Docker images and running commands of vulnerable web
hacking docker

Docker images and running commands of vulnerable web

hahwul

I often use the weak web for performance testing of tools under development. I write post collection of docker commands for the execution of the vulnerable web.

All docker image pull with oneline

$ docker pull feltsecure/owasp-bwapp ; docker pull vulnerables/web-dvwa ; docker pull karthequian/gruyere ; docker pull bltsec/mutillidae-docker ; docker pull bkimminich/juice-shop

Docker run commands

BWAPP

$ docker run -d -p 80:80 feltsecure/owasp-bwapp

​​

DVWA

$ docker run -d -p 80:80 vulnerables/web-dvwa

​Default Credential: admin / password ​​

gruyere

$ docker run -d -p 80:8008 karthequian/gruyere

OWASP multillidae

$ docker run -d -p 80:80 -p 443:443 bltsec/mutillidae-docker

OWASP juice-shop (SPA)

$ docker run -d -p 80:3000 bkimminich/juice-shop

When your machine slow? clean up

# clean containers
docker rm $(docker ps -qa --no-trunc --filter "status=exited")

# clean images
docker rmi $(docker images | grep "none" | awk '/ / { print $3 }')

# clean networks
docker network rm $(docker network ls | grep "bridge" | awk '/ / { print $1 }')

# one line(container + images)
docker rm $(docker ps -qa --no-trunc --filter "status=exited");docker rmi $(docker images | grep "none" | awk '/ / { print $3 }');

https://www.hahwul.com/2019/01/19/docker-optimization-and-cleanup-script/



Security engineer, Bugbounty hunter, Developer and... H4cker

Menu

TWEET