Posted on by willc

Kali Linux Dockerfile

Since recently discovering there is now an official Kali Linux docker image, I’ve been fiddling with it and tweaking my own setup to get it to how I like it for the things I use it for. I have a work version and a personal version. What follows is my personal version, used mostly for R&D, CTF challenges, and bug hunting in my free time.

My Kali Dockerfile (for Mac)

# The Kali linux base imageFROM kalilinux/kali-linux-docker# Update all the things, then install my personal favesRUN apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y && apt-get install -y \ cadaver \ dirb \ exploitdb \ exploitdb-bin-sploits \ git \ gdb \ gobuster \ hashcat \ hydra \ man-db \ medusa \ minicom \ nasm \ nikto \ nmap \ sqlmap \ sslscan \ webshells \ wpscan \ wordlists # Create known_hosts for git cloning things I wantRUN mkdir /root/.sshRUN touch /root/.ssh/known_hosts# Add host keysRUN ssh-keyscan bitbucket.org >> /root/.ssh/known_hostsRUN ssh-keyscan github.com >> /root/.ssh/known_hosts# Clone git reposRUN git clone https://github.com/danielmiessler/SecLists.git /opt/seclistsRUN git clone https://github.com/PowerShellMafia/PowerSploit.git /opt/powersploitRUN git clone https://github.com/hashcat/hashcat /opt/hashcatRUN git clone https://github.com/rebootuser/LinEnum /opt/linenumRUN git clone https://github.com/maurosoria/dirsearch /opt/dirsearchRUN git clone https://github.com/sdushantha/sherlock.git /opt/sherlock# Other installs of things I needRUN apt-get install -y \    python-pipRUN pip install pwntools# Update ENVENV PATH=$PATH:/opt/powersploitENV PATH=$PATH:/opt/hashcatENV PATH=$PATH:/opt/dirsearchENV PATH=$PATH:/opt/sherlock# Set entrypoint and working directory (Mac specific)WORKDIR /Users/wchatham/kali/# Expose ports 80 and 443EXPOSE 80/tcp 443/tcp

Build it

docker build -t yourname/imagename path/to/theDockerfile

(don’t actually put ‘Dockerfile’ in the path). Do change ‘imagename’ to something apropos, such as ‘kali’

Run it

docker run -ti -p 80:80 -p 443:443 -v /Users/yourname/Desktop:/root yourname/imagename

The above examples require you to replace ‘yourname’ with your Mac username

-ti
Indicates that we want a tty and to keep STDIN open for interactive processes

-p
Expose the listed ports

-v
Mount the defined folders to be shared from host to docker.

Hope that’s useful to someone!

Hat tip: https://www.pentestpartners.com/security-blog/docker-for-hackers-a-pen-testers-guide/

Leave a Reply

Your email address will not be published. Required fields are marked *

clicky