✨
Tech Stuff
  • Welcome
  • Threat Hunting
    • Learning ETW
      • Logman
      • SilkETW
      • Apply ETW to Windows Event (1)
    • Learning win32evtlog in python
  • Attack Simulation
    • Atomic Red Team
  • Tools
    • Windows Events Providers Explorer
    • FRIDA for iOS app penetration testing
  • Windows Security
    • User Account Control (UAC)
      • UAC Bypass
  • Windows OS Penetration Testing
    • Metasploit
    • PowerShell
    • Bloodhound
  • Unorganized Python
  • Python - pexpect
  • Python - subprocess for Windows
  • Parsing evtx to json
  • Python - Pykd
  • Workflow
    • Kali Linux on Docker
Powered by GitBook
On this page
  • Running a VM is too heavy for my laptop
  • Simple Setup
  • Simple Administration
  • Attach to interactive shell again
  • Experience my workflow
  • Locate offset

Was this helpful?

  1. Workflow

Kali Linux on Docker

Running a VM is too heavy for my laptop

While running a Kali virtual machine on your portable machine, no matter how light weight of your VM or how much you can sacriface for the performance. One thing you cannot neglect is the battery consumption.

As a cybersecurity professional, my day to day workflow is always include testing out new POC, packing shellcode using Kali Linux. Running a VM on whatever optimized software is gonna trigger my laptop fan spinning. To deal with this issue, using docker is a quite optimal solution.

Simple Setup

I'm an OSX user, so this dialog is gonna focus on OSX environment. Windows users can also adopt the same workflow but WSL is a way more striaght forward solution.

  1. Get your docker desktop installed

  2. At terminal execute docker pull kalilinux/kali-rolling

  3. docker run -it --name kali kalilinux/kali-rolling /bin/bash

  4. Run apt update && apt -y install kali-linux-headless for the first time

  5. The interactive shell will be attached during the process, done

This simple setup will get you the most light weight experience with using metapackage

Simple Administration

You can manage the containers named as kali by:

docker start|stop|restart <container name>

Attach to interactive shell again

For any reason that you lost the shell, you may attach it with a running container by:

docker exec -it kali /bin/bash

Experience my workflow

Locate offset

At my workflow of exploit development, it is quite often to use msf-pattern_create, msf-pattern_offset and more. Of course there's a lot of resources on the Internet these days that make all these tool available on your environment. But for acquiring those swissnight with the most light-weight and clean deployment. This is the best solution imo.

PreviousPython - Pykd

Last updated 3 years ago

Was this helpful?