Open Source

Introduction

We love Open Source, as all the security tools we teach are OSS. Open Source in general contributes significantly to keeping networks and services secure, as it can be audited. While it doesn't always happen, it increases, as some companies provide paid auditing tools for free to Open Source projects, which can be combined with free testing and CI/CD in popular collaborative version control services such as GitHub and GitLab. As a result, software quality improves.

Docker containers

If you aren't familiar with containers, they are a way to package software and their dependencies. While they typically contain one application in each container, they can be used as some sort of lightweight virtual machine.

They are sometimes compared to virtualization as both can do similar things. However, they differ widely. If you'd like to learn more, Docker has a detailed page which also compares containerization to virtualization.

Container list

Our main container is finchsec/kali, a WiFi penetration testing container with all the tools you'll need, based on Kali Linux

We are offering a number of docker containers for individual tools as well:

• finchsec/asleap: Patched version of asleap by Joshua Wright, statically compiled, as the version in Kali doesn't work in Kali anymore. Two versions (tags) are available: static (statically compiled), and dynamic which is built dynamically.
• finchsec/bettercap: Bettercap by evilsocket, using latest sources from their repository.
• finchsec/hcxdumptool: Scapy by secdev, using latest sources from their repository.
• finchsec/hcxtools: hcxtools by ZerBea, using latest sources from their repository.
• finchsec/hostapd: hostapd and WPA supplicant by Jouni Malinen, using latest sources from their repository.
• finchsec/john: John the Ripper by OpenWall, using latest sources from their repository.
• finchsec/kismet: Kismet wireless by dragorn, using latest sources from their repository.
• finchsec/reaver: reaver fork (t6x), forked by kimocoder, using latest sources from their repository.
• finchsec/wef: Wireless Exploitation Framework (WEF) by D3Ext, using latest sources from their repository.
• finchsec/wifite2: WiFite2 by kimocoder, using latest sources from their repository.

• Our containers are automatically rebuilt daily in order to stay up to date
• They are available for x86, and also ARM CPUs, which means you can use it on the Raspberry Pi and other recent ARM boards. Some are available for more CPU architectures.
• Sources are available in our GitHub repositories. They are also mentioned on each of the DockerHub pages.

How do I use them?

Either with Docker or Podman. The base command with Docker, for the ones requiring access to a Wi-Fi adapter, would be:

sudo docker run --it --privileged --net=host --pid=host finchsec/kali

To access Wi-Fi adapters, the containers needs to be started with --privileged and --net=host. In order for airmon-ng, among other tools, to be able to kill network managers, we also need to add --pid=host to expose all the processes of the host to the container. By default, even on a privileged container, host processes aren't shared. The command is valid for most of our containers.

To attach storage, and save files in a directory on our system, we can use a bind mount. As an example:

sudo docker run --it --privileged --net=host --pid=host -v ~/data/:/root finchsec/kali

This mounts the data/ directory inside our home directory, and link it to /root inside the container. On subsequent runs, we will find the same files in the docker container in the /root directory. Note that we cannot just specify data/, Docker requires the full path.

Additionally, for Linux systems running SELinux, we need to append :Z, otherwise we won't be able to do access the files:

sudo docker run --it --privileged --net=host --pid=host -v ~/data/:/root:Z finchsec/kali

By the way

We will expand our offering later on, and also provide a virtual machine as well as Live ISO.

If you have suggestions for more software to include, or want to report bugs, let us know by opening an issue in the respective repository on GitHub.