Docker has increasingly been adopted by companies and developers at large for
deployment and hosting of web apps, databases and other business critical
services. However, in the context of security and penetration testing, very little
has been done to explore the various ways in which Docker as a platform can be
used to streamline and enhance the penetration testing process.
The focus of this presentation will be aimed at how penetration testers, security
researchers and bug bounty hunters can utilize Docker in the following ways:
1. Setup your own penetration testing toolkit that can be deployed rapidly at scale.
2. How to use popular penetration testing distribution images for penetration testing and bug bounty hunting.
3. How to setup a virtual hacking lab, complete with vulnerable web applications for education and practice.
4. How to use Docker to test specific vulnerabilities in an isolated environment.
The presentation will consist of 3 phases:
1. Docker fundamentals.
2. Setting up penetration testing toolkits with Docker.
3. Setting up a virtual hacking lab with Docker