diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..b323d5e --- /dev/null +++ b/Dockerfile @@ -0,0 +1,33 @@ +FROM kalilinux/kali-rolling:latest +LABEL maintainer="Artis3n" +ENV TERM=xterm + +RUN apt-get update \ + && apt-get install -y --no-install-recommends systemd seclists \ + python3 python3-pip python3-wheel python3-setuptools \ + git curl less vim metasploit-framework nmap ssh-client \ + manpages file zip john hydra lsof exploitdb awscli \ + # autorecon dependencies + samba gobuster nikto whatweb onesixtyone oscanner enum4linux smbclient \ + proxychains4 smbmap smtp-user-enum snmpcheck sslscan tnscmd10g \ + # Has to run after systemd is installed + # Needed for msfdb init + && apt-get install -y --no-install-recommends systemctl \ + # Slim down container size + && apt-get autoremove -y \ + && apt-get autoclean -y \ + # Remove apt-get cache from the layer to reduce container size + && rm -rf /var/lib/apt/lists/* + +RUN mkdir /tools \ + # Install and configure AutoRecon + && git clone --depth 1 https://github.com/Tib3rius/AutoRecon.git /tools/AutoRecon \ + && cd /tools/AutoRecon && pip3 install -r requirements.txt \ + && ln -s /tools/AutoRecon/autorecon.py /usr/local/bin/autorecon + +RUN service postgresql start && msfdb init + +# Need to start postgresql any time the container comes up +# systemctl enable postgresql doesn't seem to take effect +# I blame systemd, but this works at least +CMD service postgresql start && /bin/bash diff --git a/README.md b/README.md new file mode 100644 index 0000000..9b40b82 --- /dev/null +++ b/README.md @@ -0,0 +1,87 @@ +# kali-artis3n + +A kalilinux/kali-rolling container with extra juice. + +[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/artis3n/kali-artis3n/Docker%20Image%20CI)](https://github.com/artis3n/kali-artis3n/actions) +![GitHub](https://img.shields.io/github/license/artis3n/kali-artis3n) +[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/artis3n/kali-artis3n)](https://github.com/artis3n/kali-artis3n/releases) +[![GitHub followers](https://img.shields.io/github/followers/artis3n?style=social)](https://github.com/artis3n/) +[![Twitter Follow](https://img.shields.io/twitter/follow/artis3n?style=social)](https://twitter.com/Artis3n) + +The [kalilinux/kali-rolling](https://www.kali.org/docs/containers/official-kalilinux-docker-images/) container comes with few pre-installed services. It is meant to be lightweight and clocks in around 118 MB. This container is around 1.9 GB. It installs and pre-configures a number of frequently uses Kali tools. It is meant to allow you to get up and running with a Kali environment on an ephemeral host. Don't spend time configuring and tweaking - pull, run, execute, pwn. + +A premium is placed on keeping this image as small as is reasonable given its intended purpose. For example, `searchploit` is installed in this image but `searchsploit -u` is not run to install exploitdb-papers because this increases the image size to 7.9 GB - a 6GB increase. Efficiency of the build image is checked with [dive](https://github.com/wagoodman/dive): + +![Dive image efficiency](resources/dive-efficiency.png) + +Last checked: 2020-03-04 + +## Usage + +Download the image: + +```bash +docker pull artis3n/kali:latest +# or +docker pull docker.pkg.github.com/artis3n/kali-artis3n/kali:latest +``` + +Run the container: + +```bash +docker run --name kali -it --rm artis3n/kali:latest +# Or detach the container and run commands through it +docker run --name kali -id --rm artis3n/kali:latest +docker exec -t kali nmap -p- 127.0.0.1 +``` + +![Docker Exec](/resources/docker-exec.png) + +![Docker Exec AutoRecon](/resources/docker-exec-autorecon.png) + +Get a terminal for the backgrounded container: + +```bash +docker exec -it kali /bin/bash +``` + +![Docker TTY](/resources/docker-tty.png) + +Remove the backgrounded container: + +```bash +docker stop kali +``` + +![Docker Stop](resources/docker-stop.png) + +## Configured tools + +- Metasploit / Meterpreter + - PostgreSQL 12 +- [AutoRecon](https://github.com/Tib3rius/AutoRecon) + - curl + - enum4linux + - gobuster + - nbtscan + - nikto + - nmap + - onesixtyone + - oscanner + - smbclient + - smbmap + - smtp-user-enum + - snmpwalk + - sslscan + - svwar + - tnscmd10g + - whatweb + - wkhtmltoimage +- Proxychains4 ([proxychains-ng](https://github.com/rofl0r/proxychains-ng)) +- Searchsploit ([ExploitDB](https://www.exploit-db.com/searchsploit)) + +## Contributions + +Missing a tool you would like pre-configured? File a ticket and I will add it. A pull request is also welcome. + +For any new tools, you must add validation tests to `.github/workflows/ci.yml`. Use the existing tests as a baseline. These tests ensure the tools are installed and pre-configured correctly. diff --git a/resources/dive-efficiency.png b/resources/dive-efficiency.png new file mode 100644 index 0000000..af59774 Binary files /dev/null and b/resources/dive-efficiency.png differ diff --git a/resources/docker-exec-autorecon.png b/resources/docker-exec-autorecon.png new file mode 100644 index 0000000..a38d917 Binary files /dev/null and b/resources/docker-exec-autorecon.png differ diff --git a/resources/docker-exec.png b/resources/docker-exec.png new file mode 100644 index 0000000..b2fca66 Binary files /dev/null and b/resources/docker-exec.png differ diff --git a/resources/docker-stop.png b/resources/docker-stop.png new file mode 100644 index 0000000..374154d Binary files /dev/null and b/resources/docker-stop.png differ diff --git a/resources/docker-tty.png b/resources/docker-tty.png new file mode 100644 index 0000000..9fbea93 Binary files /dev/null and b/resources/docker-tty.png differ