___ _ _ ___ / __|| | | | _ \ | (__ |_ _|| _/ \___| |_| |_|
Get started | Usage | Usage Examples | Why? | How does it work? | DockerHub | Roadmap
- Clone this repository
git clone https://github.com/TheArqsz/containers4pentesters- Run
c4p.sh
./c4p.sh If you want to install specific tool, run:
./c4p.sh --tool nmap- Open new shell and enjoy your newly installed tool
nmap --helpUsage: ./c4p.sh -t tool...
Install common pentester tools in containers as if they were native
Optional arguments:
-t, --tool Tool to be installed (default: all)
-f, --force Force install tool
-l, --list List available tools
--config Specify c4p config file to be used as a source for the shell
-r, --run-raw Run specific tool without installing it in shell
--run-raw-options Options to be passed to raw tool
-i, --install-globally Install given tool globally (defaults to: /usr/local/bin)
--install-glob-path Path for tool to be installed in (default: /usr/local/bin)
--log-level Level of logging (0 to 4, default: 3)
--log-file File to send logs to
--only-log-file Send logs only to file
--fail Exit script on error
-v, --verbose Set verbose mode- List all available tools
./c4p.sh --list- Install specific tool
./c4p.sh --tool nmap- Force reinstall of all tools
./c4p.sh --force- Force reinstall specific tool
./c4p.sh --force --tool nmap- Show debugging logs
./c4p.sh --tool nmap --log-level 4- Send logs only to file
./c4p.sh --tool nmap --log-level 4 --only-log-file...and many more to come
- Linux
- Docker (or other containerization daemon compatible with OCI)
Nowadays, installation of Docker is really simple so there is no point at explaining it. Just install it accordingly to your distribution's manuals and follow instructions at Get Started.
The most important question of all - why. Why? Because why not! I myself work as a penetration tester on various environments and ecosystems, switch from VM to VM and don't want to waste my time on installation of tools. As a container-geek I asked myself - why not containerize it? The purpose of this project is not to replace native tools that can be sometimes installed easier than this, but rather to make your live simpler when you are really bored and just want to have an environment ready to hack. I personally find this project really useful when I try to automate my work and doesn't really want to spend time installing tool every time I want to redo my environment (which is often).
This project takes advantage of versatility of containers. When tool is installed, entry is created in config file (~/.c4p_config by default), e.g.:
gobuster() {
/home/user/containers4pentesters/lib/run.sh gobuster "$@"
}This configuration file is sourced in ~/.bashrc so functions can be accessed from the shell.
When new shell is spawned, tool function is available from within it:
$ gobuster --help
Usage:
gobuster [command]
...So basically, tool method is just a wrapper for a run.sh script that controls containers. All of arguments are passed to a function so user can think, that this particular tool is installed natively in the system.
Tools are stored in the tools directory - each tool in a seperate folder. There, two mandatory files are present:
Dockerfiles specify how the tools are built, and test.sh makes sure that given tool is correctly installed and works as intended. What is needed, is just an output of a known command and a pattern that is expected to be returned by this command - example for sqlmap:
command_output=$(bash $LIB_PATH/run.sh $CURRENT_TOOL --help)
pattern="Usage: python sqlmap.py"This is passed to a global test.sh script that validates the arguments and verifies that output of a command is correct. As simple as that.
Optional is pre-run.sh which executes scripts before the tool is started. E.g. DOCKER_OPTIONS environmental variable can be set, to add additional options to docker run command (such as --privileged etc.).
Installation may take a while, because tools are installed from the source.
You can install c4p containers globally as a script. There are two flags to be considered here:
-i/--install-globally--install-glob-path(optional)
If you use -i you have to remember to pass it as a sudo user (or just privileged one). By default, tool will be installed to /usr/local/bin but you can change this behaviour with --install-glob-path.
$ ./c4p.sh -t sqlmap -i -f
___ _ _ ___
/ __|| | | | _ \
| (__ |_ _|| _/
\___| |_| |_|
[INFO] Tool sqlmap is not installed or is forced to be reinstalled - installing
[ERROR] Tool sqlmap cannot be installed globally without root access - run as sudo or root$ sudo ./c4p.sh -t sqlmap -i -f
___ _ _ ___
/ __|| | | | _ \
| (__ |_ _|| _/
\___| |_| |_|
[INFO] Tool sqlmap is not installed or is forced to be reinstalled - installing
[...]
[INFO] Tool sqlmap successfully installed.
$ /usr/local/bin/sqlmap --version
1.6.6#stable
$ sqlmap --version
1.6.6#stable$ sudo ./c4p.sh -t sqlmap -i -f --install-glob-path /tmp
___ _ _ ___
/ __|| | | | _ \
| (__ |_ _|| _/
\___| |_| |_|
[INFO] Tool sqlmap is not installed or is forced to be reinstalled - installing
[...]
[INFO] Tool sqlmap successfully installed.
$ /tmp/sqlmap --version
1.6.6#stableIf you want, you can access all of the implemented here tools via individual Docker images, hosted in Dockerhub. Just head over to the /u/containers4pentesters and pull whatever you like.
There a couple of ideas to be implemented, e.g.:
integration with other shells thanbash(e.g.zsh)- increased speed
whole host system accessible for a tool inside of the container(A workaround is implement to make the HOME and working directory accessible for a tool)- Better logo than an ASCII text
I am developing this project in my spare time so there is no fixed schedule. If you have any request for a tool or bug report, create an Issue and describe it as precisely as possible. I will try to refer to it as soon as possible.
If you have an idea, and you created a tool, remember to:
- follow the template, as described in How does it work?,
- make sure you don't brake other functionalities,
- make sure that PR tests are passing
Code released under the Apache 2.0 license.