,0 +1,156 @@
+# artis3n/kali
+
+A kalilinux/kali-rolling container with extra juice.
+
+[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/artis3n/kali-artis3n/Docker%20Image%20CI)](https://github.com/artis3n/kali-artis3n/actions)
+[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/artis3n/kali-artis3n)](https://github.com/artis3n/kali-artis3n/releases)
+[![Docker Pulls](https://img.shields.io/docker/pulls/artis3n/kali)](https://hub.docker.com/r/artis3n/kali)
+![GitHub last commit](https://img.shields.io/github/last-commit/artis3n/kali-artis3n)
+![GitHub](https://img.shields.io/github/license/artis3n/kali-artis3n)
+[![GitHub followers](https://img.shields.io/github/followers/artis3n?style=social)](https://github.com/artis3n/)
+[![Twitter Follow](https://img.shields.io/twitter/follow/artis3n?style=social)](https://twitter.com/Artis3n)
+
+The [kalilinux/kali-rolling](https://www.kali.org/docs/containers/official-kalilinux-docker-images/) container comes with no pre-installed services.
+It is meant to be lightweight and clocks in around 118 MB.
+You must configure every service and tool you need from that base image.
+
+This container, uncompressed, is around 4.1 GB (or 2.2 GB without wordlists).
+It installs and pre-configures a number of frequently uses Kali tools.
+It is meant to allow you to quickly get up and running with a Kali environment on an ephemeral host.
+Don't spend time configuring and tweaking - pull, run, execute, pwn.
+
+## Wordlists
+
+A premium is placed on keeping this image as small as is reasonable given its intended purpose.
+For example, `searchploit` is installed in this image but `exploitdb-papers` is not installed because this increases the image size by 6GB.
+
+Seclists and Rockyou are pre-installed by default in the `latest` and semver tags, e.g. `1`, `1.2`, `1.2.0`. This increases the image size by 1.5 GB. Therefore, if you do not need wordlists, you can use the `<tagname>-no-wordlists` tag. For example:
+
+```bash
+docker pull artis3n/kali:latest-no-wordlists
+```
+
+Currently, only `latest` is built without wordlists, as `latest-no-wordlists`. The semver tags (e.g. `1`, `1.2`, `1.2.0`) are built with wordlists.
+
+## Image efficiency (Dive)
+
+![Docker Image Size (tag)](https://img.shields.io/docker/image-size/artis3n/kali/latest?label=Full%20image%2C%20compressed)
+![Docker Image Size (tag)](https://img.shields.io/docker/image-size/artis3n/kali/latest-no-wordlists?label=No%20wordlists%2C%20compressed)
+
+Efficiency of the build image is checked with [dive](https://github.com/wagoodman/dive):
+
+| Image condition | Image Size |
+| --- | --- |
+| With wordlists | ![Dive image with wordlists efficiency](resources/dive-efficiency-wordlists.png) |
+| Without wordlists | ![Dive image without wordlists efficiency](resources/dive-efficiency-base.png) |
+
+<small>Last checked: 2020-08-16</small>
+
+The container is not meant for a persistent attacker environment.
+The intention is for a quick environment to run attacks and document the results outside of the container.
+The container does not expect a mounted volume for persistent storage - although, like any container, storage inside the container will remain until you `docker rm` and you may set up volumes as you prefer.
+
+## Usage
+
+Download the image:
+
+- [Docker Hub](https://hub.docker.com/r/artis3n/kali)
+- [GitHub Packages](https://github.com/artis3n/kali-artis3n/packages/143757)
+
+```bash
+docker pull artis3n/kali:latest
+docker pull artis3n/kali:latest-no-wordlists
+# or
+docker pull docker.pkg.github.com/artis3n/kali-artis3n/kali:latest
+docker pull docker.pkg.github.com/artis3n/kali-artis3n/kali:latest-no-wordlists
+```
+
+Run the container:
+
+```bash
+docker run --name kali -it --rm artis3n/kali:latest
+# Or detach the container and run commands through it
+docker run --name kali -id artis3n/kali:latest
+docker exec -t kali nmap -p- 127.0.0.1
+```
+
+**Suggested**: Alias a command to the container, run commands through the container from your terminal with ease:
+
+```bash
+alias kali="docker exec -it kali"
+kali sqlmap -u ...
+```
+
+![Docker Exec](/resources/docker-exec.png)
+
+![Docker Exec AutoRecon](/resources/docker-exec-autorecon.png)
+
+Get a terminal if you backgrounded the container:
+
+```bash
+docker exec -it kali /bin/bash
+```
+
+![Docker TTY](/resources/docker-tty.png)
+
+Stop the backgrounded container, turn it back on whenever you need to run a command:
+
+```bash
+docker stop kali
+docker start kali
+```
+
+Kill the backgrounded container:
+
+```bash
+docker stop kali && docker rm kali
+```
+
+## Configured tools
+
+- Amass
+- [AutoRecon](https://github.com/Tib3rius/AutoRecon)
+  - curl
+  - enum4linux
+  - **gobuster**
+  - nbtscan
+  - **nikto**
+  - **nmap**
+  - onesixtyone
+  - oscanner
+  - smbclient
+  - smbmap
+  - smtp-user-enum
+  - snmpwalk
+  - sslscan
+  - svwar
+  - tnscmd10g
+  - whatweb
+  - wkhtmltoimage
+- DotDotPwn
+- Hydra
+- [Impacket](https://github.com/SecureAuthCorp/impacket) scripts
+- JohnTheRipper (jumbo)
+- Metasploit / Meterpreter
+  - PostgreSQL 12
+- Netcat
+- Proxychains4 ([proxychains-ng](https://github.com/rofl0r/proxychains-ng))
+- Rockyou wordlist (/usr/share/wordlists/rockyou.txt)
+  - `wordlists` / `latest` image only
+- Searchsploit ([ExploitDB](https://www.exploit-db.com/searchsploit))
+- Seclists wordlist (/usr/share/seclists)
+  - `wordlists` / `latest` image only
+- SSLyze
+- SQLMap
+
+## Contributions
+
+Missing a tool you would like pre-configured? File a ticket and I will add it.
+A pull request is also welcome.
+
+For any new tools, you must add validation tests to `.github/workflows/ci.yml`. Use the existing tests as a baseline.
+These tests ensure the tools are installed and pre-configured correctly.
+
+### Recognition
+
+Thanks [Anit Gandhi](https://github.com/anitgandhi) for help optimizing the Dockerfile and build images.

scripts/install-dive.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+set -e
+
+wget https://github.com/wagoodman/dive/releases/download/v0.9.2/dive_0.9.2_linux_amd64.deb
+sudo apt install ./dive_0.9.2_linux_amd64.deb
+rm dive*.deb