Docker Overview and Security Resources
Docker is a platform that uses container technology to automate application deployment, ensuring consistent performance across different environments. It enhances portability, efficiency, version control, and orchestration for scalable and isolated application deployment. However, Docker can have security issues such as vulnerabilities in container images, misconfigurations, and risks associated with shared kernel resources.
| Credit | Details |
|---|---|
| CSbyGB | CSbyGB |
| Madhurendra Kumar | m14r41 |
👉 What is Docker?
- 🌟 Docker Overview on Docker Docs
- 🌟 What is Docker and How it Works on Simplilearn
- 🌟 Linux Containers - Basic Concepts by Lucian Carata
👉 Docker Pentest & Security Resources
- 🌟 My Pentips about Docker on C.S by G.B
- 🌟 2 amazing blog posts by Dana Epp (I recommend subscribing to his newsletter):
- 🌟 Docker Vulnerabilities on CVE Details
- 🌟 Privilege Escalation via Docker by Chris Foster
- 🌟 The Dirty COW Kernel Exploit
- 🌟 Breaking Out of Docker via runC - CVE-2019-5736 by Yuval Avrahami
- 🌟 Understanding Docker Container Escapes by Dominik Czarnota on TrailofBits
- 🌟 Awesome Docker Security by Myugan
- 🌟 Docker Security Cheat Sheet by OWASP® Foundation
- 🌟 Docker Security Course - Hackersploit
👉 Read Writeups
👉 Practice
- 🌟 TryHackMe UltraTech Box
- ⭐ Writeup UltraTech
- 🌟 Root-Me Docker - I Am Groot
- ⭐ Docker - Talk Through Me
- ⭐ Supply Chain Attack - Docker
- ⭐ Docker Layers
- ⭐ Docker - Sys-Admin’s Docker
- 🌟 Damn Vulnerable Docker Container by Julian Scionti
- 🌟 Docker Host Attacks on Attackdefense
Docker Penetration Testing Check List:
1. Container Security Assessment:
-
Test Case: Identify and assess security configurations and vulnerabilities in Docker containers.
-
Commands/Tools:
# Inspect container detailsdocker inspect <container-id># Check for changes in container filesystemdocker diff <container-id> -
Example:
# Inspect container named 'web-container'docker inspect web-container
2. Container Image Analysis:
-
Test Case: Analyze container images for vulnerabilities and misconfigurations.
-
Commands/Tools:
# List available imagesdocker image ls# Inspect details of a specific imagedocker image inspect <image-id> -
Example:
# Inspect details of the 'nginx' imagedocker image inspect nginx
3. Exposed Ports:
-
Test Case: Identify exposed ports and assess their security.
-
Commands/Tools:
# List port mappings of a running containerdocker port <container-id> -
Example:
# List port mappings for container 'web-app'docker port web-app
4. Privilege Escalation:
-
Test Case: Check for potential privilege escalation vulnerabilities.
-
Commands/Tools:
# Access container with root privilegesdocker exec -u 0 -it <container-id> /bin/bash -
Example:
# Access 'database-container' with root privilegesdocker exec -u 0 -it database-container /bin/bash
5. Container Breakout:
-
Test Case: Attempt to escape from the container and access the host system.
-
Commands/Tools:
# Run a privileged container and break outdocker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh -
Example:
# Attempt container breakout on 'web-container'docker run -it --privileged --pid=host web-container nsenter -t 1 -m -u -n -i sh
6. Network Security:
-
Test Case: Assess network configurations and security.
-
Commands/Tools:
# List available networksdocker network ls# Inspect details of a specific networkdocker network inspect <network-id> -
Example:
# Inspect details of the 'backend-network'docker network inspect backend-network
7. Resource Utilization:
-
Test Case: Assess resource utilization and potential denial-of-service (DoS) vulnerabilities.
-
Commands/Tools:
# Display real-time resource usage of a containerdocker stats <container-id> -
Example:
# Display resource usage for 'app-container'docker stats app-container
8. Docker API Security:
-
Test Case: Check for unauthorized access to the Docker API.
-
Commands/Tools:
# Query Docker API for informationcurl -s --unix-socket /var/run/docker.sock http://localhost/info -
Example:
# Query Docker API for system informationcurl -s --unix-socket /var/run/docker.sock http://localhost/info
9. Docker Compose Security:
-
Test Case: Assess security configurations in Docker Compose files.
-
Commands/Tools:
# Validate and view the configuration of a Docker Compose filedocker-compose config -
Example:
# Validate and view the configuration of 'docker-compose.yml'docker-compose -f docker-compose.yml config
10. Orchestration Platform Security:
-
Test Case: Evaluate security configurations of the orchestration platform (e.g., Kubernetes).
-
Commands/Tools:
# List pods in a Kubernetes clusterkubectl get pods# Describe details of a specific podkubectl describe pod <pod-name> -
Example:
# List pods in the default namespacekubectl get pods# Describe details of the 'web-pod'kubectl describe pod web-pod
11. Auditing and Logging:
-
Test Case: Evaluate the effectiveness of logging and auditing configurations.
-
Commands/Tools:
# View logs of a running containerdocker logs <container-id> -
Example:
# View logs for 'nginx-container'docker logs nginx-container
12. Security Monitoring:
- Test Case: Assess the effectiveness of security monitoring solutions.
- Commands/Tools:
- Utilize third-party security monitoring tools specific to Docker.
13. Container Signing and Verification:
-
Test Case: Implement container image signing and verify signed images.
-
Commands/Tools:
# Sign a container imagedocker trust sign <image-name># Verify a signed container imagedocker trust inspect --pretty <image-name> -
Example:
# Sign 'my-app' imagedocker trust sign my-app# Verify the signed 'my-app' imagedocker trust inspect --pretty my-app
14. Container Runtime Policies:
-
Test Case: Enforce and assess runtime policies for containers.
-
Commands/Tools:
# Set runtime policies for a containerdocker run --security-opt <policy-option> <image-name> -
Example:
# Run 'secure-app' container with SELinux policydocker run --security-opt label=type:container_runtime_t secure-app
15. Container Secrets Management:
-
Test Case: Securely manage and assess the handling of secrets within containers.
-
Commands/Tools:
# Create and manage secretsdocker secret create <secret-name> <file-path> -
Example:
# Create a secret named 'db-password' from 'password.txt'echo "supersecretpassword" | docker secret create db-password -
16. Container Compliance Scanning:
-
Test Case: Scan containers for compliance with industry standards.
-
Commands/Tools:
# Use a container compliance scanning tooltrivy <image-name> -
Example:
# Scan 'my-web-app' image for vulnerabilitiestrivy my-web-app
17. Container Isolation Techniques:
-
Test Case: Evaluate and enforce container isolation techniques.
-
Commands/Tools:
# Run container with user namespace isolationdocker run --userns=host <image-name> -
Example:
# Run 'isolated-app' with user namespace isolationdocker run --userns=host isolated-app
18. Container Filesystem Permissions:
-
Test Case: Assess and enforce filesystem permissions within containers.
-
Commands/Tools:
# Run container with specific filesystem permissionsdocker run --read-only <image-name> -
Example:
# Run 'readonly-app' with read-only filesystemdocker run --read-only readonly-app
19. Container Image Tagging Best Practices:
-
Test Case: Implement and assess best practices for tagging container images.
-
Commands/Tools:
# Tag a container image with version informationdocker tag <image-name> <image-name>:<version> -
Example:
# Tag 'backend-service' image with version 'v1.0'docker tag backend-service backend-service:v1.0
20. Container Backup and Recovery:
-
Test Case: Implement and assess backup and recovery procedures for containers.
-
Commands/Tools:
# Backup a container's data volumedocker run --volumes-from <container-id> -v $(pwd):/backup busybox tar cvf /backup/backup.tar /data -
Example:
# Backup 'database-container' data volumedocker run --volumes-from database-container -v $(pwd):