# docker-vulnerability-environment **Repository Path**: guiye/docker-vulnerability-environment ## Basic Information - **Project Name**: docker-vulnerability-environment - **Description**: Use the docker to build a vulnerability environment - **Primary Language**: Unknown - **License**: Apache-2.0 - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2019-07-26 - **Last Updated**: 2020-12-19 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # docker-vulnerability-environment 这个项目是为了使用 docker 部署 Web 漏洞测试环境, 可随时创建随时删除。 当前项目包括: bWAPP、DVWA、OWASP Broken Web Applications Project等多个漏洞测试环境。 ## 环境列表 * [bWAPP](./bWAPP/README.md) * [xssed](./xssed/README.md) * [DVWA](./DVWA/README.md) * [WebGoat](./WebGoat/README.md) * [DVWA-WooYun-edition](./DVWA-WooYun-edition/README.md) * [DSVW](./DSVW/README.md) * [WAVSEP](./WAVSEP/README.md) * [OWASP Security Shepherd](./OWASP%20Security%20Shepherd/README.md) * OWASP Broken Web Applications Project(未完成) * xvwa(未完成) https://github.com/s4n7h0/xvwa ## Docker for Penetration Testing * `docker pull kalilinux/kali-linux-docker` [official Kali Linux](https://hub.docker.com/r/kalilinux/kali-linux-docker/) * `docker pull owasp/zap2docker-stable` - [official OWASP ZAP](https://github.com/zaproxy/zaproxy) * `docker pull wpscanteam/wpscan` - [official WPScan](https://hub.docker.com/r/wpscanteam/wpscan/) * `docker pull pandrew/metasploit` - [docker-metasploit](https://hub.docker.com/r/pandrew/metasploit/) * `docker pull citizenstig/dvwa` - [Damn Vulnerable Web Application (DVWA)](https://hub.docker.com/r/citizenstig/dvwa/) * `docker pull wpscanteam/vulnerablewordpress` - [Vulnerable WordPress Installation](https://hub.docker.com/r/wpscanteam/vulnerablewordpress/) * `docker pull hmlio/vaas-cve-2014-6271` - [Vulnerability as a service: Shellshock](https://hub.docker.com/r/hmlio/vaas-cve-2014-6271/) * `docker pull hmlio/vaas-cve-2014-0160` - [Vulnerability as a service: Heartbleed](https://hub.docker.com/r/hmlio/vaas-cve-2014-0160/) * `docker pull opendns/security-ninjas` - [Security Ninjas](https://hub.docker.com/r/opendns/security-ninjas/) * `docker pull diogomonica/docker-bench-security` - [Docker Bench for Security](https://hub.docker.com/r/diogomonica/docker-bench-security/) * `docker pull ismisepaul/securityshepherd` - [OWASP Security Shepherd](https://hub.docker.com/r/ismisepaul/securityshepherd/) * `docker pull danmx/docker-owasp-webgoat` - [OWASP WebGoat Project docker image](https://hub.docker.com/r/danmx/docker-owasp-webgoat/) * `docker-compose build && docker-compose up` - [OWASP NodeGoat](https://github.com/owasp/nodegoat#option-3---run-nodegoat-on-docker) * `docker pull citizenstig/nowasp` - [OWASP Mutillidae II Web Pen-Test Practice Application](https://hub.docker.com/r/citizenstig/nowasp/) * `docker pull bkimminich/juice-shop` - [OWASP Juice Shop](https://github.com/bkimminich/juice-shop#docker-container--) * `docker pull kalilinux/kali-linux-docker` - [Kali Linux Docker Image](https://www.kali.org/news/official-kali-linux-docker-images/) ## Docker 镜像源 * https://dev.aliyun.com/ * index.docker.io/library/ubuntu ## 参考链接 * https://github.com/enaqx/awesome-pentest * https://github.com/secfigo/Awesome-Fuzzing * https://github.com/Hack-with-Github/Awesome-Hacking * https://github.com/re-pronin/Awesome-Vulnerability-Research * https://github.com/b-mueller/android_app_security_checklist * https://github.com/GDSSecurity/GWT-Penetration-Testing-Toolset * https://github.com/shieldfy/API-Security-Checklist * https://github.com/Microsoft/MSRC-Security-Research * https://github.com/advanced-threat-research/firmware-security-training * https://github.com/FallibleInc/security-guide-for-developers * https://github.com/paralax/awesome-honeypots * https://github.com/jaredthecoder/awesome-vehicle-security * https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki * https://github.com/secretsquirrel/the-backdoor-factory * https://github.com/enaqx/awesome-pentest * https://github.com/danielmiessler/SecLists * https://github.com/nixawk/pentest-wiki * https://github.com/rshipp/awesome-malware-analysis * https://github.com/google/oss-fuzz * https://www.vulnhub.com * https://pentesterlab.com/