Dockerfiles

Table of Contents:

1. Before you begin
   • Rootless Mode
   • Linux Namespaces
2. About this repo
3. Available Images
   • DNSValidator
   • DVGA
   • Grond
   • NSBrute
   • WebGoat
   • amass
   • puredns
   • XSStrike

Before you begin

By default the Docker daemon and containers run as root.

Aside from the security implications, this will result in any output file - generated by the container - being owned by root on the host machine. To avoid this, consider configuring Docker Rootless OR Linux Namespaces.

Rootless mode

• Run the Docker daemon as a non-root user

Linux Namespaces

• Isolate containers with a user namespace
• Use Linux user namespaces to fix permissions in docker volumes

About this repo

I maintain images for tools that either don't have an official docker image or the official docker image doesn't work... or they're my own projects 😋

In this repo each named branch contains the build files for that image.

• To download the build files run:

❯ git clone --depth 1 --branch BRANCH https://github.com/frost19k/Dockerfiles.git

• Then build the image with:

❯ docker buildx build -t BRANCH ./BRANCH

Available Images

Branch Name	Docker Image
DNSValidator	frost19k/dnsvalidator
DVGA	frost19k/dvga
Grond	frost19k/grond
NSBrute	frost19k/nsbrute
WebGoat	frost19k/webgoat
amass	frost19k/amass
puredns	frost19k/puredns
XSStrike	frost19k/xsstrike

DNSValidator

• Upstream repository: https://github.com/frost19k/DNSValidator

• Upstream forked from: https://github.com/vortexau/dnsvalidator

• To run the container

❯ docker run -it --rm \
  -v "{PWD}":'/output' \
  frost19k/dnsvalidator -t 20 -o resolvers.txt

DVGA

• Upstream repository: https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application

• Use this image if you get the following error in the official image

❯ docker run -it --rm -p 5013:5013 -e WEB_HOST=0.0.0.0 dolevf/dvga
Traceback (most recent call last):
  File "app.py", line 5, in <module>
    from flask import Flask
ModuleNotFoundError: No module named 'flask'

• To run the container

❯ docker run -it --rm -p 5013:5013 frost19k/dvga

Note: In this image WEB_HOST is already 0.0.0.0

Grond

• A docker image that contains a large number of tools commonly used in recon & bug bounty hunting.

• Consult the ReadMe for more information on how to use it.

NSBrute

• Upstream repository: https://github.com/shivsahni/NSBrute

• To run the container

❯ docker run -it --rm \
  frost19k/nsbrute -d example.com -a 'your-AWS-AccessKey' -s 'your-AWS-SecretKey'

WebGoat

• Upstream repository: https://github.com/WebGoat/WebGoat

• Use this image if you get the following error in the official image

❯ docker run -it \
  -p 127.0.0.1:8080:8080 \
  -p 127.0.0.1:9090:9090 \
  -e TZ=Europe/Amsterdam \
  webgoat/webgoat
[...]
2022-05-07 09:57:36.554 ERROR 1 --- [main] hsqldb.db.HSQLDB809D8627A0.ENGINE: could not reopen database

• To run the container

❯ docker run -it --rm \
  -p 8081:8081 \
  -p 9091:9091 \
  -e TZ=Europe/Amsterdam \
  frost19k/webgoat

amass

• Upstream repository: https://github.com/OWASP/Amass

• This image differs from the official in two ways

  1. It runs amass as root inside the container
  2. It outputs to /amass instead of /.config/amass

• To run the container

❯ docker run -it --rm \
  -v "${PWD}":'/amass/' \
  frost19k/amass enum -d example.com

puredns

• Upstream repository: https://github.com/d3mondev/puredns

• To run the container

  • You can find usage examples here

XSStrike

• Upstream repository: https://github.com/s0md3v/XSStrike
• To run the container

❯ docker run -it --rm \
  frost19k/xsstrike -u https://example.com/search?q=test