This is my Kali Linux setup for Bug Bounty and CTFs.
I used to use a VM with Vagrant, you can find it in the vagrant branch. I've moved to Docker because I've always found myself using Kali via SSH, so I figured I could switch and only use graphical tools on my machine.
There are two versions:
- A small base image that I use daily, mainly for web testing
- A CTF image that extends the base image, adding tools for things like steganography and forensics
You can always pull the latest build from Docker Hub with:
$ docker pull samirettali/kali
Or if you want the CTF version:
$ docker pull samirettali/kali:ctf
Run it:
$ docker run --rm -it kali
If you prefer, you can clone the repository and build the image yourself.
When you start a container for the first time you will be prompted if you want to download some wordlists and install my dotfiles, I did it so that I don't have to do it manually each time I update the container and so that if someone else wants to use it he can use it without having my configurations installed.
I have a function in my shell config called kali that handles the container execution:
- If there's a stopped instance it starts it and connects to it
- If there's a running instance it connects to it
- If there's no instance it creates one
if [[ $(docker container inspect -f '{{.State.Status}}' kali) == 'exited' ]]; then
docker start -a kali
elif [[ $(docker container inspect -f '{{.State.Status}}' kali) == 'running' ]]; then
docker exec -it kali ./entrypoint.sh
elif [[ -z $(docker ps --filter 'name=kali' --format '{{.Names}}') ]]; then
docker run -it --name kali samirettali/kali
else
echo "Container is probably starting, wait..."
fiThis way I don't have to think about the state of the container and which command to run. Also, you probably want to map some ports and mount some folders to be able to easily move files.
There are some graphical tools that I use on my machine:
- Burp suite: needs no introduction
- Wireshark: same as above
- GraphQL Playground: Testing GraphQL APIs
- Audacity: Audio and signal analysis
- Hex fiend: MacOS hex editor
- Beyond compare: really powerful file comparison
- Recaf: Java bytecode editor
- Sonic visualizer: Visualize and analyse audio
- FLDigi: Signal decoding
[ ] Clean out repos.sh and merge it with download-wordlists.sh