Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
2021-05-27 19:57:54 Author: www.darknet.org.uk(查看原文) 阅读量:134 收藏

Navigation



Last updated: May 27, 2021 | 13 views


Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands and you have a vulnerable environment.

Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack


Features of Vulhub Pre-Built Vulnerable Docker Environments For Learning To Hack

Vulhub contains many frameworks, databases, applications, programming languages and more such as:

  • Drupal
  • ffmpeg
  • CouchDB
  • ActiveMQ
  • Glassfish
  • Joombla
  • JBoss
  • Kibana
  • Laravel
  • Rails
  • Python
  • Tomcat

And many, many more.

To use Vulhub Pre-Built Vulnerable Docker Environments For Learning To Hack

Install the docker/docker-compose on Ubuntu 20.04:

# Install pip

curl -s https://bootstrap.pypa.io/get-pip.py | python3

# Install the latest version docker

curl -s https://get.docker.com/ | sh

# Run docker service

systemctl start docker

# Install docker compose

pip install docker-compose

It is recommended to use a VPS of at least 1GB memory to build a vulnerability environment. The your-ip mentioned in the documentation refers to the IP address of your VPS. If you are using a virtual machine, it refers to your virtual machine IP, not the IP inside the docker container.

You can download Vulhub by:

# Download project

wget https://github.com/vulhub/vulhub/archive/master.zip -O vulhub-master.zip

unzip vulhub-master.zip

cd vulhub-master

# Enter the directory of vulnerability/environment

cd flask/ssti

# Compile environment

docker-compose build

# Run environment

docker-compose up -d

Or read more here.

Posted in: Exploits/Vulnerabilities

Latest Posts:


Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack

May 27, 2021 - 0 Shares

LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.

May 7, 2021 - 47 Shares

Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.

April 19, 2021 - 173 Shares

APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.

March 5, 2021 - 201 Shares

GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc

February 3, 2021 - 132 Shares

GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process

January 1, 2021 - 168 Shares



文章来源: https://www.darknet.org.uk/2021/05/vulhub-pre-built-vulnerable-docker-environments-for-learning-to-hack/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed
如有侵权请联系:admin#unsafe.sh