How to prepare and use Docker for web pentest by Júnior Carreiro - Pentestmag

How to prepare and use Docker for web pentest by Júnior Carreiro



Docker is the world's leading software containerization platform. Using Docker we can create different environments for each Pentest type. With the use of containers, you can save each environment on a USB stick or leave it in the cloud. For exemple, you can use the environment in the cloud or copy to any computer or laptop, regardless of distribution. You need only install Docker, if it is not installed.

Live CD x Containers

Already there are several distributions for PenTest, all in Live CD, but the LiveCD requires a greater effort; you have to create a flash drive or bootable CD or even create a VirtualBox installation, for example.

When we use containers the only thing we need to do is to install Docker, which is simple and easy and then we use the image created by putting it on a stick, in repository files or using the Docker HUB, saving time and providing portability.

What is Docker?

Docker is an open source technology that lets you create, run, test, and deploy distributed applications within software containers. Docker allows you to deploy applications quickly, reliably and stably in any environment.

Why use Docker?

Because the containers are portable, convenient and fast. With Docker, we can create an image and use it as the basis for each environment we create. For example, we download the basic container Kali Linux, which does not come with the tools installed. Let's see that from this basic container, can go installing the tools I need and then save with a new name, without the original container, to be, affected.

Thus being able, from the base image, create a container with tools for forensics, a container with tools to PenTest web, for example.

Tools for web PenTest

For our container, we use some familiar tools but for this article we will cover only tools used via the console.

  • W3af-console

  • SQLMap

  • Arachni

  • Nikto

  • Websploit

  • Nmap


The installation of Docker will depend largely on OS you are using, but nowadays we can find it using the official repository for the larger distributions.

For our article, I will use OpenSuse.

_0x4a0x72@pwned ~ sudo zypper se docker

S | Nome | Resumo | Tipo


| docker | The Linux container runtime | pacote

_0x4a0x72@pwned ~ sudo zypper in docker

Once installed, you must enable and start the service

_0x4a0x72@pwned ~ sudo systemctl enable docker

_0x4a0x72@pwned ~ sudo systemctl start docker

_0x4a0x72@pwned ~ sudo docker info

Containers: 0

Running: 0

Paused: 0

Stopped: 0

Images: 0

Server Version: 1.11.2

Storage Driver: btrfs

Build Version: Btrfs v4.5.3+20160516


Docker Root Dir: /var/lib/docker

Debug mode (client): false

Debug mode (server): false


WARNING: No swap limit support

Container installation

The staff of offsec, a Kali distributor, has an official image in HUB Docker and this further facilitates our task.

Using the command sudo docker search Kali, we list the images that are in Docker HUB, but let's take the first one, which is recommended by the staff of offsec

_0x4a0x72@pwned ~ sudo docker search kali


kalilinux/kali-linux-docker Kali Linux Rolling Distribution Base Image 193 [OK]

Let's do the pull image for our machine, This step depends on the internet connection.

_0x4a0x72@pwned ~ sudo docker pull kalilinux/kali-linux-docker

Using default tag: latest

latest: Pulling from kalilinux/kali-linux-docker

b2860afd831e: Pull complete

340395ad18db: Pull complete

d4ecedcfaa73: Pull complete

3f96326089c0: Pull complete

e5b4b7133863: Pull complete

Digest: sha256:0aa8342172aacbe79957f66e7029c1fb38e14765bf35eff30624f90cb813a56f

Status: Downloaded newer image for kalilinux/kali-linux-docker:latest

_0x4a0x72@pwned ~ sudo docker images


kalilinux/kali-linux-docker latest f321257d50f7 6 days ago 602.4 MB

To start the container, we can use the command:

_0x4a0x72@pwned ~ sudo docker run --name WebPentest -t -d kalilinux/kali-linux-docker

_0x4a0x72@pwned ~ sudo docker ps


a5fb073e53c8 kalilinux/kali-linux-docker "/bin/bash" 10 seconds ago Up 8 seconds WebPentest

Tools Installation

To perform the installation, we can make it out of the container, but I will show how to access the container and run like we're in a VM. The following command gives us access to the container shell.

_0x4a0x72@pwned ~ sudo docker exec -it WebPentest bash


After accessing the shell, we will update the container and install the tools that we use in our Web Penetration Test and install tools.

root@a5fb073e53c8:/# apt-get update

root@a5fb073e53c8:/# apt-get upgrade

root@a5fb073e53c8:/# apt-get install websploit w3af-console arachni nikto sqlmap websploit nmap

Once the installation is completed, you can execute commands normally inside the container.

root@a5fb073e53c8:/# nmap localhost

Starting Nmap 7.12 ( ) at 2016-06-30 09:09 UTC

Nmap scan report for localhost (

Host is up (0.000010s latency).

Other addresses for localhost (not scanned): ::1

All 1000 scanned ports on localhost ( are closed

Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds

Or run outside of container.

*Once you’ve completed those instructions you can disconnect, or detach, from the shell without exiting by using the escape sequence Ctrl-p + Ctrl-q

_0x4a0x72@pwned ~ sudo docker exec -it WebPentest nikto

- Nikto v2.1.6


+ ERROR: No host specified

-config+ Use this config file


+ requires a value

Note: This is the short help output. Use -H for full help text.

To save the changes made and save the image, use the commit

_0x4a0x72@pwned ~ sudo docker commit -a "Junior Carreiro" -m "Install Web Pentest Tools" WebPentest


With the use of Docker containers, we can create the PenTest environments or audits according to our need, leaving separated by categories. We can also deliver the container that is used in a PenTest as part of the evidence that is presented to a customer or deliver the container to the customer to do an audit.



About the author: Júnior Carreiro

Member of DC-Labs Security Team

Founder BlackTieSecurity

July 4, 2016
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023