What news from AWS re:Invent last week will have the most impact on you?
Amazon Q, an AI chatbot for explaining how AWS works.
Super-fast S3 Express storage.
New Graviton 4 processor instances.
Emily Freeman leaving AWS.
I don't use AWS, so none of this will affect me.

Penetration Testing with Kali Linux as a Docker Container

How do you know if your systems are secure? Penetration testing is one way to find out. Here is how to set up Kali Linux, which has a full suite of security testing tools.
Nov 11th, 2023 6:00am by
Featued image for: Penetration Testing with Kali Linux as a Docker Container
Feature image courtesy of Kali Linux.

Penetration testing is a requirement for so many businesses. After all, you’re going to need to know if your systems have vulnerabilities, so they can be mitigated as quickly as possible. One the if best ways to do this is to attempt to break into the system itself.

One of the most widely used pen testing platforms on the market is Kali Linux. With this Linux distribution, you have a plethora of tools at your disposal.

But what if you want to be able to run penetration testing without having to install a full-blown operating system? And if your security staff (or admins) have at least a fundamental understanding of Docker containers, they could always deploy Kali Linux as a Docker container and run penetration testing from within a headless container.

It’s actually quite a fascinating and flexible method of penetration testing and I’m going to show you how to make it happen.

What You Need

I’ll demonstrate this process using a Ubuntu Server 22.04 base. You can pull this off with any operating system that supports Docker. If you opt for an OS other than Ubuntu (or a derivative), you’ll need to alter the Docker installation commands. You’ll also need a user with sudo privileges.

That’s it. Let’s make some pen-testing magic.

How to Install Docker

The first thing we must do is install Docker. If you’ve already installed the container runtime, feel free to skip to the next section.

Before we can install Docker, we must download and add the official Docker GPG key. This is completed with the following command:

One more step before the install is the adding of the official Docker repository, that will allow us to install Docker CE. Add the repository with the command:

Next, we’ll install a few basic dependencies:

You can now update apt with the following:

Finally, install Docker CE with the following command:

In order to manage Docker without using sudo (which is a security issue), you must add your user to the docker group using the command:

Log out and log back in so the changes take effect.

Pulling the Kali Linux Image

We can now pull the official Kali Linux image. This is done with the command:

Deploy the Kali Linux Container

With the image pulled, we can now deploy the Kali Linux container with the command:

This command will not only deploy the container but it will also land us on the Kali Linux bash prompt, so we can start working with the newly-deployed container.

Install Kali Headless

The Kali Linux image doesn’t actually ship with any pen-testing tools. For that, we have to install a specific package.

Before we can install the required software, we must first update apt with the command:

After the update, install the package with:

During the installation, you’ll be asked a few questions, each of which could be unique to your situation. Pay attention to those questions and answer either yes or no for each. This installation will take some time (between 5-20 minutes, depending on the speed of your hardware and network connection).

When this installation completes, you’ll need to exit the running container and issue a commit to save the changes to the Kali container, so it can be reused without having to walk through the installation process again.

This next step is important. If you simply exit from the container (using the exit command) you’ll lose all of your work and will have to go through the kali-linux-headless install once again. That’s not an efficient way of working. Instead, SSH into the hosting machine from a different desktop, while remaining within the Kali container on the original login. From that new login, locate the container ID for the running Kali Linux container with the command:

Using the first four characters of the running container’s ID, commit the changes with a command like:

Where ID is the first four digits of the container ID. You can also name the image anything you like. I used kalitools as an example.

Now that you’ve created the new image (which includes all of the headless pen testing tools), you can exit out of the original container. Verify the new image was created with:

You should see an image named kalitools (or whatever you’ve chosen to name it). You can then deploy a Kali Linux container from the new image (which includes all of the Kali Linux headless tools) with a command like:

You’ll once again find yourself at the Kali Linux container bash prompt, where you can start running your penetration testing, all from within the convenience of a Docker container. When you exit out of the container this time, you’ll still have the Kali Linux container image that contains all the tools. To run more penetration testing, you simply have to deploy another container with the above command (docker run -it kalitools /bin/bash) and have at the testing.

Group Created with Sketch.
TNS owner Insight Partners is an investor in: Docker.
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.