This is a somewhat customised set of Docker images of Kali Linux, for both platforms amd64 (Docker Desktop on Windows, cloud, etc.) and arm64 (Raspberry Pi, Apple Silicon Mac, etc.), and two flavors, kali-rolling (kali is the same image) and kali-bleeding-edge. Out-of-the-box tools for all needs!
-
upstreamthe base image built with the Phusion's base image project modifications -
baseImage with basic tools, TOR, and kalitorify (forked from the upstream repo to add Dockerfile and pull requests)nanolynxtormakeiptableskali-linux-wsl
-
desktopBase desktop (XFCE) without further tools. Includes Firefoxkali-desktop-xfcexrdpdbus-x11
-
latesttop10desktop-top10Most used set of tools on top of Desktop imagekali-linux-top10maltego(not installed by default inkali-tools-top10but installed by default here)
-
headlessTools that dont require graphical environment (large) -
labsexploitablevulnerableIntentionally vulnerable web applications: Damn Vulnerable Web Application and OWASP Juice Shopkali-linux-labsdvwajuice-shop
-
nethunterThe Kali Linux NetHunter system -
toolsThekali-tools-*packages on top of Desktop Top 10 (latest) imagekali-tools-crypto-stegokali-tools-databasekali-tools-detectkali-tools-exploitationkali-tools-forensicskali-tools-fuzzingkali-tools-gpukali-tools-hardwarekali-tools-identifykali-tools-information-gatheringkali-tools-passwordskali-tools-post-exploitationkali-tools-protectkali-tools-reportingkali-tools-respondkali-tools-reverse-engineeringkali-tools-reverse-engineeringkali-tools-sniffing-spoofingkali-tools-social-engineeringkali-tools-voipkali-tools-vulnerabilitykali-tools-webkali-tools-windows-resourceskali-tools-wireless
-
Just download
docker-compose.yml, place at an empty directory, and rundocker-compose up -d. This will start thelatestandlabscontainers (if you use Windows, be sure to replace the incoming port to 13389 do avoid conflicts with the local Remote Desktop port). -
Access the shell:
docker exec -it --user kali desktop bash(omit--user kalito acces as root). -
Connect to the desktop environment using your Remote Desktop client. Available users are
rootandkali(password iskalifor both). You may use therootusername when running GUI apps that require root permissions. -
Inside the Desktop environment, browse the vulnerble webapps at the Vulnerable container:
- http://vulnerable:42000 OWASP Juice Shop.
- http://vulnerable:42001 Damn Vulnerable Web Application.
Or use the tools available to attemp to exploit those web apps.
Note: Due to limitations related to file permissions on mounted volumes on rootless Podman, you need to connect to the instance (via console or RDP) using the root account.
The image depends on a Kali Linux base image built using the instructions on the Phusion's base image repo.
docker build --build-arg KALI_VER=<version> --build-arg TOOL=<tool> --target <target> -t amitie10g/kali-linux:<tag> .
Where build arg,
KALI_VERThe kali edition:rolling,bleeding-edge,last-releaseorexperimental(if unsure, chooserolling)TOOLOne of the packages starting withkali-tools---targetThe desired target:baseJust the base imagedesktopThe Desktop (XFCE, without tools) imagedesktop-top10The desktop experience plus the top 10 toolslabsThe vulnerable webappsheadlessThe cli-only toolsnethunterThe Kali Nethunter systemtoolThe target for build the desired tool
Edit the Dockerfile to fit your needs.
-
Q: Why you created this project
A: I'm preparing for diploma in cybersecurity, and as my hobby is create Docker containers, I created this as part of my tasks. As this will be useful for everyone, I'be compromised to maintain this project. -
Q: Why s6-overlay
A: Because this eases the process of bringing required services for tools (eg. Postgres for Metasploit). -
Q: Why XRDP instead o VNC?
A: a) most of the users uses Windows, and the Remote Desktop client is integrated, and runs seamlessly; and b) performance.
- Everything in this repository (excluding submodules) is released into the Public domain (the Unlicense)
- Kalitorify is licensed under the GNU General Public License v3.0
- The software built into the container images are subjected to their respective licenses terms