- Introduction
- Why BNPT_Docker?
- What does this Docker contain?
- Usage
- Quick Installation
- Building Docker Image
- Tools
Docker is a platform that is meant to create, deploy and run applications easily using containers. Containers allow a developer to consolidate an application with all of the parts it needs, such as libraries as well as other dependencies and ships it all out as one package. Briskinfosec, decided to make use of this platform and integrate with open source security assessment tools for use in network security assessments. We have named it "BNPT_Docker". It offers quality benefits like direct VA (Vulnerability Assessment) part, skipping few steps without affecting other processes, as other requirements exist inside the container. This docker is in Briskinfosec repository in docker cloud, which can be pulled from anywhere..
This Docker comprises collection of open source tools which can be used for testing networks. This Docker has been created to simplify the tools installation and their dependencies by gathering the open source tools into a single Docker container thus making it platform independent.
docker run -it --name <name for container> briskinfosec/bnpt_dockerdocker pull briskinfosec/bnpt_docker:latest
docker run -it --name <name for container> briskinfosec/bnpt_dockerdocker build -t <name for docker image> /PATH/TO/THE/Dockerfile.
docker run -it --name <name for container> briskinfosec/bnpt_dockerNmap, short known for Network Mapper, is a free and open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to identify active devices on their networks, discovering hosts that are available and the services they offer, finding open ports and detecting security risks.
This is the fastest Internet port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second. It produces results similar to nmap, the most famous port scanner. Internally, it operates more like scanrand, unicornscan, and ZenMap, using asynchronous transmission. The major difference is that it’s faster than these other scanners.
LNScan (Local Network Scanner), is an internal network scanner which is only used for enterprise security self-tests. Its features include:
- Fast and efficient, multi-process + multi-threaded combination.
Hping is a command-line oriented TCP/IP packet assembler/analyzer. It supports TCP, UDP, ICMP and RAW-IP protocols. It is mainly used for:
- Firewall testing.
- Advanced port scanning.
- Manual path MTU discovery.
- Advanced traceroute, under all the supported protocols.
SSL check through SSL Labs API.
- Audits the SSL ports.
Rebel framework is created with a collection of modules which would be an additional benefit to penetration testing.
A high performance offensive security tool for reconnaissance and vulnerability scanning. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan outputs to a corresponding file.
- Performs overall vulnerability scanning automatically.
- Display the categorized results.
The Yuki Chan is an Automated Penetration Testing tool. This tool will audit all the standard security test methods for you.
- Collection of tools with automation for identifying vulnerabilities etc.
All contributions are welcome, from code to documentation, to design suggestions, to bug reports. Please use GitHub to its fullest. Submit your requests, contribute tutorials or other wiki content.
If you want to support us in any possible ways, please do it. Here is our official Email address:[email protected] or visit our website www.briskinfosec.com for more details.
- pr4jwal
- sowish
- rebe11ion
- evyatarmeged
- Yukinoshita47
Note: This Docker is intended to be used for legal security purposes only, and you should only use it to protect networks/hosts that you own or have permission to test. Any other illegal use is not the responsibility of the developer(s). Be sure that you understand and comply with the Docker licenses and laws in your country.