├── .gitignore ├── LICENSE ├── README.md ├── docker-compose.yml ├── redcloud.py ├── requirements.txt ├── templates ├── Dockerfile ├── template2.json ├── templates.dev.yml └── templates.json ├── traefik ├── .htpasswd ├── Dockerfile └── traefik.toml └── utils ├── __init__.py └── colors.py /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | build/ 12 | develop-eggs/ 13 | dist/ 14 | downloads/ 15 | eggs/ 16 | .eggs/ 17 | lib/ 18 | lib64/ 19 | parts/ 20 | sdist/ 21 | var/ 22 | wheels/ 23 | *.egg-info/ 24 | .installed.cfg 25 | *.egg 26 | MANIFEST 27 | 28 | # PyInstaller 29 | # Usually these files are written by a python script from a template 30 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 31 | *.manifest 32 | *.spec 33 | 34 | # Installer logs 35 | pip-log.txt 36 | pip-delete-this-directory.txt 37 | 38 | # Unit test / coverage reports 39 | htmlcov/ 40 | .tox/ 41 | .coverage 42 | .coverage.* 43 | .cache 44 | nosetests.xml 45 | coverage.xml 46 | *.cover 47 | .hypothesis/ 48 | .pytest_cache/ 49 | 50 | # Translations 51 | *.mo 52 | *.pot 53 | 54 | # Django stuff: 55 | *.log 56 | local_settings.py 57 | db.sqlite3 58 | 59 | # Flask stuff: 60 | instance/ 61 | .webassets-cache 62 | 63 | # Scrapy stuff: 64 | .scrapy 65 | 66 | # Sphinx documentation 67 | docs/_build/ 68 | 69 | # PyBuilder 70 | target/ 71 | 72 | # Jupyter Notebook 73 | .ipynb_checkpoints 74 | 75 | # pyenv 76 | .python-version 77 | 78 | # celery beat schedule file 79 | celerybeat-schedule 80 | 81 | # SageMath parsed files 82 | *.sage.py 83 | 84 | # Environments 85 | .env 86 | .venv 87 | env/ 88 | venv/ 89 | ENV/ 90 | env.bak/ 91 | venv.bak/ 92 | 93 | # Spyder project settings 94 | .spyderproject 95 | .spyproject 96 | 97 | # Rope project settings 98 | .ropeproject 99 | 100 | # mkdocs documentation 101 | /site 102 | 103 | # mypy 104 | .mypy_cache/ 105 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2019 khast3x 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 |

2 | 3 |

4 |

5 | Weather report. Cloudy with a chance of shells! 6 |
7 |
8 | 9 |

10 | 11 | 12 | ![](https://img.shields.io/badge/Python-3+-brightgreen.svg) [![](https://img.shields.io/badge/Usable_Templates-35-brightgreen.svg)](https://github.com/khast3x/redcloud/blob/master/templates/templates.yml) ![](https://img.shields.io/github/issues-raw/khast3x/redcloud.svg?style=social) 13 | 14 | 15 | Early release. Follow me on [Twitter](https://twitter.com/kh4st3x) to stay updated on Redcloud's development. 16 | :information_desk_person::cloud::shell::seedling: 17 | 18 | ___ 19 | [Quick Start](#quick-start) - [Architecture](#redcloud-architecture) - [Use-cases](#use-cases) - [Screenshots](#screenshots) 20 | ___ 21 | 22 | ## Introduction 23 | 24 | Redcloud is a powerful and user-friendly toolbox for deploying a fully featured **Red Team Infrastructure** using Docker. Harness the cloud's speed for your tools. Deploys in minutes. Use and manage it with its [polished web interface](#screenshots). 25 | 26 | Ideal for your penetration tests, shooting ranges, red teaming and bug bounties! 27 | 28 | 29 | Self-host your attack infrastructure painlessly, deploy your very own live, scalable and resilient offensive infrastructure in a matter of minutes. 30 | 31 |

32 | Demo 33 |
34 |
35 | 36 |

37 | 38 |

39 | 40 |

41 | 42 | *The following demo showcases deployment of Redcloud through ssh, followed by Metasploit. We then look at Traefik and a live volume attached to Metasploit. Finally, we check that Metasploit's DB is functional with the web terminal, delete the container, and terminate Redcloud.* 43 | 44 | 45 | 46 | ___ 47 | 48 | 49 | ## Features 50 | 51 | * Deploy Redcloud locally or remotely using the built-in SSH functions, and even docker-machine. 52 | * Deploy Metasploit, Empire, GoPhish, vulnerable targets, a fully stacked Kali, and many more with a few clicks. 53 | * Monitor and manage your infrastructure with a beautiful web interface. 54 | * Deploy redirections, socks or Tor proxy for all your tools. 55 | * Painless network management and volume sharing. 56 | * User and password management. 57 | * Web terminal 58 | * Overall very comfy :hatching_chick: 59 | 60 | ___ 61 | 62 | ## Quick Start 63 | 64 | Setup: 65 | ```bash 66 | # If deploying using ssh 67 | > cat ~/.ssh/id_rsa.pub | ssh root@your-deploy-target-ip 'cat >> .ssh/authorized_keys' 68 | 69 | # If deploying using docker-machine, and using a machine named "default" 70 | > eval (docker-machine env default) 71 | 72 | # Check your Python version 73 | # Use python3 if default python version is 2.x 74 | > python --version 75 | 76 | ``` 77 | Deploy: 78 | ```bash 79 | > git clone https://github.com/khast3x/redcloud.git 80 | > cd redcloud 81 | > python redcloud.py 82 | ``` 83 | 84 | Redcloud uses `PyYAML` to print the list of available templates. It's installed by default on most systems. 85 | If not, simply run: 86 | ```bash 87 | # Use pip3 if default python version is 2.x 88 | > pip install -r requirements.txt 89 | ``` 90 | 91 | Redcloud has 3 different deployment methods: 92 | 1. **Locally** 93 | 2. **Remotely, using ssh**. Requires having your public key in your target's `authorized_keys` file. 94 | 3. **Remotely, using docker-machine**. Run the `eval (docker-machine env deploy_target)` line to preload your env with your docker-machine, and run `redcloud.py`. Redcloud should automatically detect your docker-machine, and highlight menu items relevant to a docker-machine deployment. 95 | 96 | ___ 97 | 98 |

99 | Templates 100 |
101 |
102 | 103 |

104 |

105 | 106 |

107 | 108 | ___ 109 | 110 | **Briefly,** 111 | 112 | `redcloud.py` deploys a [Yacht](https://github.com/Selfhostedpro/yacht) stack, **preloaded with many tool templates for your offensive engagements**, powered by Docker. Once deployed, control Redcloud with the [web interface](#screenshots). Uses [Traefik](https://traefik.io/) as reverse-proxy. Easy remote deploy to your target server using the system `ssh` or `docker-machine`. 113 | 114 | 115 | * :rocket: Ever wanted to spin up a Kali in a cloud with just a few clicks? 116 | * :package: Have clean silos between your tools, technics and stages? 117 | * :ambulance: Monitor the health of your scans and C2? 118 | * :fire: Skip those sysadmin tasks for setting up a phishing campaign and get pwning faster? 119 | * :smiling_imp: Curious how you would build *the* ideal attack infrastructure? 120 | 121 | 122 | Use the web UI to monitor, manage, and **interact with each container**. Create volumes, networks and port forwards using Yacht's simple UI. 123 | 124 | Deploy and handle all your favorite tools and technics with the power of data-center-grade internet :rocket: 125 | 126 | ___ 127 | 128 | *In the following section, we'll be going more in-depth inside Redcloud's design concepts. You can get started without having to dive inside though.* 129 | 130 | ___ 131 | 132 | * :book: **Table of contents** 133 | - [Introduction](#introduction) 134 | - [Features](#features) 135 | - [Quick Start](#quick-start) 136 | - [Details](#details) 137 | - [Redcloud Architecture](#redcloud-architecture) 138 | - [Deployment workflow](#deployment-workflow) 139 | - [Networks](#networks) 140 | - [Volumes](#volumes) 141 | - [Accessing containers from the terminal](#accessing-containers-from-the-terminal) 142 | - [Accessing files](#accessing-files) 143 | - [SSL Certificates](#ssl-certificates) 144 | - [Stopping Redcloud](#stopping-redcloud) 145 | - [Yacht App Templates](#yacht-app-templates) 146 | - [Traefik reverse-proxy](#traefik-reverse-proxy) 147 | - [Redcloud security considerations](#redcloud-security-considerations) 148 | - [Tested deployment candidates](#tested-deployment-candidates) 149 | - [Troubleshooting](#troubleshooting) 150 | - [Use-cases](#use-cases) 151 | - [Screenshots](#screenshots) 152 | - [Contribution guideline](#contribution-guideline) 153 | - [Hosting Redcloud](#hosting-redcloud) 154 | - [Inspirations & Shout-outs](#inspirations--shout-outs) 155 | 156 | ___ 157 | 158 | ## Details 159 | 160 | ### Redcloud Architecture 161 | 162 | * `redcloud.py`: Starts/Stops the Web interface and App Templates, using Docker and Yacht. 163 | * `yacht`: Yacht web interface. 164 | * `traefik`: Traefik reverse-proxy container to the web interface, api and files containers. Some templates have pre-configured routes for convenience. See the `templates.yml`. 165 | * `templates`: python3 `http.server` container that feeds the App Templates. Lives in an "inside" network. 166 | * `cert_gen`: The [omgwtfssl](https://github.com/paulczar/omgwtfssl) container that generates the SSL certificates using common best practices. 167 | * https://your-server-ip/: Redcloud Web interface once deployed. 168 | * https://your-server-ip/files: Redcloud `redcloud_files` volume. You can also access the `redcloud_log` container content, protected by the same `.htpasswd` as Traefik. Default credentials: `admin:Redcloud` 169 | * https://your-server-ip/api: Traefik reverse-proxy health monitoring page. Shows live stats about routes, backends, return codes. Will also show reverse-callback implant data if configured through Traefik. 170 | 171 | 172 | ### Deployment workflow 173 | 174 | 175 | **Redcloud deployment workflow is as follows:** 176 | 1. Clone/Download Redcloud repository. 177 | 2. Launch `redcloud.py`. 178 | 3. Choose deployment candidate from the menu (local, ssh, docker-machine). 179 | 4. `redcloud.py` automatically: 180 | * checks for `docker` & `docker-compose` on target machine. 181 | * installs `docker` & `docker-compose` if absent. 182 | * deploys the web stack on target using `docker-compose`. 183 | 5. Once deployment is complete, `redcloud.py` will output the URL. Head over to https://your-deploy-machine-ip/. 184 | 6. Set username/password from the web interface. 185 | 7. Select the endpoint (the only one on the list). 186 | 8. Access the templates using the "App Templates" menu item on the left :rocket: 187 | 188 | **App Template deployment is as follows:** 189 | 1. Choose template. 190 | 2. If you wish to add additional options, select "+ Show advanced options". 191 | 3. Add port mapping, networking options, and volume mapping as you see fit. 192 | 4. Select "Deploy the container". 193 | 5. Yacht will launch the container. It may take a few minutes if it needs to fetch the image. If your server is in a data center, this step will be very fast. 194 | 6. Container should be running :rocket: 195 | 7. Yacht will redirect you to the "Containers" page. From there, you can: 196 | a. View live container logs. 197 | b. Inspect container details (`docker inspect`). 198 | c. View live container stats (memory/cpu/network/processes). 199 | 200 | 201 |

202 | 203 |

204 | 205 | ### Networks 206 | 207 | Redcloud makes it easy to play around with networks and containers. 208 | You can create additional networks with different drivers, and attach your containers as you see fit. Redcloud comes with 2 networks, `redcloud_default` and `redcloud_inside`. 209 | 210 | ### Volumes 211 | 212 | You can share data between containers by sharing volumes. Redcloud comes with 3 volumes: 213 | 214 | * `certs`: Container with the certificates generated by [omgwtfssl](https://github.com/paulczar/omgwtfssl). 215 | * `files`: Standard file sharing volume. For now, the files are available when browsing https://your-server-ip/files, and are served by the Traefik reverse-proxy container directly from the `files` volume. A typical use-case is to attach the volume to a Metasploit container, generate your payload directly into the `files` volume. You can now serve your fresh payload directly through the Traefik to file server route. 216 | * `logs`: Available for logs, served by the file-server too. Access requires basic auth. Default is `admin:Redcloud`. 217 | 218 | 219 | ### Accessing containers from the terminal 220 | 221 | If you wish to stay in your terminal to work with the deployed containers, its very easy using Docker. Keep these things in mind: 222 | * Most containers have `bash`, but some use `sh` instead 223 | * All Redcloud App Templates container names start with `red_`, such as `red_msf-postgresql` 224 | * With Docker, you can either use `docker exec` or `attach` to interact with a container 225 | * `exec` is preferred as it creates a new process 226 | * `attach` lands you straight on the running process, potentially killing your running container 227 | * If running Redcloud: 228 | * Locally or using `docker-machine`, simply type these in your local shell 229 | * Using `ssh`, first ssh into your deployment target to run the following commands 230 | 231 | To start interacting with the desired deployed container: 232 | ```bash 233 | > docker exec -it red_container-name /bin/bash 234 | root@70a819ef0e87:/# 235 | ``` 236 | 237 | If you see the following message, it means `bash` is not installed. In that case simply replace `/bin/bash` with `/bin/sh`: 238 | 239 | ```bash 240 | > docker exec -it red_container-name /bin/bash 241 | OCI runtime exec failed: exec failed: container_linux.go:344: starting container process caused "exec: \"/bin/bash\": stat /bin/bash: no such file or directory": unknown 242 | 243 | > docker exec -it red_container-name /bin/sh 244 | # 245 | ``` 246 | 247 | To use `docker attach`, simply run: 248 | ```bash 249 | > docker attach red_container-name 250 | ``` 251 | If using `attach`, the container needs to be started in `interactive mode`, so as to land in a interactive shell. 252 | 253 | 254 | ### Accessing files 255 | 256 | Point your browser to `https://your-redcloud-ip/files`. 257 | Please refer to the `files` volume for more information. 258 | 259 | ### SSL Certificates 260 | 261 | Redcloud generates a new *unsigned* SSL certificate when deploying. 262 | The certificate is generated by [omgwtfssl](https://github.com/paulczar/omgwtfssl), implementing most best practices. 263 | Once generated: 264 | > It will dump the certificates it generated into /certs by default and will also output them to stdout in a standard YAML form, making them easy to consume in Ansible or other tools that use YAML. 265 | 266 | Certificates are stored in a shared docker volume called `certs`. Your containers can access this volume if you indicate it in "+ Advanced Settings" when deploying it. The Traefik reverse-proxy container fetches the certificates directly from its configuration file. If you wish to replace these certificates with your own, simply replace them on this volume. 267 | 268 | It also means you can share the generated certificates into other containers, such Empire or Metasploit for your reverse callbacks, or for a phishing campaign. 269 | Most SSL related configurations can be found in `traefik/traefik.toml` or the `docker-compose.yml` file. 270 | 271 | 272 | ### Stopping Redcloud 273 | 274 | You can stop Redcloud directly from the menu. 275 | **Deployed App templates need to be stopped manually before stopping Redcloud.** You can stop them using the Yacht web interface, or `docker rm -f container-name`. 276 | If you wish to force the Yacht containers running Redcloud to stop, simply run `docker-compose kill` inside the `redcloud/` folder. 277 | The *local* and *docker-machine* stop option is the same, thus they are combined in the same option. 278 | 279 | 280 | ### Yacht App Templates 281 | 282 | Redcloud uses Yacht to orchestrate and interface with the Docker engine. Yacht in itself is a fantastic project to manage Docker deployments remotely. Yacht also includes a very convenient [template system](https://yacht.sh/Templates/templates/), which is the major component for our Redcloud deployment. 283 | Templates can be found in `./templates/templates.yml`. Yacht fetches the template file from a dedicated container (`templates`). 284 | 285 | ### Traefik reverse-proxy 286 | Traefik is a wonderful "cloud-native edge router". It has replaced the previous NGINX reverse-proxy setup. 287 | A Traefik image is built during deployment, using the Dockerfile located in `traefik/Dockerfile`. It adds a `.htpasswd` with `admin:Redcloud` credentials. 288 | 289 | By default, deployment spawns the following routes: 290 | * `https://your-server-ip/` 291 | * `https://your-server-ip/files` 292 | * `https://your-server-ip/api` 293 | 294 | Authentications are based of the `.htaccess` data. 295 | 296 | From the Traefik api web interface, you can view your deployed routes, monitor health, as well as real time metrics. Its very neat. 297 | 298 | 299 | 300 | 301 | You can add additional labels that tell Traefik where to route traffic, using either: 302 | * `traefik/traefik.toml` file 303 | * `docker-compose.yml` file 304 | * `templates.yml` file 305 | * Yacht's web interface 306 | 307 | See the [official documentation](https://docs.traefik.io/basics/) for more information. 308 | 309 | ![api](https://i.imgur.com/gWaeykt.png) 310 | 311 | 312 |

313 | 314 |

315 | 316 | ### Redcloud security considerations 317 | 318 | Redcloud deploys with a self-signed https certificate, and proxies all interactions with the web console through it. 319 | However, the default network exposes your containers' ports to the outside world. 320 | 321 | You can: 322 | * **Remove exposed ports** and access the normal port from a machine inside the docker network 323 | * Add custom `labels` to create routes with Traefik. See the `docker-compose.yml` file for inspiration. 324 | * Start an Ubuntu or Kali with noVNC (VNC through http) from templates, add it to both an "inside" and "outside" network, and access exposed interfaces from inside. 325 | * Add .htaccess configurations 326 | 327 | Additionally: 328 | * `docker` & `docker-machine` installations require root privileges. You can downgrade privilege requirements following [the official documentation](https://docs.docker.com/install/linux/linux-postinstall/). 329 | * The install script is pulled directly from the official docker repositories. 330 | * `redcloud.py` fetches Redcloud's public IP address using icanhazip.com. 331 | 332 | ___ 333 | 334 | ## Tested deployment candidates 335 | 336 | | Deploy Target | Status | 337 | |:-------------:|:-------------------:| 338 | | Ubuntu Bionic | :heavy_check_mark: | 339 | | Ubuntu Xenial | :heavy_check_mark: | 340 | | Debian Strech | :heavy_check_mark: | 341 | 342 | ___ 343 | 344 | ## Troubleshooting 345 | 346 | * Check your default python version with `python --version`. Redcloud needs python 3+. 347 | * Use `python3` instead of `python` if on an older system. 348 | * `redcloud.py` requires that deployment candidate have the public key in their `.ssh/authorized_keys`, and handles password-less authentication using the user's public key. This is the default configuration for most VPS workflows. 349 | * docker-machine deployment requires the user to already have a running docker-machine on a cloud infrastructure (such as AWS, GCP, Linode and [many others](https://docs.docker.com/machine/drivers/)). Once deployed, simply run the `eval` command as illustrated above. 350 | * `docker` & `docker-machine` installations require root privileges. You can downgrade privilege requirements following [the official documentation](https://docs.docker.com/install/linux/linux-postinstall/) 351 | * If you don't see the "App Templates" menu item right after deploying, refresh the web page and make sure you're not at the endpoint selection menu. 352 | * If you wish to create a new username/password combo, remove Yacht persistent data on deployment candidate: `rm -rf /opt/yacht/data` 353 | * If you're running into python errors, you may need to install the `python3-distutils` package using `apt-get install python3-distutils` on debian/ubuntu base. 354 | * If you get an error when deploying an App Template saying the "container name already exists", it's probably because you're trying to deploy the same App Template without having removed a previously deployed one. Simply remove the old container with the same name, or change the name of your new container. 355 | * If something seems wrong with your container, the standard procedure is to check the container's logs from the web interface. 356 | * If running a local deployment on OSX, `yacht` will be unable to use its default volume location `/opt/`. To solve this, open the `docker-compose.yml` file, replace `/opt/yacht/data:/data` with a folder with write-access, for example: `/tmp/yacht/:/data` and create the `/tmp/yacht` directory before running Redcloud. 357 | * if you're getting issues with the web terminal, try disabling some addons, using private browsing, or try with a different browser. If all else fails, connect to your container [through the terminal](#accessing-containers-from-the-terminal). 358 | ___ 359 | 360 | ## Use-cases 361 | 362 | * Create your personal pentest-lab, and practice your hacking skills with friends and colleagues. 363 | * Protect your offensive infrastructure using honeypots. 364 | * Recreate an APT infrastructure with reverse implant load-balancing, geo-stretched servers and multi-layered operations 365 | * Automate payload generation with Metasploit or Empire, AV bypass with gscript, served instantly through the `/files/` URI. 366 | * Perform your bug-bounty pipelines much faster than your competition. 367 | * Launch Sniper using Yacht api when a new bug-bounty is posted, fetch logs using `/files/` URI. 368 | * Use the reverse proxy to cover Metasploit or Empire. 369 | * Launch scans behind your own Tor socks proxy. 370 | * View .onion site using Tor socks + Ubuntu VNC. 371 | * Advanced OSINT with Spiderfoot and a Tor container as proxy. 372 | 373 | ___ 374 | 375 | ## Screenshots 376 | 377 | * Template List 378 |

379 | 380 |

381 | 382 | * Deploying a container 383 |

384 | 385 |

386 | 387 | * Using Metasploit's `msfconsole` through the web interface 388 |

389 | 390 |

391 | 392 | * Traefik real-time data on reverse-proxy routes 393 |

394 | 395 |

396 | 397 | * Deploying using ssh 398 |

399 | 400 |

401 | 402 | ___ 403 | 404 | ## Contribution guideline 405 | 406 | Any help is appreciated. This is a side project, so it's probably missing a few bolts and screws. Above all: 407 | * Reporting or fixing Redcloud bugs & quirks. 408 | * Adding templates. Please keep it clean, and from the creator's docker hub repository if possible. 409 | * Adding documentation. 410 | * Detailing use cases in blog articles. I'll add links to blog posts here, so please be sure to contact me if you make one! :v: 411 | * Integrating Traefik with more templates. I'm currently having issues with the spiderfoot and ubuntu novnc for example. 412 | * Typos as issues. *(no pull requests please)* 413 | 414 | ___ 415 | 416 | ## Hosting Redcloud 417 | 418 | You can host Redcloud on any Unix server that runs Docker. 419 | Redcloud is intended to be used in a cloud environment, such as a simple VPS with ssh, or even an AWS EC2, GCP, etc... 420 | 421 | A large range of cloud providers offer **free credits** to get familiar with their services. Many lists and tutorials cover getting free hosting credits from major vendors. [This list is a good place to start](https://github.com/ripienaar/free-for-dev#iaas). 422 | 423 | Regarding deployment method, I personally prefer working with [docker-machine](https://docs.docker.com/machine/overview/) as it becomes ridiculously easy to spawn new machines and manage them once you've got your cloud provider's [driver setup](https://docs.docker.com/machine/drivers/). If you prefer using `ssh`, be sure to take a look at evilsocket's [shellz](https://github.com/evilsocket/shellz) project to manage your keys and profiles. 424 | 425 | ___ 426 | 427 | ## Inspirations & Shout-outs 428 | 429 | * [Red Team Infrastructure Wiki](https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki) - bluscreenofjeff 430 | * [Automated Red Team Infrastructure Guide](https://rastamouse.me/2017/08/automated-red-team-infrastructure-deployment-with-terraform---part-1/) - rastamouse 431 | * [Safe Red Team Infrastructure](https://medium.com/@malcomvetter/safe-red-team-infrastructure-c5d6a0f13fac) - Tim MalcomVetter 432 | * [Red Baron](https://github.com/Coalfire-Research/Red-Baron) - Coalfire Research 433 | * [Rapid Attack Infrastructure](https://github.com/obscuritylabs/RAI) - Obscurity Labs 434 | * [Decker](https://github.com/stevenaldinger/decker) - Steven Aldinger 435 | * [hideNsneak](https://github.com/rmikehodges/hideNsneak) - Mike Hodges 436 | 437 | 438 | * [@Ullaakut](https://twitter.com/Ullaakut) for the logo - Make sure you check out his [repo](https://github.com/Ullaakut)! 439 | 440 | ___ 441 | *Finally, if you wish to see your tool integrated, hit me up on Twitter. This project is maintained on my free time. Keep an eye out in the dev branch for upcoming features. 442 | Redcloud was originally developed to make deploying training environments for infosec students easier.* 443 | 444 | ___ 445 | 446 | *If you wish to stay updated on this project:* 447 | 448 | [![twitter](https://i.imgur.com/S79Nimd.png)](https://twitter.com/kh4st3x) 449 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | cert_gen: 5 | container_name: "cert-gen" 6 | image: paulczar/omgwtfssl 7 | volumes: 8 | - certs:/certs 9 | labels: 10 | - "traefik.enable=false" 11 | 12 | traefik: 13 | build: traefik/ 14 | container_name: "traefik" 15 | networks: 16 | - default 17 | - inside 18 | ports: 19 | - 80:80 20 | - 443:443 21 | volumes: 22 | - /var/run/docker.sock:/var/run/docker.sock 23 | - certs:/certs 24 | - logs:/logs 25 | labels: 26 | - "traefik.frontend.rule=PathPrefixStrip:/t/api" 27 | - "traefik.frontend.auth.basic.usersFile=/etc/traefik/.htpasswd" 28 | - "traefik.port=8081" 29 | 30 | 31 | 32 | 33 | templates: 34 | build : templates/ 35 | container_name: "templates" 36 | networks: 37 | - inside 38 | labels: 39 | - "traefik.enable=false" 40 | 41 | public-files: 42 | image: aikain/simplehttpserver:0.1 43 | container_name: "public-files" 44 | volumes: 45 | - files:/var/www/ 46 | - logs:/var/www/logs 47 | networks: 48 | - inside 49 | labels: 50 | - "traefik.sec.frontend.rule=PathPrefixStrip:/files/logs" 51 | - "traefik.sec.port=80" 52 | - "traefik.sec.frontend.auth.basic.users=admin:$$apr1$$JWufnu2u$$jK16K8EczmfIBDk5p3xw6/" 53 | - "traefik.nosec.frontend.rule=PathPrefixStrip:/files" 54 | - "traefik.nosec.port=80" 55 | 56 | 57 | yacht: 58 | image: selfhostedpro/yacht 59 | container_name: "yacht-app" 60 | networks: 61 | - inside 62 | volumes: 63 | - /var/run/docker.sock:/var/run/docker.sock 64 | - /tmp/yacht/data:/data 65 | - /tmp/compose:/compose 66 | environment: 67 | - "COMPOSE_DIR=/compose/" 68 | - "LOGO=https://i.imgur.com/kfi99Po.png" 69 | - "BASE_TEMPLATE=http://templates/templates.json" 70 | - "THEME=RED" 71 | - "DISABLE_AUTH=True" 72 | 73 | labels: 74 | - "traefik.sec.frontend.rule=PathPrefixStrip:/" 75 | - "traefik.sec.port=8000" 76 | - "traefik.sec.frontend.auth.basic.users=admin:$$apr1$$JWufnu2u$$jK16K8EczmfIBDk5p3xw6/" 77 | - "traefik.passHostHeader=true" 78 | - "traefik.docker.network=redcloud_inside" 79 | - "traefik.backend.loadbalancer.swarm=true" 80 | - "traefik.backend.loadbalancer.method=drr" 81 | # https://github.com/containous/traefik/issues/563#issuecomment-421360934 82 | 83 | volumes: 84 | certs: 85 | logs: 86 | files: 87 | networks: 88 | inside: 89 | external: false -------------------------------------------------------------------------------- /redcloud.py: -------------------------------------------------------------------------------- 1 | import os 2 | import subprocess 3 | 4 | from utils.colors import colors as c 5 | 6 | DOCKER_DEPLOY = "docker-compose up --build -d" 7 | DOCKER_DOWN = "docker-compose down --remove-orphans" 8 | # DOCKER_INSTALL = "curl -fsSL https://get.docker.com -o get-docker.sh ; sh get-docker.sh" 9 | DOCKER_INSTALL = "curl -fsSL https://get.docker.com -o get-docker.sh" 10 | DOCKER_INSTALL2 = "sh get-docker.sh" 11 | # DOCKER_COMPOSE_INSTALL = "curl -L https://github.com/docker/compose/releases/download/1.22.0/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose" 12 | DOCKER_COMPOSE_INSTALL = "curl -L https://github.com/docker/compose/releases/download/1.22.0/docker-compose-{u_s}-{u_m} -o /usr/local/bin/docker-compose" 13 | DOCKER_COMPOSE_INSTALL2 = "chmod +x /usr/local/bin/docker-compose" 14 | REDCLOUD_INSTALL_GIT = "git clone https://github.com/selfhostedpro/redcloud.git" 15 | REDCLOUD_INSTALL_SCP = "scp -r ../redcloud {target}:~/" 16 | SSH_OR = " || echo \"error\"" 17 | GET_IP = "curl -4 -s icanhazip.com" 18 | 19 | 20 | def print_banner(arg = ""): 21 | 22 | 23 | banner_top = ''' 24 | ----__ ''"" ___``'/````\ 25 | ,' ,' `--/ __, \-,,,`. 26 | ,""""' .' ;-. , ,' \ `"""". 27 | ,' `-( `._(_,' )_ `. 28 | ,' ,---. \ @ ; \ @ _,' `. 29 | ,-""' ,' ,--'- `;' `. 30 | ,' ,' ( `. ,' `. 31 | ; ,' \ _,',' Offensive `. 32 | ,' ; `--' ,' Infrastructure `. 33 | ,' ; __ ( Deployment `. 34 | ; `____... `78b `. ,' ,' 35 | ; ...----''" ) _.- .d8P `. ,' ,' ,' 36 | 37 | ''' 38 | banner = '''_....----'" '. _..--"_.-:.-' .' `. ,''. ,' `--' 39 | `" mGk "" _.-'' .-'`-.:..___...--' `-._ ,-"' `-' 40 | _.--' _.-' .' .' .' `""""" 41 | __.-'' _.-' .-' .' / ~~~ 42 | ' _.-' .-' .-' .' 43 | _.-' .-' .-' .' .' / R e d C l o u d 44 | _.-' .-' .-' .' .' 45 | _.-' .-' .' .' / ~~~ 46 | _.-' .-' .' .' github.com/khast3x 47 | .-' .' 48 | ''' 49 | 50 | print("\n\n") 51 | if len(arg) != 0: 52 | print(c.fg.red + c.bold + banner_top + banner + c.reset + "\n\n\n") 53 | print("\n\n\t\tThank you for using" + c.fg.red+ " redcloud!" + c.bold + " <3" +c.reset) 54 | input(c.bg.purple + "\n\n\t\t- Press Enter to get back to saving the planet -" + c.reset) 55 | else: 56 | print(c.fg.red + c.bold + banner + c.reset) 57 | 58 | 59 | 60 | 61 | def is_tool(name): 62 | '''Check whether `name` is on PATH.''' 63 | 64 | from distutils.spawn import find_executable 65 | return find_executable(name) is not None 66 | 67 | 68 | 69 | def get_unames(prefix = ""): 70 | # $(uname -s)-$(uname -m) 71 | uname_s = run_cmd_output(prefix + "uname -s") 72 | uname_m = run_cmd_output(prefix + "uname -m") 73 | final_cmd = DOCKER_COMPOSE_INSTALL.format(u_s=uname_s, u_m=uname_m) 74 | print(final_cmd) 75 | return final_cmd 76 | 77 | def run_cmd_output(cmd): 78 | ''' 79 | Runs local command to shell, returns output. Splits string to tab before giving args to subprocess 80 | ''' 81 | try: 82 | output = subprocess.check_output(cmd.split(" "), stderr=sys.stdout.buffer) 83 | output = output.decode("utf-8").strip() 84 | return output 85 | except subprocess.CalledProcessError as e: 86 | c.bad_news(c, "Something went wrong with running command") 87 | print(e) 88 | 89 | def list_available(): 90 | ''' 91 | List available templates from the templates.yml 92 | ''' 93 | import yaml 94 | 95 | with open("templates/templates.yml", 'r') as stream: 96 | try: 97 | data = yaml.load(stream) 98 | for templ in data: 99 | print("---------------------") 100 | print(c.fg.green + "[>] " + c.fg.purple + templ["title"] + c.reset + " : " + templ["description"]) 101 | # print(" source: " + c.reset + templ["image"]) 102 | print(c.bg.purple + "\n" + c.reset) 103 | input("\n- Press Enter to continue -") 104 | except yaml.YAMLError as exc: 105 | print(exc) 106 | 107 | def install_docker(prefix = ""): 108 | ''' 109 | Runs the command to install docker. Can run with the SSH prefix to install remotly 110 | Keep both seperated for later debugging 111 | ''' 112 | c.info_news(c, "This might take a few minutes... Hang in there!") 113 | 114 | if len(prefix) != 0: 115 | output = run_cmd_output(prefix + DOCKER_INSTALL) 116 | output += run_cmd_output(prefix + DOCKER_INSTALL2) 117 | else: 118 | output = run_cmd_output(DOCKER_INSTALL) 119 | output += run_cmd_output(DOCKER_INSTALL2) 120 | print(output) 121 | 122 | def install_docker_compose(prefix = ""): 123 | ''' 124 | Runs the command to install docker-compose. Can run with the SSH prefix to install remotly 125 | Keep both seperated for later debugging 126 | ''' 127 | cmd = get_unames(prefix) 128 | if len(prefix) != 0: 129 | output = run_cmd_output(prefix + cmd) 130 | output += run_cmd_output(prefix + DOCKER_COMPOSE_INSTALL2) 131 | else: 132 | output = run_cmd_output(cmd) 133 | output += run_cmd_output(DOCKER_COMPOSE_INSTALL2) 134 | print(output) 135 | 136 | def deploy_local(): 137 | ''' 138 | Check install, offer removing portainer persistent data if file exists. 139 | Run docker-compose command, get IP, print with portainer URI 140 | ''' 141 | # Check installs 142 | if is_tool("curl"): 143 | c.info_news(c, "curl installation found") 144 | 145 | # Check docker; install ; check install 146 | if is_tool("docker"): 147 | c.info_news(c, "docker installation found") 148 | else: 149 | c.bad_news(c, "docker installation not found") 150 | c.question_news(c, "Install docker? [Y/n]") 151 | dockerq = input(">> ") 152 | if dockerq == "n": 153 | c.info_news(c, "Skipping...") 154 | else: 155 | c.info_news(c, "Installing docker") 156 | install_docker() 157 | if is_tool("docker"): 158 | c.good_news(c, "docker installation finished successfully") 159 | 160 | # Check docker-compose; install ; check install 161 | if is_tool("docker-compose"): 162 | c.info_news(c, "docker-compose installation found") 163 | else: 164 | c.bad_news(c, "docker-compose installation not found") 165 | c.question_news(c, "Install docker-compose? [Y/n]") 166 | dockerq = input(">> ") 167 | print(dockerq) 168 | if dockerq == "n": 169 | c.info_news(c, "Skipping...") 170 | else: 171 | c.info_news(c, "Installing docker-composetoto") 172 | install_docker_compose() 173 | if is_tool("docker-compose"): 174 | c.good_news(c, "docker-compose installation finished successfully") 175 | 176 | # Check Portainer persistent data 177 | if os.path.isdir("/tmp/portainer/data"): 178 | c.question_news(c, "Portainer data detected, a user/pass already exists. Remove? [N/y]") 179 | choice = input(">> ") 180 | if choice == "y": 181 | import shutil 182 | shutil.rmtree("/tmp/portainer/data") 183 | c.good_news(c, "Deleted portainer data") 184 | 185 | # Start deploy 186 | c.good_news(c, "Deploying redcloud") 187 | output = run_cmd_output(DOCKER_DEPLOY) 188 | print(output) 189 | c.good_news(c, "Done") 190 | ip = run_cmd_output(GET_IP) 191 | print(c.bold + c.fg.green + "\n" + "=========================================================================" + c.reset) 192 | c.good_news(c, "Please find your running instance at https://" + ip +"/portainer") 193 | c.info_news(c, "Files are available at https://" + ip + "/files") 194 | c.info_news(c, "Live Reverse Proxy data is available at https://" + ip + "/api") 195 | print(c.bold + c.fg.green + "=========================================================================" + c.reset) 196 | print(c.bg.orange + "\n" + c.reset) 197 | input("\n- Press Enter to continue -") 198 | 199 | def deploy_remote_ssh(): 200 | ''' 201 | Deploy redcloud to a remote server using SSH 202 | ''' 203 | 204 | # Get user target, username 205 | c.question_news(c, "Target IP or hostname?") 206 | target = input(">> ").strip() 207 | c.question_news(c, "Target username? (Default: root)") 208 | username = input(">> ").strip() 209 | if username == "": 210 | username = "root" 211 | SSH_CMD = "ssh " + username+"@"+target+" " 212 | 213 | # Check remote curl install 214 | output = run_cmd_output(SSH_CMD + "command -v curl" + SSH_OR) 215 | if output != "error" and len(output) != 0: 216 | c.info_news(c, "curl installation found") 217 | elif output == "error": 218 | c.bad_news(c, "curl installation not found") 219 | 220 | # Check remote git install, if found git clone, else scp files to target 221 | output = run_cmd_output(SSH_CMD + "command -v git" + SSH_OR) 222 | if output != "error" and len(output) != 0: 223 | c.info_news(c, "git installation found") 224 | c.info_news(c, "Cloning latest redcloud repository") 225 | run_cmd_output(SSH_CMD + REDCLOUD_INSTALL_GIT + SSH_OR) 226 | elif output == "error": 227 | c.bad_news(c, "git installation not found") 228 | c.info_news(c, "Sending local files...") 229 | run_cmd_output(REDCLOUD_INSTALL_SCP.format(target = username+"@"+target)) 230 | 231 | 232 | 233 | # Check remote docker install; Install; Check install 234 | output = run_cmd_output(SSH_CMD + "command -v docker" + SSH_OR) 235 | if output != "error" and len(output) != 0: 236 | c.info_news(c, "docker installation found") 237 | elif output == "error": 238 | c.bad_news(c, "docker installation not found") 239 | c.question_news(c, "Install docker? [Y/n]") 240 | dockerq = input(">> ") 241 | if dockerq == "n": 242 | c.info_news(c, "Skipping...") 243 | else: 244 | c.info_news(c, "Installing docker") 245 | install_docker(SSH_CMD) 246 | output = run_cmd_output(SSH_CMD + "command -v docker" + SSH_OR) 247 | if output != "error" and len(output) != 0: 248 | c.good_news(c, "docker installation finished sucessfully") 249 | 250 | 251 | # Check remote docker-compose install; Install; Check install 252 | output = run_cmd_output(SSH_CMD + "command -v docker-compose" + SSH_OR) 253 | if output != "error" and len(output) != 0: 254 | c.info_news(c, "docker-compose installation found") 255 | elif output == "error": 256 | c.bad_news(c, "docker-compose installation not found") 257 | c.question_news(c, "Install docker-compose? [Y/n]") 258 | dockerq = input(">> ") 259 | if dockerq == "n": 260 | c.info_news(c, "Skipping...") 261 | else: 262 | c.info_news(c, "Installing docker-compose") 263 | install_docker_compose(SSH_CMD) 264 | output = run_cmd_output(SSH_CMD + "command -v docker" + SSH_OR) 265 | if output != "error" and len(output) != 0: 266 | c.good_news(c, "docker-compose installation finished sucessfully") 267 | 268 | # Get redcloud; Deploy 269 | c.good_news(c, "Deploying redcloud") 270 | run_cmd_output(SSH_CMD + "cd redcloud ; " + DOCKER_DEPLOY + SSH_OR) 271 | c.good_news(c, "Done") 272 | ip = run_cmd_output(SSH_CMD + GET_IP) 273 | print(c.bold + c.fg.green + "\n" + "=========================================================================" + c.reset) 274 | c.good_news(c, "Please find your running instance at https://" + ip +"/portainer") 275 | c.info_news(c, "Files are available at https://" + ip + "/files") 276 | c.info_news(c, "Live reverse proxy data is available at https://" + ip + "/api") 277 | print(c.bold + c.fg.green + "=========================================================================" + c.reset) 278 | print(c.bg.purple + "\n" + c.reset) 279 | input("\n- Press Enter to continue -") 280 | 281 | def deploy_dockermachine(): 282 | ''' 283 | Check install, offer removing portainer persistent data if file exists. 284 | Run docker-compose command, get IP, print with portainer URI 285 | ''' 286 | # Check installs 287 | if is_tool("curl"): 288 | c.info_news(c, "curl installation found") 289 | 290 | # Check docker; install ; check install 291 | if is_tool("docker"): 292 | c.info_news(c, "docker installation found") 293 | else: 294 | c.bad_news(c, "docker installation not found") 295 | c.question_news(c, "Install docker? [Y/n]") 296 | dockerq = input(">> ") 297 | if dockerq == "n": 298 | c.info_news(c, "Skipping...") 299 | else: 300 | c.info_news(c, "Installing docker") 301 | install_docker() 302 | if is_tool("docker"): 303 | c.good_news(c, "docker installation finished sucessfully") 304 | 305 | # Check docker-compose; install ; check install 306 | if is_tool("docker-compose"): 307 | c.info_news(c, "docker-compose installation found") 308 | else: 309 | c.bad_news(c, "docker-compose installation not found") 310 | c.question_news(c, "Install docker-compose? [Y/n]") 311 | dockerq = input(">> ") 312 | if dockerq == "n": 313 | c.info_news(c, "Skipping...") 314 | else: 315 | c.info_news(c, "Installing docker-compose") 316 | install_docker_compose() 317 | if is_tool("docker-compose"): 318 | c.good_news(c, "docker-compose installation finished sucessfully") 319 | 320 | # Check env for docker-machine name, check machine status 321 | try: 322 | if 'DOCKER_MACHINE_NAME' in os.environ: 323 | machine_name = os.environ['DOCKER_MACHINE_NAME'] 324 | else: 325 | c.bad_news(c, "Could not find DOCKER_MACHINE_NAME environment variable") 326 | input("\n- Press Enter to continue -") 327 | return 328 | except OSError as e: 329 | c.bad_news(c, "Something went wrong when looking for docker-machine") 330 | print(e) 331 | 332 | out = run_cmd_output("docker-machine status " + machine_name) 333 | if out != "Running": 334 | c.bad_news(c, "It seems " + machine_name + " is not running?") 335 | else: 336 | c.good_news(c, "Seems " + c.bold + machine_name + c.reset + " is running correctly") 337 | c.good_news(c, "Deploying redcloud remotely using docker-machine " + c.bold + machine_name + c.reset) 338 | run_cmd_output(DOCKER_DEPLOY) 339 | c.good_news(c, "Done") 340 | ip = os.environ['DOCKER_HOST'] 341 | print(c.bold + c.fg.green + "\n" + "=========================================================================" + c.reset) 342 | c.good_news(c, "Please find your running instance at https:" + ip.split(":")[1] +"/portainer") 343 | c.info_news(c, "Files are available at https:" + ip.split(":")[1] + "/files") 344 | c.info_news(c, "Live reverse proxy data is available at https:" + ip.split(":")[1] + "/api") 345 | print(c.bold + c.fg.green + "=========================================================================" + c.reset) 346 | print(c.bg.cyan + "\n" + c.reset) 347 | input("\n- Press Enter to continue -") 348 | 349 | def menu_deploy_target(): 350 | ''' 351 | Display the First Menu, prompting for deploy location 352 | ''' 353 | 354 | while True: 355 | print("\n" + c.bold + c.fg.blue + "[MAIN MENU]\nChoose deploy action:" + c.reset) 356 | c.menu_item(c, "1", "Deploy redcloud on local machine") 357 | c.menu_item(c, "2", "Deploy redcloud on remote ssh machine") 358 | c.menu_item(c, "3", "Deploy redcloud on remote docker-machine") 359 | c.menu_item(c, "4", "Stop local or docker-machine redcloud deployment") 360 | c.menu_item(c, "5", "Stop remote ssh redcloud deployment") 361 | c.menu_item(c, "6", "List available templates") 362 | c.menu_item(c, "q", "Quit") 363 | 364 | print("") 365 | choice = input(">> ") 366 | if choice == "1": 367 | c.good_news(c, "Deploying redcloud locally") 368 | deploy_local() 369 | elif choice == "2": 370 | deploy_remote_ssh() 371 | elif choice == "3": 372 | deploy_dockermachine() 373 | elif choice == "4": 374 | stop_out = run_cmd_output(DOCKER_DOWN) 375 | # run_cmd_output("docker-compose kill") 376 | if stop_out is not None: 377 | c.good_news(c, "Stopped running redcloud stack") 378 | else: 379 | c.bad_news(c, "App Templates need to be stopped manually. Use 'docker-compose kill' to force Portainer down") 380 | 381 | input("\n- Press Enter to continue -") 382 | elif choice == "5": # Stop remote ssh. 383 | c.question_news(c, "Target IP or hostname?") 384 | target = input(">> ").strip() 385 | c.question_news(c, "Target username? (Default: root)") 386 | username = input(">> ").strip() 387 | if username == "": 388 | username = "root" 389 | SSH_CMD = "ssh " + username+"@"+target+" " 390 | stop_out = run_cmd_output(SSH_CMD + "cd redcloud;" + DOCKER_DOWN) 391 | # run_cmd_output(SSH_CMD + "cd redcloud;" + "docker-compose kill") 392 | if stop_out is not None: 393 | c.good_news(c, "Stopped running ssh redcloud stack") 394 | else: 395 | c.bad_news(c, "App Templates need to be stopped manually. Use 'docker-compose kill' to force Portainer down") 396 | input("\n- Press Enter to continue -") 397 | elif choice == "6": # List templates 398 | list_available() 399 | elif choice == "q": 400 | c.info_news(c, "Goodbye") 401 | break 402 | elif choice == "1337": # Heh 403 | print_banner("top") 404 | else: 405 | c.bad_news(c, "Please choose a menu item number") 406 | print_banner() 407 | 408 | if __name__ == "__main__": 409 | 410 | import sys 411 | if sys.version_info[0] < 3: 412 | raise Exception("\n\n\n== Must be using Python 3 ==\n") 413 | print_banner() 414 | if "bash" not in os.getenv("SHELL"): 415 | c.info_news(c, "protip: redcloud works better using bash or sh") 416 | if not os.geteuid()==0: 417 | c.info_news(c, "protip: root on candidate is required to install docker") 418 | menu_deploy_target() 419 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | PyYAML 2 | -------------------------------------------------------------------------------- /templates/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM aikain/simplehttpserver:0.1 2 | COPY templates.json /var/www/ 3 | 4 | CMD python3 -m http.server 80 -------------------------------------------------------------------------------- /templates/template2.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "type": 1, 4 | "platform": "linux", 5 | "network": "redcloud_default", 6 | "title": "Metasploit - Nightly", 7 | "description": "Official bare Metasploit Alpine build. Includes beta features from dev branch.", 8 | "name": "red_msf-dev", 9 | "interactive": true, 10 | "logo": "https://yusufanilakduygu.files.wordpress.com/2016/08/capture1.jpg", 11 | "image": "metasploitframework/metasploit-framework", 12 | "restart_policy": "unless-stopped", 13 | "categories": ["offensive", "bare"], 14 | "ports": [ 15 | "4444:4444/tcp" 16 | ] 17 | }, 18 | { 19 | "type": 1, 20 | "platform": "linux", 21 | "network": "redcloud_default", 22 | "title": "Metasploit - Stable + Postgresql", 23 | "description": "Debian Metasploit build with Postgres and additional helper scripts", 24 | "name": "red_msf-postgresql", 25 | "interactive": true, 26 | "logo": "https://i.imgur.com/OE5fgz7.png", 27 | "image": "phocean/msf", 28 | "restart_policy": "unless-stopped", 29 | "categories": ["offensive", "database", "stack"], 30 | "labels": [ 31 | { "name": "traefik.frontend.rule", "value": "PathPrefixStrip:/msf" }, 32 | { "name": "traefik.port", "value": "4444" } 33 | ], 34 | "ports": [ 35 | "4444:4444/tcp" 36 | ] 37 | }, 38 | { 39 | "type": 1, 40 | "title": "Empire", 41 | "network": "redcloud_default", 42 | "platform": "linux", 43 | "description": "Pure Python & PowerShell post-exploitation", 44 | "interactive": true, 45 | "name": "red_empire", 46 | "logo": "https://i.imgur.com/XvtOqFp.png", 47 | "note": "Port 5555 opened for reverse callbacks", 48 | "image": "empireproject/empire", 49 | "restart_policy": "unless-stopped", 50 | "categories": ["offensive"], 51 | "ports": [ 52 | "5555:5555/tcp" 53 | ], 54 | "labels": [ 55 | { "name": "traefik.frontend.rule", "value": "PathPrefixStrip:/empire" }, 56 | { "name": "traefik.port", "value": "5555" } 57 | ] 58 | 59 | }, 60 | { 61 | "type": 1, 62 | "network": "redcloud_default", 63 | "title": "Sn1per", 64 | "platform": "linux", 65 | "description": "Automated pentest framework for offensive security experts", 66 | "name": "red_sn1per", 67 | "interactive": true, 68 | "logo": "https://i.imgur.com/X1fCmIv.jpg", 69 | "image": "menzo/sn1per-docker", 70 | "categories": ["offensive", "stack"], 71 | "restart_policy": "unless-stopped" 72 | }, 73 | { 74 | "type": 1, 75 | "title": "Metasploithelper", 76 | "platform": "linux", 77 | "network": "redcloud_default", 78 | "description": "MetasploitHelper is meant to assist penetration testers in network penetration tests. Comes with everything installed", 79 | "name": "red_metasploithelper", 80 | "interactive": true, 81 | "logo": "https://i.imgur.com/2GIRvgI.png", 82 | "image": "milo2012/metasploithelper", 83 | "categories": ["offensive", "stack", "util"], 84 | "restart_policy": "unless-stopped" 85 | }, 86 | { 87 | "type": 1, 88 | "title": "Pentest-tools", 89 | "platform": "linux", 90 | "network": "redcloud_default", 91 | "description": "Ubuntu build with: searchsploit, sqlmap, nmap, nikto, dnsutils, sn1per, knock, sqliv, pasko, uniscan, wpscan, ncrack, wfuzz, sublist3r, massdns", 92 | "name": "red_pentest-tools", 93 | "interactive": true, 94 | "logo": "https://i.imgur.com/oySfUtD.png", 95 | "image": "szalek/pentest-tools", 96 | "categories": ["offensive", "stack"], 97 | "restart_policy": "unless-stopped" 98 | }, 99 | { 100 | "type": 1, 101 | "platform": "linux", 102 | "network": "redcloud_default", 103 | "title": "Kali - Bare", 104 | "name": "red_kali-bare", 105 | "description": "Official Kali container. Install desired metapackages", 106 | "note": "Packages can be installed using Kali Metapackages. Use either docker attach by CLI (best) or the web terminal. Port 4444 is open by default for reverse callback payloads.", 107 | "interactive": true, 108 | "logo": "https://i.imgur.com/tmLEP0b.jpg", 109 | "image": "kalilinux/kali-linux-docker", 110 | "restart_policy": "unless-stopped", 111 | "categories": ["offensive", "bare"], 112 | "ports": [ 113 | "4444:4444/tcp" 114 | ] 115 | }, 116 | { 117 | "type": 1, 118 | "platform": "linux", 119 | "network": "redcloud_default", 120 | "title": "Kali - Full", 121 | "name": "red_kali-full", 122 | "description": "Non-Official Kali container with kali-linux-full metapackage installed, built every night", 123 | "interactive": true, 124 | "logo": "https://i.imgur.com/kcOdowg.jpg", 125 | "image": "booyaabes/kali-linux-full", 126 | "restart_policy": "unless-stopped", 127 | "categories": ["offensive", "stack"], 128 | "ports": [ 129 | "4444:4444/tcp" 130 | ] 131 | }, 132 | { 133 | "type": 1, 134 | "title": "Tor Socks Proxy", 135 | "platform": "linux", 136 | "network": "redcloud_default", 137 | "description": "The smallest (15 MB) docker image with Tor and Privoxy on Alpine Linux", 138 | "name": "red_tor-socks", 139 | "logo": "https://i.imgur.com/p3dEUKr.jpg", 140 | "note": "curl --proxy tor-socks:8118 icanhazip.com
curl --socks5 tor-socks:9050 icanhazip.com", 141 | "image": "rdsubhas/tor-privoxy-alpine", 142 | "restart_policy": "unless-stopped", 143 | "categories": ["utils", "privacy"], 144 | "ports": [ 145 | "8118:8118/tcp", 146 | "9050:9050/tcp" 147 | ] 148 | }, 149 | { 150 | "type": 1, 151 | "title": "Multi Tor Socks Proxy", 152 | "platform": "linux", 153 | "network": "redcloud_default", 154 | "description": "A multi TOR (x10) + privoxy socks proxy instances load-balancer ", 155 | "name": "red_multi-tor-socks", 156 | "logo": "https://i.imgur.com/p3dEUKr.jpg", 157 | "note": "curl --socks5 multi-tor-socks:9050 icanhazip.com", 158 | "image": "rdsubhas/tor-privoxy-alpine", 159 | "restart_policy": "unless-stopped", 160 | "categories": ["utils", "privacy"], 161 | "ports": [ 162 | "9050:9050/tcp" 163 | ] 164 | }, 165 | { 166 | "type": 1, 167 | "title": "GoPhish", 168 | "platform": "linux", 169 | "network": "redcloud_default", 170 | "description": "Open-Source Phishing Toolkit", 171 | "name": "red_gophish", 172 | "logo": "https://i.imgur.com/l21Rn2v.png", 173 | "note": "In your browser, head over to https://your-docker-machine-ip:3333. Don't forget the S in https. Default credentials: admin/gophish", 174 | "image": "matteoggl/gophish", 175 | "restart_policy": "unless-stopped", 176 | "categories": ["offensive", "phishing"], 177 | "ports": [ 178 | "3333:3333/tcp", 179 | "8083:80/tcp" 180 | ] 181 | }, 182 | { 183 | "type": 1, 184 | "title": "gscript", 185 | "platform": "linux", 186 | "network": "redcloud_default", 187 | "description": "Framework to rapidly implement custom droppers for all three major operating systems", 188 | "interactive": true, 189 | "name": "red_gscript", 190 | "logo": "https://i.imgur.com/IoI2VqG.png", 191 | "note": "Run gscript binary from the interactive shell. Don't forget to mount appropriate volumes.", 192 | "image": "gen0cide/gscript:v1", 193 | "restart_policy": "unless-stopped", 194 | "categories": ["offensive", "evasion"], 195 | "volumes": [{"container": "/root/share"}] 196 | }, 197 | { 198 | "type": 1, 199 | "title": "Spiderfoot", 200 | "platform": "linux", 201 | "network": "redcloud_default", 202 | "description": "SpiderFoot automates OSINT to find out everything possible about your target.", 203 | "name": "red_spiderfoot", 204 | "note": "In your browser, head over to https://your-docker-machine-ip:5001", 205 | "interactive": true, 206 | "logo": "https://i.imgur.com/4lffWWS.png", 207 | "image": "combro2k/alpine-spiderfoot", 208 | "restart_policy": "unless-stopped", 209 | "categories": ["offensive", "osint"], 210 | "ports": [ 211 | "5001:5001/tcp" 212 | ] 213 | }, 214 | { 215 | "type": 1, 216 | "title": "ZAP Proxy WebSwing", 217 | "network": "redcloud_default", 218 | "platform": "linux", 219 | "description": "Official in-browser version of ZAP.", 220 | "name": "red_zap-proxy", 221 | "note": "Since it is hosted on the same LAN as the target containers, usage should be faster. It is also possible to use the exposed remote proxy with a local instance of ZAP. Point your browser to http://your-docker-machine-ip:8081/?anonym=true&app=ZAP once done. If not, you will be asked to authenticate to a null account.", 222 | "interactive": true, 223 | "command": "zap-webswing.sh", 224 | "logo": "https://www.owasp.org/images/1/11/Zap128x128.png", 225 | "image": "owasp/zap2docker-stable", 226 | "restart_policy": "unless-stopped", 227 | "categories": ["offensive", "webserver", "bare"], 228 | "ports": [ 229 | "8081:8080/tcp", 230 | "8090:8090/tcp" 231 | ] 232 | }, 233 | { 234 | "type": 1, 235 | "title": "Ubuntu Web VNC", 236 | "platform": "linux", 237 | "network": "redcloud_default", 238 | "description": "Docker container images with VNC and http NoVNC", 239 | "name": "red_ubuntu-vnc", 240 | "logo": "https://i.imgur.com/KfWzNDU.jpg", 241 | "note": "Connect to :1 display with vncviewer. NoVNC: http://your-docker-machine-ip:6901/vnc.html, default password: vncpassword", 242 | "image": "consol/ubuntu-xfce-vnc", 243 | "restart_policy": "unless-stopped", 244 | "categories": ["utils"], 245 | "ports": [ 246 | "5901:5901/tcp", 247 | "6901:6901/tcp" 248 | ] 249 | }, 250 | { 251 | "type": 1, 252 | "title": "Kali Web noVNC + LXDE", 253 | "platform": "linux", 254 | "network": "redcloud_default", 255 | "description": "Kali Docker container with minimal LXDE", 256 | "name": "red_kali-vnc", 257 | "logo": "https://i.imgur.com/tmLEP0b.jpg", 258 | "note": "From your web browser: http://your-docker-machine-ip:6080", 259 | "image": "jgamblin/kalibrowser-lxde", 260 | "restart_policy": "unless-stopped", 261 | "categories": ["offensive", "bare", "utils"], 262 | "ports": [ 263 | "6080:6080/tcp" 264 | ] 265 | }, 266 | { 267 | "type": 1, 268 | "network": "redcloud_default", 269 | "title": "Lockdoor Framework", 270 | "platform": "linux", 271 | "description": "Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources", 272 | "name": "red_lockdoor", 273 | "interactive": true, 274 | "logo": "https://i.imgur.com/B5uKiEv.png", 275 | "image": "sofianehamlaoui/lockdoor", 276 | "categories": ["offensive", "privacy"], 277 | "restart_policy": "unless-stopped" 278 | }, 279 | { 280 | "type": 1, 281 | "title": "DVWA", 282 | "platform": "linux", 283 | "network": "redcloud_default", 284 | "description": "Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable", 285 | "name": "red_vuln-dvwa", 286 | "logo": "https://linuxsecurityblog.files.wordpress.com/2016/01/dvwa.jpg", 287 | "note": "Point your browser to http://your-docker-machine-ip:8082 to access it. To start using: Generate DB from the web interface, Login using admin/password. Select DVWA Security in the left menu, set your difficulty level.", 288 | "image": "vulnerables/web-dvwa", 289 | "restart_policy": "unless-stopped", 290 | "categories": ["vulnerable", "webserver"], 291 | "ports": [ 292 | "8082:80/tcp" 293 | ] 294 | }, 295 | { 296 | "type": 1, 297 | "title": "JuiceShop", 298 | "platform": "linux", 299 | "network": "redcloud_default", 300 | "description": "OWASP Juice Shop is an intentionally insecure web application written entirely in JavaScript which encompasses the entire range of OWASP Top Ten and other severe security flaws.", 301 | "name": "red_vuln-juiceshop", 302 | "logo": "https://www.owasp.org/images/6/66/JuiceShop_Logo.png", 303 | "note": "Point your browser to http://your-docker-machine-ip:8084 to access it.", 304 | "image": "bkimminich/juice-shop", 305 | "restart_policy": "unless-stopped", 306 | "categories": ["vulnerable", "webserver"], 307 | "ports": [ 308 | "8084:3000/tcp" 309 | ] 310 | }, 311 | { 312 | "type": 1, 313 | "title": "Vulnerable Wordpress", 314 | "platform": "linux", 315 | "network": "redcloud_default", 316 | "description": "Vulnerable WordPress Installation", 317 | "name": "red_vuln-wp", 318 | "logo": "https://i.imgur.com/0DpXEE4.png", 319 | "note": "Point your browser to http://your-docker-machine-ip:8085 to access it.", 320 | "image": "wpscanteam/vulnerablewordpress", 321 | "restart_policy": "unless-stopped", 322 | "categories": ["vulnerable", "webserver"], 323 | "ports": [ 324 | "8085:80/tcp", 325 | "3306:3306/tcp" 326 | ] 327 | }, 328 | { 329 | "type": 1, 330 | "title": "Vulnerable Shellshock", 331 | "platform": "linux", 332 | "network": "redcloud_default", 333 | "description": "Vulnerable Shellshock Installation - CVE-2014-6271", 334 | "name": "red_vuln-shellshock", 335 | "logo": "https://i.imgur.com/waYl54r.png", 336 | "note": "Point your browser to http://your-docker-machine-ip:8086 to access it.", 337 | "image": "hmlio/vaas-cve-2014-6271", 338 | "restart_policy": "unless-stopped", 339 | "categories": ["vulnerable", "webserver"], 340 | "ports": [ 341 | "8086:80/tcp" 342 | ] 343 | }, 344 | { 345 | "type": 1, 346 | "title": "Vulnerable SambaCry", 347 | "platform": "linux", 348 | "network": "redcloud_default", 349 | "description": "Vulnerable Samba Installation - CVE-2017-7494", 350 | "name": "red_vuln-samba", 351 | "logo": "https://media.ilsoftware.it/images/500x500/img_15843.jpg", 352 | "note": "If you want to access, use the following credentials. User: sambacry Password: nosambanocry", 353 | "image": "hmlio/vulnerables/cve-2017-7494", 354 | "restart_policy": "unless-stopped", 355 | "categories": ["vulnerable", "smb"], 356 | "ports": [ 357 | "445:445/tcp", 358 | "137:137/tcp", 359 | "138:138/tcp", 360 | "139:139/tcp", 361 | "6699:6699/tcp" 362 | ] 363 | }, 364 | { 365 | "type": 1, 366 | "title": "OWASP Mutillidae II", 367 | "platform": "linux", 368 | "network": "redcloud_default", 369 | "description": "Docker container for OWASP Mutillidae II Web Pen-Test Practice Application", 370 | "name": "red_vuln-mutillidae", 371 | "logo": "https://i.imgur.com/SFDsPDQ.jpg", 372 | "note": "Point your browser to http://your-docker-machine-ip:8087 to access it.", 373 | "image": "citizenstig/nowasp", 374 | "restart_policy": "unless-stopped", 375 | "categories": ["vulnerable", "smb"], 376 | "ports": [ 377 | "8087:80/tcp", 378 | "3306:3306/tcp" 379 | ], 380 | "env": [ 381 | { 382 | "name": "MYSQL_PASS", 383 | "label": "Database root password", 384 | "description": "Password used by the MySQL root user.", 385 | "default": "Chang3ME!", 386 | "preset": false 387 | } 388 | ] 389 | }, 390 | { 391 | "type": 1, 392 | "title": "Network Utilities", 393 | "platform": "linux", 394 | "network": "redcloud_default", 395 | "description": "A lightweight docker container with a set of networking tools
Use /bin/sh", 396 | "interactive": true, 397 | "name": "red_netutils", 398 | "logo": "https://i.imgur.com/XXaSxlw.png", 399 | "note": "This is designed to be an interactive debuigging container", 400 | "image": "flungo/netutils", 401 | "restart_policy": "unless-stopped", 402 | "categories": ["utils", "privacy"] 403 | }, 404 | { 405 | "type": 1, 406 | "title": "SoftEtherVPN", 407 | "name": "red_softethervpn", 408 | "network": "redcloud_default", 409 | "description": "A simple SoftEther VPN server", 410 | "categories": ["vpn", "utils", "privacy"], 411 | "platform": "linux", 412 | "logo": "https://i.imgur.com/zzhyywo.jpg", 413 | "image": "siomiz/softethervpn", 414 | "privileged": true, 415 | "ports": [ 416 | "500:500/udp", 417 | "4500:4500/udp", 418 | "1701:1701/tcp", 419 | "1194:1194/udp", 420 | "5555:5555/tcp" 421 | ] 422 | }, 423 | { 424 | "type": 1, 425 | "title": "Cowrie Honeypot", 426 | "name": "red_cowrie", 427 | "network": "redcloud_default", 428 | "interactive": true, 429 | "description": "SSH Honeypot that logs authentication attempts and interactions", 430 | "categories": ["honeypot", "deception"], 431 | "platform": "linux", 432 | "logo": "https://i.imgur.com/GaYgbXo.png", 433 | "image": "cowrie/cowrie", 434 | "ports": [ 435 | "2222:2222/tcp" 436 | ] 437 | }, 438 | { 439 | "type": 1, 440 | "title": "Endlessh tarpit", 441 | "name": "red_endlessh", 442 | "network": "redcloud_default", 443 | "description": "SSH tarpit that slowly sends an endless banner", 444 | "categories": ["deception"], 445 | "platform": "linux", 446 | "logo": "https://i.imgur.com/lsGCqxD.png", 447 | "image": "d3lta/endlessh-docker", 448 | "ports": [ 449 | "2223:22/tcp" 450 | ] 451 | }, 452 | { 453 | "type": 1, 454 | "title": "Beagle", 455 | "name": "red_beagle", 456 | "network": "redcloud_default", 457 | "description": "Incident response and digital forensics tool which transforms data sources and logs into graphs. Supported data sources include FireEye HX Triages, Windows EVTX files, SysMon logs and Raw Windows memory images.", 458 | "note": "Point your browser to http://your-docker-machine-ip:8000 to access it.", 459 | "categories": ["utils", "dfir", "osint"], 460 | "platform": "linux", 461 | "logo": "https://i.imgur.com/QDBYkY1.jpg", 462 | "image": "yampelo/beagle", 463 | "ports": [ 464 | "8000:8000/tcp" 465 | ] 466 | }, 467 | { 468 | "type": 1, 469 | "title": "Nginx", 470 | "description": "High performance web server", 471 | "categories": ["webserver"], 472 | "platform": "linux", 473 | "network": "redcloud_default", 474 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/nginx.png", 475 | "image": "nginx:latest", 476 | "ports": [ 477 | "80/tcp", 478 | "443/tcp" 479 | ], 480 | "volumes": [{"container": "/etc/nginx"}, {"container": "/usr/share/nginx/html"}] 481 | }, 482 | { 483 | "type": 1, 484 | "title": "Httpd", 485 | "network": "redcloud_default", 486 | "description": "Open-source HTTP server", 487 | "categories": ["webserver"], 488 | "platform": "linux", 489 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/httpd.png", 490 | "image": "httpd:latest", 491 | "ports": [ 492 | "80/tcp" 493 | ], 494 | "volumes": [{"container": "/usr/local/apache2/htdocs/"}] 495 | }, 496 | { 497 | "type": 1, 498 | "title": "Caddy", 499 | "network": "redcloud_default", 500 | "description": "HTTP/2 web server with automatic HTTPS", 501 | "categories": ["webserver"], 502 | "platform": "linux", 503 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/caddy.png", 504 | "image": "abiosoft/caddy:latest", 505 | "ports": [ 506 | "80/tcp", "443/tcp", "2015/tcp" 507 | ], 508 | "volumes": [{"container": "/root/.caddy"}] 509 | }, 510 | { 511 | "type": 1, 512 | "title": "MySQL", 513 | "network": "redcloud_default", 514 | "description": "The most popular open-source database", 515 | "categories": ["database"], 516 | "platform": "linux", 517 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/mysql.png", 518 | "image": "mysql:latest", 519 | "env": [ 520 | { 521 | "name": "MYSQL_ROOT_PASSWORD", 522 | "label": "Root password" 523 | } 524 | ], 525 | "ports": [ 526 | "3306/tcp" 527 | ], 528 | "volumes": [{"container": "/var/lib/mysql"}] 529 | }, 530 | { 531 | "type": 1, 532 | "title": "PostgreSQL", 533 | "network": "redcloud_default", 534 | "description": "The most advanced open-source database", 535 | "categories": ["database"], 536 | "platform": "linux", 537 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/postgres.png", 538 | "image": "postgres:latest", 539 | "env": [ 540 | { 541 | "name": "POSTGRES_USER", 542 | "label": "Superuser" 543 | }, 544 | { 545 | "name": "POSTGRES_PASSWORD", 546 | "label": "Superuser password" 547 | } 548 | ], 549 | "ports": [ 550 | "5432/tcp" 551 | ], 552 | "volumes": [{"container": "/var/lib/postgresql/data"}] 553 | }, 554 | { 555 | "type": 1, 556 | "title": "Elasticsearch", 557 | "network": "redcloud_default", 558 | "description": "Open-source search and analytics engine", 559 | "categories": ["database"], 560 | "platform": "linux", 561 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/elasticsearch.png", 562 | "image": "elasticsearch:latest", 563 | "ports": [ 564 | "9200/tcp", 565 | "9300/tcp" 566 | ], 567 | "volumes": [{"container": "/usr/share/elasticsearch/data"}] 568 | }, 569 | { 570 | "type": 1, 571 | "title": "Gitlab CE", 572 | "network": "redcloud_default", 573 | "description": "Open-source end-to-end software development platform", 574 | "note": "Default username is root. Check the Gitlab documentation to get started.", 575 | "categories": ["development", "project-management"], 576 | "platform": "linux", 577 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/gitlab_ce.png", 578 | "image": "gitlab/gitlab-ce:latest", 579 | "ports": [ 580 | "80/tcp", 581 | "443/tcp", 582 | "22/tcp" 583 | ], 584 | "volumes": [ 585 | { "container": "/etc/gitlab" }, 586 | { "container": "/var/log/gitlab" }, 587 | { "container": "/var/opt/gitlab" } 588 | ] 589 | }, 590 | { 591 | "type": 1, 592 | "title": "Minio", 593 | "network": "redcloud_default", 594 | "description": "A distributed object storage server built for cloud applications and devops", 595 | "categories": ["storage", "exfiltration"], 596 | "platform": "linux", 597 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/minio.png", 598 | "image": "minio/minio:latest", 599 | "ports": [ 600 | "9000/tcp" 601 | ], 602 | "env": [ 603 | { 604 | "name": "MINIO_ACCESS_KEY", 605 | "label": "Minio access key" 606 | }, 607 | { 608 | "name": "MINIO_SECRET_KEY", 609 | "label": "Minio secret key" 610 | } 611 | ], 612 | "volumes": [{"container": "/data"}, {"container": "/root/.minio"}], 613 | "command": "server /data" 614 | }, 615 | { 616 | "type": 1, 617 | "title": "Solr", 618 | "network": "redcloud_default", 619 | "description": "Open-source enterprise search platform", 620 | "categories": ["search-engine", "exfiltration"], 621 | "platform": "linux", 622 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/solr.png", 623 | "image": "solr:latest", 624 | "ports": [ 625 | "8983/tcp" 626 | ], 627 | "volumes": [{"container": "/opt/solr/mydata"}] 628 | }, 629 | { 630 | "type": 1, 631 | "title": "Joomla", 632 | "network": "redcloud_default", 633 | "description": "Another free and open-source CMS", 634 | "categories": ["phishing", "deception"], 635 | "platform": "linux", 636 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/joomla.png", 637 | "image": "joomla:latest", 638 | "env": [ 639 | { 640 | "name": "JOOMLA_DB_HOST", 641 | "label": "MySQL database host", 642 | "type": "container" 643 | }, 644 | { 645 | "name": "JOOMLA_DB_PASSWORD", 646 | "label": "Database password" 647 | } 648 | ], 649 | "ports": [ 650 | "80/tcp" 651 | ], 652 | "volumes": [{"container": "/var/www/html"}] 653 | }, 654 | { 655 | "type": 1, 656 | "title": "Drupal", 657 | "network": "redcloud_default", 658 | "description": "Open-source content management framework", 659 | "categories": ["phishing", "deception"], 660 | "platform": "linux", 661 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/drupal.png", 662 | "image": "drupal:latest", 663 | "ports": [ 664 | "80/tcp" 665 | ], 666 | "volumes": [{"container": "/var/www/html"}] 667 | }, 668 | { 669 | "type": 1, 670 | "title": "Odoo", 671 | "network": "redcloud_default", 672 | "description": "Open-source business apps", 673 | "categories": ["project-management", "phishing"], 674 | "platform": "linux", 675 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/odoo.png", 676 | "image": "odoo:latest", 677 | "env": [ 678 | { 679 | "name": "HOST", 680 | "label": "PostgreSQL database host", 681 | "type": "container" 682 | }, 683 | { 684 | "name": "USER", 685 | "label": "Database user" 686 | }, 687 | { 688 | "name": "PASSWORD", 689 | "label": "Database password" 690 | } 691 | ], 692 | "ports": [ 693 | "8069/tcp" 694 | ], 695 | "volumes": [{"container": "/var/lib/odoo"}, {"container": "/mnt/extra-addons"}] 696 | }, 697 | { 698 | "type": 1, 699 | "title": "Urbackup", 700 | "network": "redcloud_default", 701 | "description": "Open-source network backup", 702 | "categories": ["backup", "exfiltration"], 703 | "platform": "linux", 704 | "note": "This application web interface is exposed on the port 55414 inside the container.", 705 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/urbackup.png", 706 | "image": "cfstras/urbackup", 707 | "ports": [ 708 | "55413/tcp", "55414/tcp", "55415/tcp", "35622/tcp" 709 | ], 710 | "volumes": [{"container": "/var/urbackup"}] 711 | }, 712 | { 713 | "type": 2, 714 | "title": "Portainer Agent", 715 | "network": "redcloud_default", 716 | "description": "Manage all the resources in your Swarm cluster", 717 | "note": "The agent will be deployed globally inside your cluster and available on port 9001.", 718 | "categories": ["portainer"], 719 | "platform": "linux", 720 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/portainer.png", 721 | "repository": { 722 | "url": "https://github.com/portainer/templates", 723 | "stackfile": "stacks/portainer-agent/docker-stack.yml" 724 | } 725 | }, 726 | { 727 | "type": 3, 728 | "title": "Wordpress", 729 | "network": "redcloud_default", 730 | "description": "Wordpress setup with a MySQL database", 731 | "note": "Deploys a Wordpress instance connected to a MySQL database.", 732 | "categories": ["phishing", "deception"], 733 | "platform": "linux", 734 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/wordpress.png", 735 | "repository": { 736 | "url": "https://github.com/portainer/templates", 737 | "stackfile": "stacks/wordpress/docker-compose.yml" 738 | }, 739 | "env": [ 740 | { 741 | "name": "MYSQL_DATABASE_PASSWORD", 742 | "label": "Database root password", 743 | "description": "Password used by the MySQL root user." 744 | } 745 | ] 746 | } 747 | 748 | 749 | ] 750 | -------------------------------------------------------------------------------- /templates/templates.dev.yml: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "type": 1, 4 | "platform": "linux", 5 | "title": "Metasploit - Nightly", 6 | "description": "Official bare Metasploit Alpine build. Includes beta features from dev branch.", 7 | "name": "msf-dev", 8 | "interactive": true, 9 | "logo": "https://yusufanilakduygu.files.wordpress.com/2016/08/capture1.jpg", 10 | "image": "metasploitframework/metasploit-framework", 11 | "restart_policy": "unless-stopped", 12 | "categories": ["offensive", "bare"], 13 | "ports": [ 14 | "4444:4444/tcp" 15 | ] 16 | }, 17 | { 18 | "type": 1, 19 | "platform": "linux", 20 | "title": "Metasploit - Stable + Postgresql", 21 | "description": "Debian Metasploit build with Postgres and additional helper scripts", 22 | "name": "msf-postgresql", 23 | "interactive": true, 24 | "logo": "https://i.imgur.com/OE5fgz7.png", 25 | "image": "phocean/msf", 26 | "restart_policy": "unless-stopped", 27 | "categories": ["offensive", "database", "stack"], 28 | "ports": [ 29 | "4444:4444/tcp" 30 | ] 31 | }, 32 | { 33 | "type": 1, 34 | "title": "Empire", 35 | "platform": "linux", 36 | "description": "Pure Python & PowerShell post-exploitation", 37 | "name": "empire", 38 | "logo": "https://i.imgur.com/XvtOqFp.png", 39 | "note": "Port 5555 opened for reverse callbacks", 40 | "image": "empireproject/empire", 41 | "restart_policy": "unless-stopped", 42 | "categories": ["offensive"], 43 | "ports": [ 44 | "5555:5555/tcp" 45 | ] 46 | }, 47 | { 48 | "type": 1, 49 | "title": "Sn1per", 50 | "platform": "linux", 51 | "description": "Automated pentest framework for offensive security experts", 52 | "name": "sn1per", 53 | "interactive": true, 54 | "logo": "https://i.imgur.com/X1fCmIv.jpg", 55 | "image": "menzo/sn1per-docker", 56 | "categories": ["offensive", "stack"], 57 | "restart_policy": "unless-stopped" 58 | }, 59 | { 60 | "type": 1, 61 | "title": "Metasploithelper", 62 | "platform": "linux", 63 | "description": "MetasploitHelper is meant to assist penetration testers in network penetration tests. Comes with everything installed", 64 | "name": "metasploithelper", 65 | "interactive": true, 66 | "logo": "https://i.imgur.com/2GIRvgI.png", 67 | "image": "milo2012/metasploithelper", 68 | "categories": ["offensive", "stack", "util"], 69 | "restart_policy": "unless-stopped" 70 | }, 71 | { 72 | "type": 1, 73 | "title": "Pentest-tools", 74 | "platform": "linux", 75 | "description": "Ubuntu build with: searchsploit, sqlmap, nmap, nikto, dnsutils, sn1per, knock, sqliv, pasko, uniscan, wpscan, ncrack, wfuzz, sublist3r, massdns", 76 | "name": "pentest-tools", 77 | "interactive": true, 78 | "logo": "https://i.imgur.com/oySfUtD.png", 79 | "image": "szalek/pentest-tools", 80 | "categories": ["offensive", "stack"], 81 | "restart_policy": "unless-stopped" 82 | }, 83 | { 84 | "type": 1, 85 | "platform": "linux", 86 | "title": "Kali - Bare", 87 | "name": "kali-bare", 88 | "description": "Official Kali container. Install desired metapackages", 89 | "note": "Packages can be installed using Kali Metapackages. Use either docker attach by CLI (best) or the web terminal. Port 4444 is open by default for reverse callback payloads.", 90 | "interactive": true, 91 | "logo": "https://i.imgur.com/tmLEP0b.jpg", 92 | "image": "kalilinux/kali-linux-docker", 93 | "restart_policy": "unless-stopped", 94 | "categories": ["offensive", "bare"], 95 | "ports": [ 96 | "4444:4444/tcp" 97 | ] 98 | }, 99 | { 100 | "type": 1, 101 | "platform": "linux", 102 | "title": "Kali - Full", 103 | "name": "kali-full", 104 | "description": "Non-Official Kali container with kali-linux-full metapackage installed, built every night", 105 | "interactive": true, 106 | "logo": "https://i.imgur.com/kcOdowg.jpg", 107 | "image": "booyaabes/kali-linux-full", 108 | "restart_policy": "unless-stopped", 109 | "categories": ["offensive", "stack"], 110 | "ports": [ 111 | "4444:4444/tcp" 112 | ] 113 | }, 114 | { 115 | "type": 1, 116 | "title": "Tor Socks Proxy", 117 | "platform": "linux", 118 | "description": "The smallest (15 MB) docker image with Tor and Privoxy on Alpine Linux", 119 | "name": "tor-socks", 120 | "logo": "https://i.imgur.com/p3dEUKr.jpg", 121 | "note": "curl --proxy tor-socks:8118 icanhazip.com", 122 | "image": "rdsubhas/tor-privoxy-alpine", 123 | "restart_policy": "unless-stopped", 124 | "categories": ["utils", "privacy"], 125 | "ports": [ 126 | "8118:8118/tcp", 127 | "9050:9050/tcp" 128 | ] 129 | }, 130 | { 131 | "type": 1, 132 | "title": "GoPhish", 133 | "platform": "linux", 134 | "description": "Open-Source Phishing Toolkit", 135 | "name": "gophish", 136 | "logo": "https://i.imgur.com/l21Rn2v.png", 137 | "note": "In your browser, head over to https://your-docker-machine-ip:3333. Don't forget the S in https", 138 | "image": "matteoggl/gophish", 139 | "restart_policy": "unless-stopped", 140 | "categories": ["offensive", "phishing"], 141 | "ports": [ 142 | "3333:3333/tcp", 143 | "8083:80/tcp" 144 | ] 145 | }, 146 | # { 147 | # "type": 1, 148 | # "title": "iRedMail", 149 | # "platform": "linux", 150 | # "description": "With iRedMail, you can deploy an OPEN SOURCE, FULLY FLEDGED, FULL-FEATURED mail server in several minutes, for free. We did the heavy lifting of putting all the open source components together and applying best practices. ", 151 | # "name": "iredmail", 152 | # "logo": "https://i.imgur.com/tK0kGYR.png", 153 | # "note": "In your browser, head over to https://your-docker-machine-ip:8071", 154 | # "image": "lejmr/iredmail:mysql-latest", 155 | # "restart_policy": "unless-stopped", 156 | # "categories": ["offensive", "phishing"], 157 | # "ports": [ 158 | # "8070:80/tcp", 159 | # "8071:443/tcp" 160 | # ], 161 | # "env": [ 162 | # { 163 | # "name": "MYSQL_ROOT_PASSWORD", 164 | # "default": "iRedMailpassw0rd#" 165 | # }, 166 | # { 167 | # "name": "SOGO_WORKERS", 168 | # "default": "1" 169 | # }, 170 | # { 171 | # "name": "TZ", 172 | # "default": "Europe/Prague" 173 | # }, 174 | # { 175 | # "name": "POSTMASTER_PASSWORD", 176 | # "default": "{PLAIN}iRedMailpassw0rd#" 177 | # }, 178 | # { 179 | # "name": "IREDAPD_PLUGINS", 180 | # "default": "['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']" 181 | # } 182 | # ], 183 | # "volumes": [{"container": "/var/lib/mysql"}, {"container": "/var/vmail"}, {"container": "/var/lib/clamav"}], 184 | # "privileged": true 185 | # }, 186 | { 187 | "type": 1, 188 | "title": "Spiderfoot", 189 | "platform": "linux", 190 | "description": "SpiderFoot automates OSINT to find out everything possible about your target.", 191 | "name": "spiderfoot", 192 | "note": "In your browser, head over to https://your-docker-machine-ip:5001", 193 | "interactive": true, 194 | "logo": "https://i.imgur.com/4lffWWS.png", 195 | "image": "combro2k/alpine-spiderfoot", 196 | "restart_policy": "unless-stopped", 197 | "categories": ["offensive", "osint"], 198 | "ports": [ 199 | "5001:5001/tcp" 200 | ] 201 | }, 202 | { 203 | "type": 1, 204 | "title": "ZAP Proxy WebSwing", 205 | "platform": "linux", 206 | "description": "Official in-browser version of ZAP.", 207 | "name": "zap-proxy", 208 | "note": "Since it is hosted on the same LAN as the target containers, usage should be faster. It is also possible to use the exposed remote proxy with a local instance of ZAP. Point your browser to http://your-docker-machine-ip:8081/?anonym=true&app=ZAP once done. If not, you will be asked to authenticate to a null account.", 209 | "interactive": true, 210 | "command": "zap-webswing.sh", 211 | "logo": "https://www.owasp.org/images/1/11/Zap128x128.png", 212 | "image": "owasp/zap2docker-stable", 213 | "restart_policy": "unless-stopped", 214 | "categories": ["offensive", "webserver", "bare"], 215 | "ports": [ 216 | "8081:8080/tcp", 217 | "8090:8090/tcp" 218 | ] 219 | }, 220 | { 221 | "type": 1, 222 | "title": "Ubuntu Web VNC", 223 | "platform": "linux", 224 | "description": "Docker container images with VNC and http NoVNC", 225 | "name": "ubuntu-vnc", 226 | "logo": "https://i.imgur.com/KfWzNDU.jpg", 227 | "note": "Connect to :1 display with vncviewer. NoVNC: http://your-docker-machine-ip:6901/vnc.html, default password: vncpassword", 228 | "image": "consol/ubuntu-xfce-vnc", 229 | "restart_policy": "unless-stopped", 230 | "categories": ["utils"], 231 | "ports": [ 232 | "5901:5901/tcp", 233 | "6901:6901/tcp" 234 | ] 235 | }, 236 | { 237 | "type": 1, 238 | "title": "DVWA", 239 | "platform": "linux", 240 | "description": "Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable", 241 | "name": "vuln-dvwa", 242 | "logo": "https://linuxsecurityblog.files.wordpress.com/2016/01/dvwa.jpg", 243 | "note": "Point your browser to http://your-docker-machine-ip:8082 to access it. To start using: Generate DB from the web interface, Login using admin/password. Select DVWA Security in the left menu, set your difficulty level.", 244 | "image": "vulnerables/web-dvwa", 245 | "restart_policy": "unless-stopped", 246 | "categories": ["vulnerable", "webserver"], 247 | "ports": [ 248 | "8082:80/tcp" 249 | ] 250 | }, 251 | { 252 | "type": 1, 253 | "title": "JuiceShop", 254 | "platform": "linux", 255 | "description": "OWASP Juice Shop is an intentionally insecure web application written entirely in JavaScript which encompasses the entire range of OWASP Top Ten and other severe security flaws.", 256 | "name": "vuln-juiceshop", 257 | "logo": "https://www.owasp.org/images/6/66/JuiceShop_Logo.png", 258 | "note": "Point your browser to http://your-docker-machine-ip:8084 to access it.", 259 | "image": "bkimminich/juice-shop", 260 | "restart_policy": "unless-stopped", 261 | "categories": ["vulnerable", "webserver"], 262 | "ports": [ 263 | "8084:3000/tcp" 264 | ] 265 | }, 266 | { 267 | "type": 1, 268 | "title": "SoftEtherVPN", 269 | "name": "softethervpn", 270 | "description": "A simple SoftEther VPN server", 271 | "categories": ["vpn", "utils", "privacy"], 272 | "platform": "linux", 273 | "logo": "https://i.imgur.com/zzhyywo.jpg", 274 | "image": "siomiz/softethervpn", 275 | "privileged": true, 276 | "ports": [ 277 | "500:500/udp", 278 | "4500:4500/udp", 279 | "1701:1701/tcp", 280 | "1194:1194/udp", 281 | "5555:5555/tcp" 282 | ] 283 | }, 284 | # { 285 | # "type": 1, 286 | # "title": "VPNET", 287 | # "name": "vpnet", 288 | # "description": "All in ONE, ZERO config solution for ShadowSocks/PPTP/OpenVPN/SSH Tunnel Servers' setup ", 289 | # "note": "user:vpnet, pass:vpnet.io | SSH 22:10022 | KcpTun 554:10554 | PPTP 1723:1723 | ShadowSocks 8388:18388 | doc: https://hub.docker.com/r/acrossfw/vpnet", 290 | # "categories": ["vpn", "utils", "privacy", "stack"], 291 | # "platform": "linux", 292 | # "image": "siomiz/softethervpn", 293 | # "privileged": true 294 | # }, 295 | { 296 | "type": 1, 297 | "title": "Cowrie Honeypot", 298 | "name": "cowrie", 299 | "description": "SSH Honeypot that logs authentication attempts and interactions", 300 | "categories": ["honeypot", "deception"], 301 | "platform": "linux", 302 | "logo": "https://i.imgur.com/GaYgbXo.png", 303 | "image": "cowrie/cowrie", 304 | "ports": [ 305 | "2222:2222/tcp" 306 | ] 307 | }, 308 | { 309 | "type": 1, 310 | "title": "Nginx", 311 | "description": "High performance web server", 312 | "categories": ["webserver"], 313 | "platform": "linux", 314 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/nginx.png", 315 | "image": "nginx:latest", 316 | "ports": [ 317 | "80/tcp", 318 | "443/tcp" 319 | ], 320 | "volumes": [{"container": "/etc/nginx"}, {"container": "/usr/share/nginx/html"}] 321 | }, 322 | { 323 | "type": 1, 324 | "title": "Httpd", 325 | "description": "Open-source HTTP server", 326 | "categories": ["webserver"], 327 | "platform": "linux", 328 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/httpd.png", 329 | "image": "httpd:latest", 330 | "ports": [ 331 | "80/tcp" 332 | ], 333 | "volumes": [{"container": "/usr/local/apache2/htdocs/"}] 334 | }, 335 | { 336 | "type": 1, 337 | "title": "Caddy", 338 | "description": "HTTP/2 web server with automatic HTTPS", 339 | "categories": ["webserver"], 340 | "platform": "linux", 341 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/caddy.png", 342 | "image": "abiosoft/caddy:latest", 343 | "ports": [ 344 | "80/tcp", "443/tcp", "2015/tcp" 345 | ], 346 | "volumes": [{"container": "/root/.caddy"}] 347 | }, 348 | { 349 | "type": 1, 350 | "title": "MySQL", 351 | "description": "The most popular open-source database", 352 | "categories": ["database"], 353 | "platform": "linux", 354 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/mysql.png", 355 | "image": "mysql:latest", 356 | "env": [ 357 | { 358 | "name": "MYSQL_ROOT_PASSWORD", 359 | "label": "Root password" 360 | } 361 | ], 362 | "ports": [ 363 | "3306/tcp" 364 | ], 365 | "volumes": [{"container": "/var/lib/mysql"}] 366 | }, 367 | { 368 | "type": 1, 369 | "title": "PostgreSQL", 370 | "description": "The most advanced open-source database", 371 | "categories": ["database"], 372 | "platform": "linux", 373 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/postgres.png", 374 | "image": "postgres:latest", 375 | "env": [ 376 | { 377 | "name": "POSTGRES_USER", 378 | "label": "Superuser" 379 | }, 380 | { 381 | "name": "POSTGRES_PASSWORD", 382 | "label": "Superuser password" 383 | } 384 | ], 385 | "ports": [ 386 | "5432/tcp" 387 | ], 388 | "volumes": [{"container": "/var/lib/postgresql/data"}] 389 | }, 390 | { 391 | "type": 1, 392 | "title": "Elasticsearch", 393 | "description": "Open-source search and analytics engine", 394 | "categories": ["database"], 395 | "platform": "linux", 396 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/elasticsearch.png", 397 | "image": "elasticsearch:latest", 398 | "ports": [ 399 | "9200/tcp", 400 | "9300/tcp" 401 | ], 402 | "volumes": [{"container": "/usr/share/elasticsearch/data"}] 403 | }, 404 | { 405 | "type": 1, 406 | "title": "Gitlab CE", 407 | "description": "Open-source end-to-end software development platform", 408 | "note": "Default username is root. Check the Gitlab documentation to get started.", 409 | "categories": ["development", "project-management"], 410 | "platform": "linux", 411 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/gitlab_ce.png", 412 | "image": "gitlab/gitlab-ce:latest", 413 | "ports": [ 414 | "80/tcp", 415 | "443/tcp", 416 | "22/tcp" 417 | ], 418 | "volumes": [ 419 | { "container": "/etc/gitlab" }, 420 | { "container": "/var/log/gitlab" }, 421 | { "container": "/var/opt/gitlab" } 422 | ] 423 | }, 424 | { 425 | "type": 1, 426 | "title": "Minio", 427 | "description": "A distributed object storage server built for cloud applications and devops", 428 | "categories": ["storage", "exfiltration"], 429 | "platform": "linux", 430 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/minio.png", 431 | "image": "minio/minio:latest", 432 | "ports": [ 433 | "9000/tcp" 434 | ], 435 | "env": [ 436 | { 437 | "name": "MINIO_ACCESS_KEY", 438 | "label": "Minio access key" 439 | }, 440 | { 441 | "name": "MINIO_SECRET_KEY", 442 | "label": "Minio secret key" 443 | } 444 | ], 445 | "volumes": [{"container": "/data"}, {"container": "/root/.minio"}], 446 | "command": "server /data" 447 | }, 448 | { 449 | "type": 1, 450 | "title": "Solr", 451 | "description": "Open-source enterprise search platform", 452 | "categories": ["search-engine", "exfiltration"], 453 | "platform": "linux", 454 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/solr.png", 455 | "image": "solr:latest", 456 | "ports": [ 457 | "8983/tcp" 458 | ], 459 | "volumes": [{"container": "/opt/solr/mydata"}] 460 | }, 461 | { 462 | "type": 1, 463 | "title": "Joomla", 464 | "description": "Another free and open-source CMS", 465 | "categories": ["phishing", "deception"], 466 | "platform": "linux", 467 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/joomla.png", 468 | "image": "joomla:latest", 469 | "env": [ 470 | { 471 | "name": "JOOMLA_DB_HOST", 472 | "label": "MySQL database host", 473 | "type": "container" 474 | }, 475 | { 476 | "name": "JOOMLA_DB_PASSWORD", 477 | "label": "Database password" 478 | } 479 | ], 480 | "ports": [ 481 | "80/tcp" 482 | ], 483 | "volumes": [{"container": "/var/www/html"}] 484 | }, 485 | { 486 | "type": 1, 487 | "title": "Drupal", 488 | "description": "Open-source content management framework", 489 | "categories": ["phishing", "deception"], 490 | "platform": "linux", 491 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/drupal.png", 492 | "image": "drupal:latest", 493 | "ports": [ 494 | "80/tcp" 495 | ], 496 | "volumes": [{"container": "/var/www/html"}] 497 | }, 498 | { 499 | "type": 1, 500 | "title": "Odoo", 501 | "description": "Open-source business apps", 502 | "categories": ["project-management", "phishing"], 503 | "platform": "linux", 504 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/odoo.png", 505 | "image": "odoo:latest", 506 | "env": [ 507 | { 508 | "name": "HOST", 509 | "label": "PostgreSQL database host", 510 | "type": "container" 511 | }, 512 | { 513 | "name": "USER", 514 | "label": "Database user" 515 | }, 516 | { 517 | "name": "PASSWORD", 518 | "label": "Database password" 519 | } 520 | ], 521 | "ports": [ 522 | "8069/tcp" 523 | ], 524 | "volumes": [{"container": "/var/lib/odoo"}, {"container": "/mnt/extra-addons"}] 525 | }, 526 | { 527 | "type": 1, 528 | "title": "Urbackup", 529 | "description": "Open-source network backup", 530 | "categories": ["backup", "exfiltration"], 531 | "platform": "linux", 532 | "note": "This application web interface is exposed on the port 55414 inside the container.", 533 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/urbackup.png", 534 | "image": "cfstras/urbackup", 535 | "ports": [ 536 | "55413/tcp", "55414/tcp", "55415/tcp", "35622/tcp" 537 | ], 538 | "volumes": [{"container": "/var/urbackup"}] 539 | }, 540 | { 541 | "type": 2, 542 | "title": "Portainer Agent", 543 | "description": "Manage all the resources in your Swarm cluster", 544 | "note": "The agent will be deployed globally inside your cluster and available on port 9001.", 545 | "categories": ["portainer"], 546 | "platform": "linux", 547 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/portainer.png", 548 | "repository": { 549 | "url": "https://github.com/portainer/templates", 550 | "stackfile": "stacks/portainer-agent/docker-stack.yml" 551 | } 552 | }, 553 | { 554 | "type": 3, 555 | "title": "Wordpress", 556 | "description": "Wordpress setup with a MySQL database", 557 | "note": "Deploys a Wordpress instance connected to a MySQL database.", 558 | "categories": ["phishing", "deception"], 559 | "platform": "linux", 560 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/wordpress.png", 561 | "repository": { 562 | "url": "https://github.com/portainer/templates", 563 | "stackfile": "stacks/wordpress/docker-compose.yml" 564 | }, 565 | "env": [ 566 | { 567 | "name": "MYSQL_DATABASE_PASSWORD", 568 | "label": "Database root password", 569 | "description": "Password used by the MySQL root user." 570 | } 571 | ] 572 | } 573 | 574 | 575 | ] 576 | -------------------------------------------------------------------------------- /templates/templates.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "type": 1, 4 | "platform": "linux", 5 | "network": "redcloud_default", 6 | "title": "Metasploit - Nightly", 7 | "description": "Official bare Metasploit Alpine build. Includes beta features from dev branch.", 8 | "name": "red_msf-dev", 9 | "interactive": true, 10 | "logo": "https://yusufanilakduygu.files.wordpress.com/2016/08/capture1.jpg", 11 | "image": "metasploitframework/metasploit-framework", 12 | "restart_policy": "unless-stopped", 13 | "categories": ["offensive", "bare"], 14 | "ports": [ 15 | "4444:4444/tcp" 16 | ] 17 | }, 18 | { 19 | "type": 1, 20 | "platform": "linux", 21 | "network": "redcloud_default", 22 | "title": "Metasploit - Stable + Postgresql", 23 | "description": "Debian Metasploit build with Postgres and additional helper scripts", 24 | "name": "red_msf-postgresql", 25 | "interactive": true, 26 | "logo": "https://i.imgur.com/OE5fgz7.png", 27 | "image": "phocean/msf", 28 | "restart_policy": "unless-stopped", 29 | "categories": ["offensive", "database", "stack"], 30 | "labels": [ 31 | { "name": "traefik.frontend.rule", "value": "PathPrefixStrip:/msf" }, 32 | { "name": "traefik.port", "value": "4444" } 33 | ], 34 | "ports": [ 35 | "4444:4444/tcp" 36 | ] 37 | }, 38 | { 39 | "type": 1, 40 | "title": "Empire", 41 | "network": "redcloud_default", 42 | "platform": "linux", 43 | "description": "Pure Python & PowerShell post-exploitation", 44 | "interactive": true, 45 | "name": "red_empire", 46 | "logo": "https://i.imgur.com/XvtOqFp.png", 47 | "note": "Port 5555 opened for reverse callbacks", 48 | "image": "empireproject/empire", 49 | "restart_policy": "unless-stopped", 50 | "categories": ["offensive"], 51 | "ports": [ 52 | "5555:5555/tcp" 53 | ], 54 | "labels": [ 55 | { "name": "traefik.frontend.rule", "value": "PathPrefixStrip:/empire" }, 56 | { "name": "traefik.port", "value": "5555" } 57 | ] 58 | 59 | }, 60 | { 61 | "type": 1, 62 | "network": "redcloud_default", 63 | "title": "Sn1per", 64 | "platform": "linux", 65 | "description": "Automated pentest framework for offensive security experts", 66 | "name": "red_sn1per", 67 | "interactive": true, 68 | "logo": "https://i.imgur.com/X1fCmIv.jpg", 69 | "image": "menzo/sn1per-docker", 70 | "categories": ["offensive", "stack"], 71 | "restart_policy": "unless-stopped" 72 | }, 73 | { 74 | "type": 1, 75 | "title": "Metasploithelper", 76 | "platform": "linux", 77 | "network": "redcloud_default", 78 | "description": "MetasploitHelper is meant to assist penetration testers in network penetration tests. Comes with everything installed", 79 | "name": "red_metasploithelper", 80 | "interactive": true, 81 | "logo": "https://i.imgur.com/2GIRvgI.png", 82 | "image": "milo2012/metasploithelper", 83 | "categories": ["offensive", "stack", "util"], 84 | "restart_policy": "unless-stopped" 85 | }, 86 | { 87 | "type": 1, 88 | "title": "Pentest-tools", 89 | "platform": "linux", 90 | "network": "redcloud_default", 91 | "description": "Ubuntu build with: searchsploit, sqlmap, nmap, nikto, dnsutils, sn1per, knock, sqliv, pasko, uniscan, wpscan, ncrack, wfuzz, sublist3r, massdns", 92 | "name": "red_pentest-tools", 93 | "interactive": true, 94 | "logo": "https://i.imgur.com/oySfUtD.png", 95 | "image": "szalek/pentest-tools", 96 | "categories": ["offensive", "stack"], 97 | "restart_policy": "unless-stopped" 98 | }, 99 | { 100 | "type": 1, 101 | "platform": "linux", 102 | "network": "redcloud_default", 103 | "title": "Kali - Bare", 104 | "name": "red_kali-bare", 105 | "description": "Official Kali container. Install desired metapackages", 106 | "note": "Packages can be installed using Kali Metapackages. Use either docker attach by CLI (best) or the web terminal. Port 4444 is open by default for reverse callback payloads.", 107 | "interactive": true, 108 | "logo": "https://i.imgur.com/tmLEP0b.jpg", 109 | "image": "kalilinux/kali-linux-docker", 110 | "restart_policy": "unless-stopped", 111 | "categories": ["offensive", "bare"], 112 | "ports": [ 113 | "4444:4444/tcp" 114 | ] 115 | }, 116 | { 117 | "type": 1, 118 | "platform": "linux", 119 | "network": "redcloud_default", 120 | "title": "Kali - Full", 121 | "name": "red_kali-full", 122 | "description": "Non-Official Kali container with kali-linux-full metapackage installed, built every night", 123 | "interactive": true, 124 | "logo": "https://i.imgur.com/kcOdowg.jpg", 125 | "image": "booyaabes/kali-linux-full", 126 | "restart_policy": "unless-stopped", 127 | "categories": ["offensive", "stack"], 128 | "ports": [ 129 | "4444:4444/tcp" 130 | ] 131 | }, 132 | { 133 | "type": 1, 134 | "title": "Tor Socks Proxy", 135 | "platform": "linux", 136 | "network": "redcloud_default", 137 | "description": "The smallest (15 MB) docker image with Tor and Privoxy on Alpine Linux", 138 | "name": "red_tor-socks", 139 | "logo": "https://i.imgur.com/p3dEUKr.jpg", 140 | "note": "curl --proxy tor-socks:8118 icanhazip.com
curl --socks5 tor-socks:9050 icanhazip.com", 141 | "image": "rdsubhas/tor-privoxy-alpine", 142 | "restart_policy": "unless-stopped", 143 | "categories": ["utils", "privacy"], 144 | "ports": [ 145 | "8118:8118/tcp", 146 | "9050:9050/tcp" 147 | ] 148 | }, 149 | { 150 | "type": 1, 151 | "title": "Multi Tor Socks Proxy", 152 | "platform": "linux", 153 | "network": "redcloud_default", 154 | "description": "A multi TOR (x10) + privoxy socks proxy instances load-balancer ", 155 | "name": "red_multi-tor-socks", 156 | "logo": "https://i.imgur.com/p3dEUKr.jpg", 157 | "note": "curl --socks5 multi-tor-socks:9050 icanhazip.com", 158 | "image": "rdsubhas/tor-privoxy-alpine", 159 | "restart_policy": "unless-stopped", 160 | "categories": ["utils", "privacy"], 161 | "ports": [ 162 | "9050:9050/tcp" 163 | ] 164 | }, 165 | { 166 | "type": 1, 167 | "title": "GoPhish", 168 | "platform": "linux", 169 | "network": "redcloud_default", 170 | "description": "Open-Source Phishing Toolkit", 171 | "name": "red_gophish", 172 | "logo": "https://i.imgur.com/l21Rn2v.png", 173 | "note": "In your browser, head over to https://your-docker-machine-ip:3333. Don't forget the S in https. Default credentials: admin/gophish", 174 | "image": "matteoggl/gophish", 175 | "restart_policy": "unless-stopped", 176 | "categories": ["offensive", "phishing"], 177 | "ports": [ 178 | "3333:3333/tcp", 179 | "8083:80/tcp" 180 | ] 181 | }, 182 | { 183 | "type": 1, 184 | "title": "gscript", 185 | "platform": "linux", 186 | "network": "redcloud_default", 187 | "description": "Framework to rapidly implement custom droppers for all three major operating systems", 188 | "interactive": true, 189 | "name": "red_gscript", 190 | "logo": "https://i.imgur.com/IoI2VqG.png", 191 | "note": "Run gscript binary from the interactive shell. Don't forget to mount appropriate volumes.", 192 | "image": "gen0cide/gscript:v1", 193 | "restart_policy": "unless-stopped", 194 | "categories": ["offensive", "evasion"], 195 | "volumes": [{"container": "/root/share"}] 196 | }, 197 | { 198 | "type": 1, 199 | "title": "Spiderfoot", 200 | "platform": "linux", 201 | "network": "redcloud_default", 202 | "description": "SpiderFoot automates OSINT to find out everything possible about your target.", 203 | "name": "red_spiderfoot", 204 | "note": "In your browser, head over to https://your-docker-machine-ip:5001", 205 | "interactive": true, 206 | "logo": "https://i.imgur.com/4lffWWS.png", 207 | "image": "combro2k/alpine-spiderfoot", 208 | "restart_policy": "unless-stopped", 209 | "categories": ["offensive", "osint"], 210 | "ports": [ 211 | "5001:5001/tcp" 212 | ] 213 | }, 214 | { 215 | "type": 1, 216 | "title": "ZAP Proxy WebSwing", 217 | "network": "redcloud_default", 218 | "platform": "linux", 219 | "description": "Official in-browser version of ZAP.", 220 | "name": "red_zap-proxy", 221 | "note": "Since it is hosted on the same LAN as the target containers, usage should be faster. It is also possible to use the exposed remote proxy with a local instance of ZAP. Point your browser to http://your-docker-machine-ip:8081/?anonym=true&app=ZAP once done. If not, you will be asked to authenticate to a null account.", 222 | "interactive": true, 223 | "command": "zap-webswing.sh", 224 | "logo": "https://www.owasp.org/images/1/11/Zap128x128.png", 225 | "image": "owasp/zap2docker-stable", 226 | "restart_policy": "unless-stopped", 227 | "categories": ["offensive", "webserver", "bare"], 228 | "ports": [ 229 | "8081:8080/tcp", 230 | "8090:8090/tcp" 231 | ] 232 | }, 233 | { 234 | "type": 1, 235 | "title": "Ubuntu Web VNC", 236 | "platform": "linux", 237 | "network": "redcloud_default", 238 | "description": "Docker container images with VNC and http NoVNC", 239 | "name": "red_ubuntu-vnc", 240 | "logo": "https://i.imgur.com/KfWzNDU.jpg", 241 | "note": "Connect to :1 display with vncviewer. NoVNC: http://your-docker-machine-ip:6901/vnc.html, default password: vncpassword", 242 | "image": "consol/ubuntu-xfce-vnc", 243 | "restart_policy": "unless-stopped", 244 | "categories": ["utils"], 245 | "ports": [ 246 | "5901:5901/tcp", 247 | "6901:6901/tcp" 248 | ] 249 | }, 250 | { 251 | "type": 1, 252 | "title": "Kali Web noVNC + LXDE", 253 | "platform": "linux", 254 | "network": "redcloud_default", 255 | "description": "Kali Docker container with minimal LXDE", 256 | "name": "red_kali-vnc", 257 | "logo": "https://i.imgur.com/tmLEP0b.jpg", 258 | "note": "From your web browser: http://your-docker-machine-ip:6080", 259 | "image": "jgamblin/kalibrowser-lxde", 260 | "restart_policy": "unless-stopped", 261 | "categories": ["offensive", "bare", "utils"], 262 | "ports": [ 263 | "6080:6080/tcp" 264 | ] 265 | }, 266 | { 267 | "type": 1, 268 | "network": "redcloud_default", 269 | "title": "Lockdoor Framework", 270 | "platform": "linux", 271 | "description": "Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources", 272 | "name": "red_lockdoor", 273 | "interactive": true, 274 | "logo": "https://i.imgur.com/B5uKiEv.png", 275 | "image": "sofianehamlaoui/lockdoor", 276 | "categories": ["offensive", "privacy"], 277 | "restart_policy": "unless-stopped" 278 | }, 279 | { 280 | "type": 1, 281 | "title": "DVWA", 282 | "platform": "linux", 283 | "network": "redcloud_default", 284 | "description": "Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable", 285 | "name": "red_vuln-dvwa", 286 | "logo": "https://linuxsecurityblog.files.wordpress.com/2016/01/dvwa.jpg", 287 | "note": "Point your browser to http://your-docker-machine-ip:8082 to access it. To start using: Generate DB from the web interface, Login using admin/password. Select DVWA Security in the left menu, set your difficulty level.", 288 | "image": "vulnerables/web-dvwa", 289 | "restart_policy": "unless-stopped", 290 | "categories": ["vulnerable", "webserver"], 291 | "ports": [ 292 | "8082:80/tcp" 293 | ] 294 | }, 295 | { 296 | "type": 1, 297 | "title": "JuiceShop", 298 | "platform": "linux", 299 | "network": "redcloud_default", 300 | "description": "OWASP Juice Shop is an intentionally insecure web application written entirely in JavaScript which encompasses the entire range of OWASP Top Ten and other severe security flaws.", 301 | "name": "red_vuln-juiceshop", 302 | "logo": "https://www.owasp.org/images/6/66/JuiceShop_Logo.png", 303 | "note": "Point your browser to http://your-docker-machine-ip:8084 to access it.", 304 | "image": "bkimminich/juice-shop", 305 | "restart_policy": "unless-stopped", 306 | "categories": ["vulnerable", "webserver"], 307 | "ports": [ 308 | "8084:3000/tcp" 309 | ] 310 | }, 311 | { 312 | "type": 1, 313 | "title": "Vulnerable Wordpress", 314 | "platform": "linux", 315 | "network": "redcloud_default", 316 | "description": "Vulnerable WordPress Installation", 317 | "name": "red_vuln-wp", 318 | "logo": "https://i.imgur.com/0DpXEE4.png", 319 | "note": "Point your browser to http://your-docker-machine-ip:8085 to access it.", 320 | "image": "wpscanteam/vulnerablewordpress", 321 | "restart_policy": "unless-stopped", 322 | "categories": ["vulnerable", "webserver"], 323 | "ports": [ 324 | "8085:80/tcp", 325 | "3306:3306/tcp" 326 | ] 327 | }, 328 | { 329 | "type": 1, 330 | "title": "Vulnerable Shellshock", 331 | "platform": "linux", 332 | "network": "redcloud_default", 333 | "description": "Vulnerable Shellshock Installation - CVE-2014-6271", 334 | "name": "red_vuln-shellshock", 335 | "logo": "https://i.imgur.com/waYl54r.png", 336 | "note": "Point your browser to http://your-docker-machine-ip:8086 to access it.", 337 | "image": "hmlio/vaas-cve-2014-6271", 338 | "restart_policy": "unless-stopped", 339 | "categories": ["vulnerable", "webserver"], 340 | "ports": [ 341 | "8086:80/tcp" 342 | ] 343 | }, 344 | { 345 | "type": 1, 346 | "title": "Vulnerable SambaCry", 347 | "platform": "linux", 348 | "network": "redcloud_default", 349 | "description": "Vulnerable Samba Installation - CVE-2017-7494", 350 | "name": "red_vuln-samba", 351 | "logo": "https://media.ilsoftware.it/images/500x500/img_15843.jpg", 352 | "note": "If you want to access, use the following credentials. User: sambacry Password: nosambanocry", 353 | "image": "hmlio/vulnerables/cve-2017-7494", 354 | "restart_policy": "unless-stopped", 355 | "categories": ["vulnerable", "smb"], 356 | "ports": [ 357 | "445:445/tcp", 358 | "137:137/tcp", 359 | "138:138/tcp", 360 | "139:139/tcp", 361 | "6699:6699/tcp" 362 | ] 363 | }, 364 | { 365 | "type": 1, 366 | "title": "OWASP Mutillidae II", 367 | "platform": "linux", 368 | "network": "redcloud_default", 369 | "description": "Docker container for OWASP Mutillidae II Web Pen-Test Practice Application", 370 | "name": "red_vuln-mutillidae", 371 | "logo": "https://i.imgur.com/SFDsPDQ.jpg", 372 | "note": "Point your browser to http://your-docker-machine-ip:8087 to access it.", 373 | "image": "citizenstig/nowasp", 374 | "restart_policy": "unless-stopped", 375 | "categories": ["vulnerable", "smb"], 376 | "ports": [ 377 | "8087:80/tcp", 378 | "3306:3306/tcp" 379 | ], 380 | "env": [ 381 | { 382 | "name": "MYSQL_PASS", 383 | "label": "Database root password", 384 | "description": "Password used by the MySQL root user.", 385 | "default": "Chang3ME!", 386 | "preset": false 387 | } 388 | ] 389 | }, 390 | { 391 | "type": 1, 392 | "title": "Network Utilities", 393 | "platform": "linux", 394 | "network": "redcloud_default", 395 | "description": "A lightweight docker container with a set of networking tools
Use /bin/sh", 396 | "interactive": true, 397 | "name": "red_netutils", 398 | "logo": "https://i.imgur.com/XXaSxlw.png", 399 | "note": "This is designed to be an interactive debuigging container", 400 | "image": "flungo/netutils", 401 | "restart_policy": "unless-stopped", 402 | "categories": ["utils", "privacy"] 403 | }, 404 | { 405 | "type": 1, 406 | "title": "SoftEtherVPN", 407 | "name": "red_softethervpn", 408 | "network": "redcloud_default", 409 | "description": "A simple SoftEther VPN server", 410 | "categories": ["vpn", "utils", "privacy"], 411 | "platform": "linux", 412 | "logo": "https://i.imgur.com/zzhyywo.jpg", 413 | "image": "siomiz/softethervpn", 414 | "privileged": true, 415 | "ports": [ 416 | "500:500/udp", 417 | "4500:4500/udp", 418 | "1701:1701/tcp", 419 | "1194:1194/udp", 420 | "5555:5555/tcp" 421 | ] 422 | }, 423 | { 424 | "type": 1, 425 | "title": "Cowrie Honeypot", 426 | "name": "red_cowrie", 427 | "network": "redcloud_default", 428 | "interactive": true, 429 | "description": "SSH Honeypot that logs authentication attempts and interactions", 430 | "categories": ["honeypot", "deception"], 431 | "platform": "linux", 432 | "logo": "https://i.imgur.com/GaYgbXo.png", 433 | "image": "cowrie/cowrie", 434 | "ports": [ 435 | "2222:2222/tcp" 436 | ] 437 | }, 438 | { 439 | "type": 1, 440 | "title": "Endlessh tarpit", 441 | "name": "red_endlessh", 442 | "network": "redcloud_default", 443 | "description": "SSH tarpit that slowly sends an endless banner", 444 | "categories": ["deception"], 445 | "platform": "linux", 446 | "logo": "https://i.imgur.com/lsGCqxD.png", 447 | "image": "d3lta/endlessh-docker", 448 | "ports": [ 449 | "2223:22/tcp" 450 | ] 451 | }, 452 | { 453 | "type": 1, 454 | "title": "Beagle", 455 | "name": "red_beagle", 456 | "network": "redcloud_default", 457 | "description": "Incident response and digital forensics tool which transforms data sources and logs into graphs. Supported data sources include FireEye HX Triages, Windows EVTX files, SysMon logs and Raw Windows memory images.", 458 | "note": "Point your browser to http://your-docker-machine-ip:8000 to access it.", 459 | "categories": ["utils", "dfir", "osint"], 460 | "platform": "linux", 461 | "logo": "https://i.imgur.com/QDBYkY1.jpg", 462 | "image": "yampelo/beagle", 463 | "ports": [ 464 | "8000:8000/tcp" 465 | ] 466 | }, 467 | { 468 | "type": 1, 469 | "title": "Nginx", 470 | "description": "High performance web server", 471 | "categories": ["webserver"], 472 | "platform": "linux", 473 | "network": "redcloud_default", 474 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/nginx.png", 475 | "image": "nginx:latest", 476 | "ports": [ 477 | "80/tcp", 478 | "443/tcp" 479 | ], 480 | "volumes": [{"container": "/etc/nginx"}, {"container": "/usr/share/nginx/html"}] 481 | }, 482 | { 483 | "type": 1, 484 | "title": "Httpd", 485 | "network": "redcloud_default", 486 | "description": "Open-source HTTP server", 487 | "categories": ["webserver"], 488 | "platform": "linux", 489 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/httpd.png", 490 | "image": "httpd:latest", 491 | "ports": [ 492 | "80/tcp" 493 | ], 494 | "volumes": [{"container": "/usr/local/apache2/htdocs/"}] 495 | }, 496 | { 497 | "type": 1, 498 | "title": "Caddy", 499 | "network": "redcloud_default", 500 | "description": "HTTP/2 web server with automatic HTTPS", 501 | "categories": ["webserver"], 502 | "platform": "linux", 503 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/caddy.png", 504 | "image": "abiosoft/caddy:latest", 505 | "ports": [ 506 | "80/tcp", "443/tcp", "2015/tcp" 507 | ], 508 | "volumes": [{"container": "/root/.caddy"}] 509 | }, 510 | { 511 | "type": 1, 512 | "title": "MySQL", 513 | "network": "redcloud_default", 514 | "description": "The most popular open-source database", 515 | "categories": ["database"], 516 | "platform": "linux", 517 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/mysql.png", 518 | "image": "mysql:latest", 519 | "env": [ 520 | { 521 | "name": "MYSQL_ROOT_PASSWORD", 522 | "label": "Root password" 523 | } 524 | ], 525 | "ports": [ 526 | "3306/tcp" 527 | ], 528 | "volumes": [{"container": "/var/lib/mysql"}] 529 | }, 530 | { 531 | "type": 1, 532 | "title": "PostgreSQL", 533 | "network": "redcloud_default", 534 | "description": "The most advanced open-source database", 535 | "categories": ["database"], 536 | "platform": "linux", 537 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/postgres.png", 538 | "image": "postgres:latest", 539 | "env": [ 540 | { 541 | "name": "POSTGRES_USER", 542 | "label": "Superuser" 543 | }, 544 | { 545 | "name": "POSTGRES_PASSWORD", 546 | "label": "Superuser password" 547 | } 548 | ], 549 | "ports": [ 550 | "5432/tcp" 551 | ], 552 | "volumes": [{"container": "/var/lib/postgresql/data"}] 553 | }, 554 | { 555 | "type": 1, 556 | "title": "Elasticsearch", 557 | "network": "redcloud_default", 558 | "description": "Open-source search and analytics engine", 559 | "categories": ["database"], 560 | "platform": "linux", 561 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/elasticsearch.png", 562 | "image": "elasticsearch:latest", 563 | "ports": [ 564 | "9200/tcp", 565 | "9300/tcp" 566 | ], 567 | "volumes": [{"container": "/usr/share/elasticsearch/data"}] 568 | }, 569 | { 570 | "type": 1, 571 | "title": "Gitlab CE", 572 | "network": "redcloud_default", 573 | "description": "Open-source end-to-end software development platform", 574 | "note": "Default username is root. Check the Gitlab documentation to get started.", 575 | "categories": ["development", "project-management"], 576 | "platform": "linux", 577 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/gitlab_ce.png", 578 | "image": "gitlab/gitlab-ce:latest", 579 | "ports": [ 580 | "80/tcp", 581 | "443/tcp", 582 | "22/tcp" 583 | ], 584 | "volumes": [ 585 | { "container": "/etc/gitlab" }, 586 | { "container": "/var/log/gitlab" }, 587 | { "container": "/var/opt/gitlab" } 588 | ] 589 | }, 590 | { 591 | "type": 1, 592 | "title": "Minio", 593 | "network": "redcloud_default", 594 | "description": "A distributed object storage server built for cloud applications and devops", 595 | "categories": ["storage", "exfiltration"], 596 | "platform": "linux", 597 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/minio.png", 598 | "image": "minio/minio:latest", 599 | "ports": [ 600 | "9000/tcp" 601 | ], 602 | "env": [ 603 | { 604 | "name": "MINIO_ACCESS_KEY", 605 | "label": "Minio access key" 606 | }, 607 | { 608 | "name": "MINIO_SECRET_KEY", 609 | "label": "Minio secret key" 610 | } 611 | ], 612 | "volumes": [{"container": "/data"}, {"container": "/root/.minio"}], 613 | "command": "server /data" 614 | }, 615 | { 616 | "type": 1, 617 | "title": "Solr", 618 | "network": "redcloud_default", 619 | "description": "Open-source enterprise search platform", 620 | "categories": ["search-engine", "exfiltration"], 621 | "platform": "linux", 622 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/solr.png", 623 | "image": "solr:latest", 624 | "ports": [ 625 | "8983/tcp" 626 | ], 627 | "volumes": [{"container": "/opt/solr/mydata"}] 628 | }, 629 | { 630 | "type": 1, 631 | "title": "Joomla", 632 | "network": "redcloud_default", 633 | "description": "Another free and open-source CMS", 634 | "categories": ["phishing", "deception"], 635 | "platform": "linux", 636 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/joomla.png", 637 | "image": "joomla:latest", 638 | "env": [ 639 | { 640 | "name": "JOOMLA_DB_HOST", 641 | "label": "MySQL database host", 642 | "type": "container" 643 | }, 644 | { 645 | "name": "JOOMLA_DB_PASSWORD", 646 | "label": "Database password" 647 | } 648 | ], 649 | "ports": [ 650 | "80/tcp" 651 | ], 652 | "volumes": [{"container": "/var/www/html"}] 653 | }, 654 | { 655 | "type": 1, 656 | "title": "Drupal", 657 | "network": "redcloud_default", 658 | "description": "Open-source content management framework", 659 | "categories": ["phishing", "deception"], 660 | "platform": "linux", 661 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/drupal.png", 662 | "image": "drupal:latest", 663 | "ports": [ 664 | "80/tcp" 665 | ], 666 | "volumes": [{"container": "/var/www/html"}] 667 | }, 668 | { 669 | "type": 1, 670 | "title": "Odoo", 671 | "network": "redcloud_default", 672 | "description": "Open-source business apps", 673 | "categories": ["project-management", "phishing"], 674 | "platform": "linux", 675 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/odoo.png", 676 | "image": "odoo:latest", 677 | "env": [ 678 | { 679 | "name": "HOST", 680 | "label": "PostgreSQL database host", 681 | "type": "container" 682 | }, 683 | { 684 | "name": "USER", 685 | "label": "Database user" 686 | }, 687 | { 688 | "name": "PASSWORD", 689 | "label": "Database password" 690 | } 691 | ], 692 | "ports": [ 693 | "8069/tcp" 694 | ], 695 | "volumes": [{"container": "/var/lib/odoo"}, {"container": "/mnt/extra-addons"}] 696 | }, 697 | { 698 | "type": 1, 699 | "title": "Urbackup", 700 | "network": "redcloud_default", 701 | "description": "Open-source network backup", 702 | "categories": ["backup", "exfiltration"], 703 | "platform": "linux", 704 | "note": "This application web interface is exposed on the port 55414 inside the container.", 705 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/urbackup.png", 706 | "image": "cfstras/urbackup", 707 | "ports": [ 708 | "55413/tcp", "55414/tcp", "55415/tcp", "35622/tcp" 709 | ], 710 | "volumes": [{"container": "/var/urbackup"}] 711 | }, 712 | { 713 | "type": 2, 714 | "title": "Portainer Agent", 715 | "network": "redcloud_default", 716 | "description": "Manage all the resources in your Swarm cluster", 717 | "note": "The agent will be deployed globally inside your cluster and available on port 9001.", 718 | "categories": ["portainer"], 719 | "platform": "linux", 720 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/portainer.png", 721 | "repository": { 722 | "url": "https://github.com/portainer/templates", 723 | "stackfile": "stacks/portainer-agent/docker-stack.yml" 724 | } 725 | }, 726 | { 727 | "type": 3, 728 | "title": "Wordpress", 729 | "network": "redcloud_default", 730 | "description": "Wordpress setup with a MySQL database", 731 | "note": "Deploys a Wordpress instance connected to a MySQL database.", 732 | "categories": ["phishing", "deception"], 733 | "platform": "linux", 734 | "logo": "https://portainer-io-assets.sfo2.digitaloceanspaces.com/logos/wordpress.png", 735 | "repository": { 736 | "url": "https://github.com/portainer/templates", 737 | "stackfile": "stacks/wordpress/docker-compose.yml" 738 | }, 739 | "env": [ 740 | { 741 | "name": "MYSQL_DATABASE_PASSWORD", 742 | "label": "Database root password", 743 | "description": "Password used by the MySQL root user." 744 | } 745 | ] 746 | } 747 | 748 | 749 | ] 750 | -------------------------------------------------------------------------------- /traefik/.htpasswd: -------------------------------------------------------------------------------- 1 | 2 | admin:$apr1$4YJyomU4$FdUTOixMsICBBBz9PHJLH0 -------------------------------------------------------------------------------- /traefik/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM traefik:alpine 2 | 3 | COPY traefik.toml /etc/traefik/traefik.toml 4 | # admin:Redcloud 5 | COPY .htpasswd /etc/traefik/.htpasswd 6 | CMD ["traefik"] -------------------------------------------------------------------------------- /traefik/traefik.toml: -------------------------------------------------------------------------------- 1 | defaultEntryPoints = ["http", "https"] 2 | logLevel = "DEBUG" 3 | 4 | [traefikLog] 5 | filePath = "/logs/traefik.log" 6 | 7 | [accessLog] 8 | filePath = "/logs/access.log" 9 | 10 | [entryPoints.api] 11 | address = ":8081" 12 | [entryPoints] 13 | [entryPoints.http] 14 | address = ":80" 15 | [entryPoints.http.redirect] 16 | entryPoint = "https" 17 | rule = "Path:/,/files,/api" 18 | [entryPoints.https] 19 | address = ":443" 20 | [entryPoints.https.tls] 21 | [[entryPoints.https.tls.certificates]] 22 | ca = "/certs/ca.pem" 23 | caOptional = true 24 | certFile = "/certs/cert.pem" 25 | keyFile = "/certs/key.pem" 26 | insecureSkipVerify = true 27 | 28 | 29 | [docker] 30 | endpoint = "unix:///var/run/docker.sock" 31 | domain = "docker.localhost" 32 | exposedByDefault = true 33 | 34 | [api] 35 | entryPoint = "api" 36 | 37 | 38 | -------------------------------------------------------------------------------- /utils/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SelfhostedPro/Redcloud/c996e07de453216fd7f669a3337b95a3f115635d/utils/__init__.py -------------------------------------------------------------------------------- /utils/colors.py: -------------------------------------------------------------------------------- 1 | class colors: 2 | '''Colors class: 3 | reset all colors with colors.reset 4 | two subclasses fg for foreground and bg for background. 5 | use as colors.subclass.colorname. 6 | i.e. colors.fg.red or colors.bg.green 7 | also, the generic bold, disable, underline, reverse, strikethrough, 8 | and invisible work with the main class 9 | i.e. colors.bold 10 | ''' 11 | reset='\033[0m' 12 | bold='\033[01m' 13 | disable='\033[02m' 14 | underline='\033[04m' 15 | reverse='\033[07m' 16 | strikethrough='\033[09m' 17 | invisible='\033[08m' 18 | class fg: 19 | black='\033[30m' 20 | red='\033[31m' 21 | green='\033[32m' 22 | orange='\033[33m' 23 | blue='\033[34m' 24 | purple='\033[35m' 25 | cyan='\033[36m' 26 | lightgrey='\033[37m' 27 | darkgrey='\033[90m' 28 | lightred='\033[91m' 29 | lightgreen='\033[92m' 30 | yellow='\033[93m' 31 | lightblue='\033[94m' 32 | pink='\033[95m' 33 | lightcyan='\033[96m' 34 | class bg: 35 | black='\033[40m' 36 | red='\033[41m' 37 | green='\033[42m' 38 | orange='\033[43m' 39 | blue='\033[44m' 40 | purple='\033[45m' 41 | cyan='\033[46m' 42 | lightgrey='\033[47m' 43 | @staticmethod 44 | def good_news(self, news): 45 | ''' 46 | Print a Success 47 | ''' 48 | print(self.bold + self.fg.green + "[>] " + self.reset + news) 49 | @staticmethod 50 | def bad_news(self, news): 51 | ''' 52 | Print a Failure, error 53 | ''' 54 | print(self.bold + self.fg.red + "[!] " + self.reset + news) 55 | @staticmethod 56 | def info_news(self, news): 57 | ''' 58 | Print an information with grey text 59 | ''' 60 | print(self.bold + self.fg.lightblue + "[~] " + self.reset + self.fg.lightgrey + news + self.reset) 61 | @staticmethod 62 | def question_news(self, news): 63 | ''' 64 | Print an information with yellow text 65 | ''' 66 | print(self.bold + self.fg.blue + "[?] " + self.reset + self.fg.yellow + news + self.reset) 67 | @staticmethod 68 | def menu_item(self, num, title): 69 | ''' 70 | Print Menu items with their menu index 71 | ''' 72 | import os 73 | if "docker-machine" in title: 74 | if "DOCKER_MACHINE_NAME" in os.environ: 75 | print("\t" + self.bold + self.fg.red + "[" + self.fg.yellow + num + self.fg.red + "] " + self.fg.yellow + title + self.reset) 76 | else: 77 | print("\t" + self.bold + self.fg.red + "[" + self.fg.lightgrey + num + self.fg.red + "] " + self.reset + title) 78 | else: 79 | print("\t" + self.bold + self.fg.red + "[" + self.fg.lightgrey + num + self.fg.red + "] " + self.reset + title) --------------------------------------------------------------------------------