DOCKER FOR PENTESTERS NIGHTINGALE Raja Nagori
A presentation at Docker for Pentesters: NIGHTINGALE in February 2022 in India by Raja Nagori
DOCKER FOR PENTESTERS NIGHTINGALE Raja Nagori
$WHOAMI ➢ Security Analyst II at FIS Global. ➢ Cyber Crime Intervention Officer from ISAC (NSD). ➢ Synack Red Team Member. ➢ CTF player ➢ Always love to play around Networks 😁
TODAY’S DISCUSSION • About DOCKER creature. • Concept of Hypervisor and Docker Containerization • Start Practical with Docker : echo “Hello World” • Brief idea project my project : OWASP-Nightingale (Docker for Pentesters)
ABOUT DOCKER Application Modernization Issues that Developer face 1. Minor code changes require full re-compile and re-test 2. Complete application can be count as a single point failure 3. Hard to difficult to scale the application on a large scale Microservices 1. Break Application into separate functionality 2. Scalability is easy 3. Can modify specific service for the specific functionality Application : Ecommerce Website
ABOUT DOCKER Virtualization Containerization An act of making a virtual env for once, it can hardware platforms, storage devices and create a network Making a packaging of the software and it’s decencies which isolate from the host machine. App1 App2 Container Runtime Management Host Operating System Infrastructure Containers App3
ABOUT DOCKER 2004 Solaris Containers (It combines system resource and control the cloning process for the system) 2013 LMCTFY (Let me Contain that for you is open source Google container service which provides Linux Application containers ) 2000 FreeBSD Jails (It came up with service where administrator can create a partition into smaller system : Jails) LXC (Linux Containers release first Linux Container Manager with having cgroups and Linux namespaces) 2013 Docker Explode in market and gain so much popularity Docker goes on and on and on and on 😂
CONCEPT OF HYPERVISOR AND DOCKER CONTAINERIZATION Image Source : https://www.virtasant.com/blog/hypervisors-a-comprehensive-guide
CONCEPT OF HYPERVISOR AND DOCKER CONTAINERIZATION Docker Containerization Hypervisor 1. One Physical server can run limited number of sub-servers 2. Better resource pooling 3. VM is cloud 4. 5. 1. Rapid Elasticity 2. Pay per use But, Each VM require 1. CPU allocation 2. Storage 3. RAM More number of VM you run, more resource will require to run them 1. No booting process for the Operating System 2. No dependencies over the operating system 3. Easy to run with less then a min. 4. Improvised the OS performance 5. Run as many container for your different application 6. All application are independently run with each other
ADVANTAGE OF DOCKER OVER VIRTUALIZATION Improved Security Enhanced Productivity Simple and Fast Deployment Improved scalability Increased Portability
DOCKER
COMMON DOCKER COMMANDS docker search <image name> docker pull <image name> docker build –t Dockerfile $PWD docker run -ti —hostname <your-wish> <image_name> /bin/bash docker run -it -p 0.0.0.0:8080:7681 -d <image_name> /home/binaries/ttyd -p 7681 bash
START PRACTICAL WITH DOCKER : ECHO “HELLO WORLD”
BRIEF IDEA PROJECT MY PROJECT : OWASP-NIGHTINGALE (DOCKER FOR PENTESTERS)
