Awesome
docker-vulnerability-environment
这个项目是为了使用 docker 部署 Web 漏洞测试环境, 可随时创建随时删除。 当前项目包括: bWAPP、DVWA、OWASP Broken Web Applications Project等多个漏洞测试环境。
环境列表
- bWAPP
- xssed
- DVWA
- WebGoat
- DVWA-WooYun-edition
- DSVW
- WAVSEP
- OWASP Security Shepherd
- OWASP Broken Web Applications Project(未完成)
- xvwa(未完成) https://github.com/s4n7h0/xvwa
Docker for Penetration Testing
docker pull kalilinux/kali-linux-docker
official Kali Linuxdocker pull owasp/zap2docker-stable
- official OWASP ZAPdocker pull wpscanteam/wpscan
- official WPScandocker pull pandrew/metasploit
- docker-metasploitdocker pull citizenstig/dvwa
- Damn Vulnerable Web Application (DVWA)docker pull wpscanteam/vulnerablewordpress
- Vulnerable WordPress Installationdocker pull hmlio/vaas-cve-2014-6271
- Vulnerability as a service: Shellshockdocker pull hmlio/vaas-cve-2014-0160
- Vulnerability as a service: Heartbleeddocker pull opendns/security-ninjas
- Security Ninjasdocker pull diogomonica/docker-bench-security
- Docker Bench for Securitydocker pull ismisepaul/securityshepherd
- OWASP Security Shepherddocker pull danmx/docker-owasp-webgoat
- OWASP WebGoat Project docker imagedocker-compose build && docker-compose up
- OWASP NodeGoatdocker pull citizenstig/nowasp
- OWASP Mutillidae II Web Pen-Test Practice Applicationdocker pull bkimminich/juice-shop
- OWASP Juice Shopdocker pull kalilinux/kali-linux-docker
- Kali Linux Docker Image
Docker 镜像源
- https://dev.aliyun.com/
- index.docker.io/library/ubuntu
参考链接
- https://github.com/enaqx/awesome-pentest
- https://github.com/secfigo/Awesome-Fuzzing
- https://github.com/Hack-with-Github/Awesome-Hacking
- https://github.com/re-pronin/Awesome-Vulnerability-Research
- https://github.com/b-mueller/android_app_security_checklist
- https://github.com/GDSSecurity/GWT-Penetration-Testing-Toolset
- https://github.com/shieldfy/API-Security-Checklist
- https://github.com/Microsoft/MSRC-Security-Research
- https://github.com/advanced-threat-research/firmware-security-training
- https://github.com/FallibleInc/security-guide-for-developers
- https://github.com/paralax/awesome-honeypots
- https://github.com/jaredthecoder/awesome-vehicle-security
- https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki
- https://github.com/secretsquirrel/the-backdoor-factory
- https://github.com/enaqx/awesome-pentest
- https://github.com/danielmiessler/SecLists
- https://github.com/nixawk/pentest-wiki
- https://github.com/rshipp/awesome-malware-analysis
- https://github.com/google/oss-fuzz
- https://www.vulnhub.com
- https://pentesterlab.com/