├── .github └── CODEOWNERS ├── AttackDeploy ├── Dockerfile ├── README.md └── docker-compose.yml ├── CODEOWNERS ├── DA-Toolkit ├── Dockerfile └── README.md ├── ITHC ├── Dockerfile └── README.md ├── InstallDocker.sh ├── InternalInf ├── Dockerfile └── README.md ├── LICENSE └── README.md /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @zephrfish 2 | -------------------------------------------------------------------------------- /AttackDeploy/Dockerfile: -------------------------------------------------------------------------------- 1 | # Set up the basics 2 | # Leverage Kali Base Image 3 | FROM kalilinux/kali-linux-docker:latest 4 | 5 | # Update off the bat. Don't dist-upgrade with docker. 6 | RUN apt-get update && apt-get upgrade -y 7 | 8 | # Install the Core 9 | RUN apt-get update && apt-get install -y \ 10 | sudo git wget curl git zip ccze byobu zsh golang \ 11 | ufw python-pip nikto dotdotpwn jsql nmap sqlmap sqlninja thc-ipv6 hydra dirb 12 | 13 | # Make Directory Structure 14 | RUN mkdir /usr/share/wordlists && mkdir -p /usr/share/tools/scripts/ 15 | 16 | # Pull Wordlists 17 | RUN git clone https://github.com/danielmiessler/SecLists /usr/share/wordlists/seclists 18 | RUN git clone https://github.com/danielmiessler/RobotsDisallowed /usr/share/wordlists/robotsdisallowed 19 | RUN cd /usr/share/wordlists/seclists/Passwords/Leaked-Databases && tar xvzf rockyou.txt.tar.gz 20 | 21 | # Set up DNS Tooling 22 | ### Building Aquatone 23 | FROM ruby 24 | WORKDIR / 25 | 26 | # Prepare 27 | RUN apt-get update && apt-get upgrade -y 28 | 29 | # Install normal Packages needed 30 | RUN apt-get update && apt-get install -y -u \ 31 | apt-utils unzip nodejs wget curl jruby nano screen htop openssl git 32 | 33 | # Install nodejs 34 | RUN curl -sL https://deb.nodesource.com/setup_8.x | bash - 35 | RUN apt-get update && apt-get install -y nodejs 36 | 37 | # Installing the packages needed to run Nightmare 38 | RUN apt-get update && apt-get install -y \ 39 | xvfb \ 40 | x11-xkb-utils \ 41 | xfonts-100dpi \ 42 | xfonts-75dpi \ 43 | xfonts-scalable \ 44 | xfonts-cyrillic \ 45 | x11-apps \ 46 | clang \ 47 | libdbus-1-dev \ 48 | libgtk2.0-dev \ 49 | libnotify-dev \ 50 | libgnome-keyring-dev \ 51 | libgconf2-dev \ 52 | libasound2-dev \ 53 | libcap-dev \ 54 | libcups2-dev \ 55 | libxtst-dev \ 56 | libxss1 \ 57 | libnss3-dev \ 58 | gcc-multilib \ 59 | g++-multilib 60 | 61 | # Use aq domain.com to automated all options of aquatone. 62 | RUN wget "https://gist.githubusercontent.com/random-robbie/beae1991e9ad139c6168c385d8a31f7d/raw/" -O /bin/aq 63 | RUN chmod 777 /bin/aq 64 | 65 | #install aquatone 66 | RUN gem install aquatone 67 | 68 | # Clone down other DNS tooling 69 | RUN mkdir -p /usr/share/tools/DNS 70 | RUN git clone https://github.com/lorenzog/dns-parallel-prober /usr/share/tools/DNS/dnsq 71 | RUN git clone https://github.com/aboul3la/Sublist3r /usr/share/tools/DNS/sublist3r 72 | RUN git clone https://github.com/guelfoweb/knock /usr/share/tools/DNS/knock 73 | RUN git clone https://github.com/anshumanbh/brutesubs /usr/share/tools/DNS/brutesubs 74 | RUN git clone https://github.com/jhaddix/domain /usr/share/tools/DNS/domain 75 | RUN apt-get update && apt-get install -y fierce || true 76 | 77 | # CMS Tooling 78 | RUN mkdir -p /usr/share/tools/CMS 79 | RUN git clone https://github.com/droope/droopescan /usr/share/tools/CMS/droopscan 80 | RUN apt-get update && apt-get install -y wpscan || true 81 | RUN git clone https://github.com/Dionach/CMSmap /usr/share/tools/CMS/cmsmap 82 | 83 | # Directory Busting 84 | RUN mkdir -p /usr/share/tools/DirBusting 85 | RUN apt-get update && apt-get install -y dirb || true 86 | RUN git clone https://github.com/OJ/gobuster /usr/share/tools/DirBusting/gobuster 87 | RUN git clone https://github.com/henshin/filebuster /usr/share/tools/DirBusting/filebuster 88 | 89 | # Git Recon 90 | RUN mkdir /usr/share/tools/gitint 91 | RUN git clone https://github.com/libcrack/gitrecon /usr/share/tools/gitint/gitrecon 92 | RUN git clone https://github.com/dxa4481/truffleHog /usr/share/tools/gitint/trufflehog 93 | RUN git clone https://github.com/michenriksen/gitrob /usr/share/tools/gitint/gitrob 94 | 95 | 96 | # OSINT Tooling 97 | RUN mkdir -p /usr/share/tools/OSINT 98 | RUN apt-get update && apt-get install -y recon-ng || true 99 | RUN git clone https://github.com/smicallef/spiderfoot /usr/share/tools/OSINT/spiderfoot 100 | RUN git clone https://github.com/ZephrFish/GoogD0rker /usr/share/tools/OSINT/googd0rk 101 | RUN git clone https://github.com/GerbenJavado/LinkFinder /usr/share/tools/OSINT/linkfinder 102 | 103 | # HTTP Analysis 104 | RUN mkdir /usr/share/tools/HTTPAnal 105 | RUN git clone https://github.com/ChrisTruncer/EyeWitness /usr/share/tools/HTTPAnal/eyewitness 106 | RUN git clone https://github.com/robertdavidgraham/masscan /usr/share/tools/HTTPAnal/masscan 107 | 108 | # Optional 109 | # BBF Tooling (There will be some dupes SORRY! 110 | RUN mkdir -p /usr/share/tools/BBF && \ 111 | cd /usr/share/tools/BBF && \ 112 | for y in $(wget https://bugbountyforum.com/tools/ && grep "/tools/" index.html | cut -d "=" -f 2 | cut -d "/" -f 2,3 | grep -v ">"); do wget https://bugbountyforum.com/$y; done && for x in $(ls); do grep "href=" $x | cut -d "=" -f 2 | grep github.com | cut -d "/" -f 3,4,5 | cut -d " " -f 1 |sed -e 's/^"//' -e 's/"$//' | grep -v "gist" >> Repos.txt; done && for a in $(cat Repos.txt);do git clone https://$a; done && find . -maxdepth 1 -type f -delete 113 | RUN echo "That's all folks! You're good to go hack the planet!" 114 | 115 | # set to bash so you can set keys before running aquatone. 116 | ENTRYPOINT ["/bin/bash"] 117 | 118 | # Set working directory 119 | WORKDIR /root/ 120 | -------------------------------------------------------------------------------- /AttackDeploy/README.md: -------------------------------------------------------------------------------- 1 | # AttackDeploy Server Deployment Kit 2 | 3 | Includes Basic tooling for an attack server deployment 4 | Inspiration taken from https://www.pentestpartners.com/security-blog/docker-for-hackers-a-pen-testers-guide/ 5 | 6 | # How to Build 7 | 8 | ``` 9 | docker build -t dockerattack/attackdeploy $(pwd)/ 10 | ``` 11 | 12 | # How to Run 13 | 14 | ``` 15 | docker run -ti -p 80:80 -p 443:443 -p 8080:8080 -v /tmp/AttackDeploy:/home/AttackDeploy dockerattack/attackdeploy 16 | ``` 17 | 18 | # Compose 19 | 20 | Use [`docker-compose`](https://github.com/docker/compose/releases/) 21 | to simplify this process and create a persistent `attackdeploy` container: 22 | 23 | ```bash 24 | # pull & build images, create container 25 | docker-compose up --build --no-start attackdeploy 26 | # run container 27 | docker run -ai attackdeploy 28 | ``` 29 | -------------------------------------------------------------------------------- /AttackDeploy/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.2' 2 | services: 3 | attackdeploy: 4 | container_name: attackdeploy 5 | image: dockerattack/attackdeploy:latest 6 | build: 7 | context: . 8 | cache_from: # compose-file>=3.2 9 | - kalilinux/kali-linux-docker:latest 10 | - dockerattack/attackdeploy:latest 11 | ports: 12 | - 80:80 13 | - 443:443 14 | - 8080:8080 15 | stdin_open: true 16 | tty: true 17 | volumes: 18 | - /tmp/AttackDeploy:/home/AttackDeploy 19 | - /tmp/.X11-unix:/tmp/.X11-unix 20 | - /tmp/.docker.xauth:/tmp/.docker.xauth 21 | environment: 22 | - DISPLAY 23 | -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @zephrfish 2 | -------------------------------------------------------------------------------- /DA-Toolkit/Dockerfile: -------------------------------------------------------------------------------- 1 | # Kali 2 | FROM kalilinux/kali-linux-docker:latest 3 | 4 | # Update and apt install programs. Don't dist-upgrade with docker. 5 | RUN apt-get update && apt-get upgrade -y && apt-get install -y \ 6 | exploitdb \ 7 | exploitdb-bin-sploits \ 8 | git \ 9 | gdb \ 10 | gobuster \ 11 | hashcat \ 12 | john \ 13 | hydra \ 14 | man-db \ 15 | python-impacket \ 16 | minicom \ 17 | nasm \ 18 | nmap \ 19 | sqlmap \ 20 | sslscan \ 21 | wordlists 22 | 23 | # Make Attacky things 24 | RUN mkdir /usr/share/tools/ && cd /usr/share/tools/ && \ 25 | git clone https://github.com/trustedsec/hate_crack && \ 26 | git clone https://github.com/EmpireProject/Empire && \ 27 | git clone https://github.com/byt3bl33d3r/DeathStar && \ 28 | git clone https://github.com/lgandx/Responder && \ 29 | git clone https://github.com/Kevin-Robertson/Inveigh && \ 30 | git clone https://github.com/nettitude/PoshC2 && \ 31 | git clone https://github.com/CoreSecurity/impacket && \ 32 | wget https://medium.com/@adam.toscher/top-five-ways-i-got-domain-admin-on-your-internal-network-before-lunch-2018-edition-82259ab73aaa -O /usr/share/tools/DA.html 33 | git clone https://github.com/fox-it/mitm6 && \ 34 | git clone https://github.com/nccgroup/redsnarf && \ 35 | git clone https://github.com/Neohapsis/creddump7 && \ 36 | git clone https://github.com/purpleteam/snarf 37 | 38 | RUN echo "Lets get some hashes!" 39 | -------------------------------------------------------------------------------- /DA-Toolkit/README.md: -------------------------------------------------------------------------------- 1 | # Quick DA Toolkit 2 | Some tooling for quick Domain Admin wins, plus a blog post on how to use some of the tools 3 | 4 | # No Guarantees that this will work... 5 | -------------------------------------------------------------------------------- /ITHC/Dockerfile: -------------------------------------------------------------------------------- 1 | # From the Kali linux base image 2 | FROM kalilinux/kali-linux-docker:latest 3 | 4 | # Update and apt install programs. Don't dist-upgrade with docker. 5 | RUN apt-get update && apt-get upgrade -y && apt-get install -y \ 6 | exploitdb \ 7 | exploitdb-bin-sploits \ 8 | git \ 9 | gdb \ 10 | golang \ 11 | ccze \ 12 | byobu \ 13 | gobuster \ 14 | hashcat \ 15 | hydra \ 16 | man-db \ 17 | minicom \ 18 | nasm \ 19 | nmap \ 20 | yersinia \ 21 | tshark \ 22 | arp-scan \ 23 | ethtool \ 24 | vlan \ 25 | sqlmap \ 26 | sslscan \ 27 | wordlists \ 28 | tmux \ 29 | python \ 30 | thc-ipv6 31 | 32 | # Create known_hosts for git cloning 33 | RUN mkdir /root/.ssh/ && touch /root/.ssh/known_hosts 34 | 35 | # Add host keys 36 | RUN ssh-keyscan bitbucket.org >> /root/.ssh/known_hosts 37 | RUN ssh-keyscan github.com >> /root/.ssh/known_hosts 38 | 39 | # Clone git repos 40 | # Set up folders for BR/Seg/Inf 41 | RUN mkdir -p /usr/share/tools/NetSeg/ 42 | RUN git clone https://github.com/commonexploits/vlan-hopping /usr/share/tools/NetSeg/vlanhop 43 | RUN mkdir /usr/share/tools/BuildReview/ 44 | RUN wget https://raw.githubusercontent.com/ZephrFish/RandomScripts/master/UbuntuBR.sh -O /usr/share/tools/BuildReview/UbntBR.sh 45 | 46 | # Pull down prettifier scripts 47 | RUN mkdir /usr/share/tools/reporting 48 | RUN git clone https://github.com/cornerpirate/ReportCompiler /usr/share/tools/reporting/rc 49 | RUN git clone https://github.com/cornerpirate/nmap-summariser /usr/share/tools/reporting/nmapsum 50 | 51 | # Wordlists 52 | RUN git clone https://github.com/danielmiessler/SecLists /usr/share/wordlists/seclists 53 | RUN git clone https://github.com/danielmiessler/RobotsDisallowed /usr/share/wordlists/robotsdisallowed 54 | RUN cd /usr/share/wordlists/seclists/Passwords/Leaked-Databases && tar xvzf rockyou.txt.tar.gz 55 | 56 | # Set entrypoint and working directory 57 | WORKDIR /root/ 58 | 59 | # Expose the Key ports 60 | # Web Ports for Fun 61 | EXPOSE 80/tcp 443/tcp 8080/tcp 62 | -------------------------------------------------------------------------------- /ITHC/README.md: -------------------------------------------------------------------------------- 1 | # Some basic tooling for conducting IT Health Checks 2 | Includes BuildReview tools, Network Segragation & Basic Inf 3 | Inspiration taken from https://www.pentestpartners.com/security-blog/docker-for-hackers-a-pen-testers-guide/ 4 | 5 | # How to Build 6 | 7 | ``` 8 | docker build -t dockerattack/ithc $(pwd)/ 9 | ``` 10 | 11 | # How to Run 12 | 13 | ``` 14 | docker run -ti -p 80:80 -p 443:443 -p 8080:8080 -v /root/clients:/clients dockerattack/ithc 15 | ``` 16 | 17 | 18 | -------------------------------------------------------------------------------- /InstallDocker.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Docker Install 3 | # Where we begin our docker story 4 | apt-get update 5 | apt-get install -y apt-transport-https ca-certificates 6 | apt-get install dirmngr -y 7 | apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 \ 8 | --recv-keys 58118E89F3A912897C070ADBF76221572C52609D 9 | echo 'deb https://apt.dockerproject.org/repo debian-stretch main' > \ 10 | /etc/apt/sources.list.d/docker.list 11 | apt-get update 12 | apt-get install docker-engine -y 13 | service docker start 14 | -------------------------------------------------------------------------------- /InternalInf/Dockerfile: -------------------------------------------------------------------------------- 1 | # All bad things start with Kali 2 | FROM kalilinux/kali-linux-docker:latest 3 | 4 | # Update and apt install programs. Don't dist-upgrade with docker. 5 | RUN apt-get update && apt-get upgrade -y && apt-get install -y \ 6 | exploitdb \ 7 | exploitdb-bin-sploits \ 8 | git \ 9 | gobuster \ 10 | hashcat \ 11 | hydra \ 12 | man-db \ 13 | nasm \ 14 | nmap \ 15 | sqlmap \ 16 | sslscan \ 17 | wordlists 18 | 19 | # Making our tools dir 20 | RUN mkdir -p /usr/share/tools/RT 21 | RUN mkdir /usr/share/wordlists 22 | 23 | # Clone down some basic things 24 | RUN git clone https://github.com/lgandx/Responder /usr/share/tools/RT/responder 25 | -------------------------------------------------------------------------------- /InternalInf/README.md: -------------------------------------------------------------------------------- 1 | # Internal Infrastructure Assault Toolkit 2 | Some basic tooling for pentesing internal infrastructure engagements, includes some Simulated attack tooling too 3 | 4 | # Build Notes 5 | 6 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # DockerAttack 2 | Various Tools and Docker Images 3 | 4 | If you're unsure what docker is or where to start, check out this blog on [Docker for Hackers](https://www.pentestpartners.com/security-blog/docker-for-hackers-a-pen-testers-guide/) by [m0rv4i](https://twitter.com/RobJBone). 5 | 6 | # Outcomes 7 | 8 | - Deployable Pentesting Images for Various Jobs 9 | - Personal Repo of tools 10 | - Deployment scripts in one docker image 11 | 12 | # Contents 13 | 14 | - InstallDocker.sh - Install docker on Debian based system, wrote for Kali but will work on others too 15 | - ITHC - Basic tooling for carrying out IT Health Check type assessments, Build Reviews, Seg testing & basic inf 16 | - AttackDeploy - [Attack Deploy](https://github.com/ZephrFish/AttackDeploy) in docker form, features Aquatone setup which was pulled from a similar image made by @RandomRobbie 17 | - Inf (**Work in Progesss**) - Docker image for internal inf quick deployment 18 | 19 | --------------------------------------------------------------------------------