We love Open Source, as all the security tools we teach are OSS. Open Source in general contributes significantly to keeping networks and services secure, as it can be audited. While it doesn't always happen, it increases, as some companies provide paid auditing tools for free to Open Source projects, which can be combined with free testing and CI/CD in popular collaborative version control services such as GitHub and GitLab. As a result, software quality improves.
If you aren't familiar with containers, they are a way to package software and their dependencies. While they typically contain one application in each container, they can be used as some sort of lightweight virtual machine.
They are sometimes compared to virtualization as both can do similar things. However, they differ widely. If you'd like to learn more, Docker has a detailed page which also compares containerization to virtualization.
We are offering a number of docker containers for individual tools as well:
static(statically compiled), and
dynamicwhich is built dynamically.
sudo docker run --it --privileged --net=host --pid=host finchsec/kali
To access Wi-Fi adapters, the containers needs to be started with
In order for
airmon-ng, among other tools, to be able to kill network managers, we also need to
--pid=host to expose all the processes of the host to the container. By default, even on a privileged
container, host processes aren't shared. The command is valid for most of our containers.
To attach storage, and save files in a directory on our system, we can use a bind mount. As an example:
sudo docker run --it --privileged --net=host --pid=host -v ~/data/:/root finchsec/kali
This mounts the
data/ directory inside our home directory, and link it to
the container. On subsequent runs, we will find the same files in the docker container in the
directory. Note that we cannot just specify
data/, Docker requires the full path.
Additionally, for Linux systems running SELinux, we need to append
:Z, otherwise we won't be
able to do access the files:
sudo docker run --it --privileged --net=host --pid=host -v ~/data/:/root:Z finchsec/kali
We will expand our offering later on, and also provide a virtual machine as well as Live ISO.
If you have suggestions for more software to include, or want to report bugs, let us know by opening an issue in the respective repository on GitHub.