Docker images and running commands of vulnerable web

hahwul

Aug 12, 2020

I often use the weak web for performance testing of tools under development. I write post collection of docker commands for the execution of the vulnerable web.

All docker image pull with oneline

docker pull feltsecure/owasp-bwapp ; docker pull vulnerables/web-dvwa ; docker pull karthequian/gruyere ; docker pull bltsec/mutillidae-docker ; docker pull bkimminich/juice-shop

Docker run commands

BWAPP

docker run -d -p 80:80 feltsecure/owasp-bwapp

DVWA

docker run -d -p 80:80 vulnerables/web-dvwa

Default Credential: admin / password

web-dvws

docker run --rm -it -p 80:80 cyrivs89/web-dvws

gruyere

docker run -d -p 80:8008 karthequian/gruyere

OWASP multillidae

docker run -d -p 80:80 -p 443:443 bltsec/mutillidae-docker

OWASP juice-shop (SPA)

docker run -d -p 80:3000 bkimminich/juice-shop

When your machine slow? clean up

# clean containers
docker rm $(docker ps -qa --no-trunc --filter "status=exited")

# clean images
docker rmi $(docker images | grep "none" | awk '/ / { print $3 }')

# clean networks
docker network rm $(docker network ls | grep "bridge" | awk '/ / { print $1 }')

# one line(container + images)
docker rm $(docker ps -qa --no-trunc --filter "status=exited");docker rmi $(docker images | grep "none" | awk '/ / { print $3 }');

https://www.hahwul.com/2019/01/19/docker-optimization-and-cleanup-script/

#security #system