GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Ullaakut → Gorsair

Ullaakut / Gorsair

Licence: apache-2.0
Gorsair hacks its way into remote docker containers that expose their APIs

Programming Languages

go
31211 projects - #10 most used programming language

Labels

dockersecuritypentestingpenetration-testinginfosecnmapnetsec

Projects that are alternatives of or similar to Gorsair

Nmap
Idiomatic nmap library for go developers
Stars: ✭ 391 (-42.33%)
Mutual labels:  pentesting, penetration-testing, infosec, nmap, netsec
Faraday
Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+371.68%)
Mutual labels:  pentesting, penetration-testing, infosec, nmap
Cameradar
Cameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+309.29%)
Mutual labels:  pentesting, penetration-testing, infosec, netsec
Awesome Shodan Queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻
Stars: ✭ 2,758 (+306.78%)
Mutual labels:  pentesting, penetration-testing, infosec
Trigmap
A wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-80.53%)
Mutual labels:  pentesting, penetration-testing, nmap
Docker Security Images
🔐 Docker Container for Penetration Testing & Security
Stars: ✭ 172 (-74.63%)
Mutual labels:  pentesting, penetration-testing, infosec
Rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+407.23%)
Mutual labels:  penetration-testing, infosec, pentesting
Hawkeye
Hawkeye filesystem analysis tool
Stars: ✭ 202 (-70.21%)
Mutual labels:  pentesting, infosec, netsec
Webmap
A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-72.27%)
Mutual labels:  pentesting, penetration-testing, nmap
Dirsearch
Web path scanner
Stars: ✭ 7,246 (+968.73%)
Mutual labels:  pentesting, penetration-testing, infosec
Infosec reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+513.86%)
Mutual labels:  pentesting, penetration-testing, infosec
Passphrase Wordlist
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (-17.99%)
Mutual labels:  pentesting, penetration-testing, infosec
Red Team Curation List
A list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-89.97%)
Mutual labels:  pentesting, penetration-testing, infosec
Resources
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-90.86%)
Mutual labels:  pentesting, penetration-testing, infosec
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-73.16%)
Mutual labels:  pentesting, penetration-testing, infosec
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (+28.32%)
Mutual labels:  pentesting, penetration-testing, infosec
maalik
Feature-rich Post Exploitation Framework with Network Pivoting capabilities.
Stars: ✭ 75 (-88.94%)
Mutual labels:  penetration-testing, infosec, netsec
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-43.66%)
Mutual labels:  pentesting, penetration-testing, nmap
Dradis Ce
Dradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (-34.66%)
Mutual labels:  pentesting, penetration-testing, infosec
Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+622.27%)
Mutual labels:  penetration-testing, pentesting
View All Similar Projects ➔

Gorsair

Gorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has access to the docker daemon, you can use Gorsair to directly execute commands on remote containers.

Exposing the docker API on the internet is a tremendous risk, as it can let malicious agents get information on all of the other containers, images and system, as well as potentially getting privileged access to the whole system if the image uses the root user.

Install

From a release

Set the:

  • GORSAIR_VERSION to whatever release you are interested in
  • OS to your operating system (linux, windows or darwin)
  • ARCH to your architecture (amd64, arm, or ppc64le)

And then run the following command to install gorsair.

curl -sS https://github.com/Ullaakut/Gorsair/releases/download/$GORSAIR_VERSION/gorsair_$OS_$ARCH --output /usr/local/bin/gorsair && chmod +x /usr/local/bin/gorsair

From the sources

  • Make sure that you have a go version that supports modules (versions 1.11 and above)
  • Make sure that your environment contains the GO111MODULE variable set to on
  • Run go build -o /usr/local/bin/gorsair cmd/*.go from the root of this repository

Command line options

  • -t, --targets: Set targets according to the nmap target format. Required. Example: --targets="192.168.1.72,192.168.1.74"
  • -p, --ports: (Default: 2375,2376) Set custom ports.
  • -s, --speed: (Default: 4) Set custom nmap discovery presets to improve speed or accuracy. It's recommended to lower it if you are attempting to scan an unstable and slow network, or to increase it if on a very performant and reliable network. You might also want to keep it low to keep your discovery stealthy. See this for more info on the nmap timing templates.
  • -v, --verbose: Enable more verbose logs.
  • -D, --decoys: List of decoy IP addresses to use (see the decoy section of the nmap documentation)
  • -e, --interface: Network interface to use
  • --proxies: List of HTTP/SOCKS4 proxies to use to deplay connections with (see documentation)
  • -S, --spoof-ip: IP address to use for IP spoofing
  • --spoof-mac: MAC address to use for MAC spoofing
  • -v, --verbose: Enable verbose logging
  • -h, --help: Display the usage information

How can I protect my containers from this attack

  • Avoid putting containers that have access to the docker socket on the internet
  • Avoid using the root account in docker containers
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].