An Ubuntu image run in a container, configured with a collection of tools and more for CTF-Challenges and Bug Bounty.
-
Create a directory to copy The-Switchboard code into (you can name it whatever you want).
mkdir switchboard
- Move into the directory.
cd switchboard
- Clone the repository.
git clone https://github.com/D1al-T0ne/The-Switchboard.git
- You will need to build the image.
docker build -t switchboard .
Running this command with "-t" or "--tag" followed by a name will tag the image with this name. The "." is telling docker the Dockerfile is in the current directory to build from.
- You then can run the image.
docker run -it switchboard
Running this command with "-it" allows for interactive processes (like a shell).
I created an alias to run the image.
alias switchboard='cd ~/switchboard && docker run -v ~/switchboard:/srv/ -it --rm swithcboard'
Breaking down the alias.
- "cd ~/switchboard", moves you into the directory switchboard
- "docker run. -v ~/switchboard:/srv/", this gives persistant storage.
- "--it --rm swithchboard", "--rm" is away to keep things clean after the image is shutdown.
Tool | Description |
---|---|
arjun | Arjun is a tool for finding query parameters for URL endpoints. |
amass | The OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques. |
dirsearch | Dirsearch is a mature command-line tool designed to brute force directories and files in webservers. |
eyewitness | EyeWitness is designed to take screenshots of websites provide some server header info, and identify default credentials if known. |
ffuf | FFUF is an Open Source web fuzzing tool, intended for discovering elements and content within web applciations, or web servers. |
gau | getallurls (gau) fetches known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl for any given domain. Inspired by Tomnomnom's waybackurls. |
gf | A wrapper around grep to avoid typing common patterns. |
httprobe | HTTProbe takes a list of domains and probes for working http and https servers. |
iis shortname scanner | Microsoft IIS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered during the parsing of a request that contains a tilde character (~). |
kiterunner | Kiterunner is a tool that is capable of not only performing traditional content discovery at lightning fast speeds, but also bruteforcing routes/endpoints in modern applications. |
linkfinder | LinkFinder is a python script written to discover endpoints and their parameters in JavaScript files. |
massdns | MassDNS is a simple high-performance DNS stub resolver targeting those who seek to resolve a massive amount of domain names in the order of millions or even billions. Without special configuration, MassDNS is capable of resolving over 350,000 names per second using publicly available resolvers. |
meg | meg is a tool for fetching lots of URLs but still being 'nice' to servers. |
nmap | Nmap is a free and open source utility for network security and auditing. |
qsreplace | Accept URLs on stdin, replace all query string values with a user-supplied value, only output each combination of query string parameters once per host and path. |
secrectfinder | SecretFinder is a python script based on LinkFinder, written to discover sensitive data like apikeys, accesstoken, authorizations, jwt,..etc in JavaScript files. |
sqlmap | sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. |
unfurl | Pull out bits of URLs provided on stdin |
- Finish setup.sh script to finsih some configurations for Bash, and Vim.
- Add curlrc file
If you have any tips or improvement ideas I should be working on please let me know.