Kali Linux and Docker - OrestisPrg/bsc_project GitHub Wiki

OS

Kali Linux

Debian-derived Linux distribution designed for digital forensics and penetration testing. It comes with a large number of preinstalled penetration-testing programs, including:

  • Armitage (a graphical cyber attack management tool)
  • Nmap (a port scanner)
  • Wireshark (a packet analyzer)
  • John the Ripper password cracker
  • Aircrack-ng (a software suite for penetration-testing wireless LANs)
  • Burp suite
  • OWASP ZAP web application security scanners

Kali is a supported platform of the Metasploit Framework.

Containers (Docker)

  • The VM is a hardware abstraction: it takes physical CPUs and RAM from a host, and divides and shares it across several smaller virtual machines. There is an OS and application running inside the VM, but the virtualization software usually has no real knowledge of that.
  • A container is an application abstraction: the focus is really on the OS and the application, and not so much the hardware abstraction. Many customers actually use both VMs and containers today in their environments and, in fact, may run containers inside of VMs.

1.1 Docker Images

docker image pull [name]
The pull command fetches the image from the Docker registry and saves it in our system. In this case the registry is Docker Store. (You can change the registry)

  • docker image ls list of all images on your system.

  • docker container run alpine ls -l When you call run, the Docker client finds the image (alpine in this case), creates the container and then runs a command in that container. When you run docker container run alpine, you provided a command (ls -l), so Docker executed this command inside the container for which you saw the directory listing. After the ls command finished, the container shut down.

Docker over VMs

docker container run alpine echo "hello from alpine"

In this case, the Docker client dutifully ran the echo command inside our alpine container and then exited. If you noticed, all of that happened pretty quickly and again our container exited. As you will see in a few more steps, the echo command ran in a separate container instance. Imagine booting up a virtual machine (VM), running a command and then killing it; it would take a minute or two just to boot the VM before running the command. A VM has to emulate a full hardware stack, boot an operating system, and then launch your app - itโ€™s a virtualized hardware environment. Docker containers function at the application layer so they skip most of the steps VMs require and just run what is required for the app. Now you know why they say containers are fast!

  • docker container run -it alpine /bin/sh flag to run the container in an interactive terminal