The docker for gauntlt
This is not a traditional docker container. It is purposely made to get started with security testing with gauntlt. There are a couple things we do here that are a bit different.
- Arachni and nikto are installed inside this container
- Gauntlt is installed and is set as the entrypoint
- You can run
make install-stuband on your host machine you will be able to just run$ gauntlt-dockeras if you were running$ gauntltin your host. It's neat but not conventional.
Feel free to fork this and customize for your needs. This container is great to put into a CI/CD pipeline and many people use it for this purpose.
- Clone this repo
git clone https://github.com/gauntlt/gauntlt-docker.git
- Build the docker container
$ cd /path/to/cloned/repo/gauntlt-docker
$ make build
- Check out what
makecan do for you
$ make help
** In order to run the app you need to first build the Docker Images
$ make build
** Then proceed to running the Interactive Docker container on your terminal to create the session:
$ make interactive
$ arachni https://whr.loans
- Copy binary stub to your $PATH (like
/usr/local/bin)
$ make install-stub
-
Test it out with a
gauntlt-docker --help -
You can get interactive access to the container to test attack tools installed
$ make interactive
Gauntlt makes security testing fun and we hope you enjoy using it! This repo is used in many of the DevOps and Security courses on Lynda.com filmed by Ernest Mueller, Karthik Gaekwad, Peco Karayanev and James Wickett. Check out the best devops classes around.