Skip to content
/ apod Public

This is a minimal podman container and a wrapper script to launch (GUI) applications from a podman container.

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

RedB34r/apod

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
Container
Container
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
apod.sh
apod.sh
 
 

Repository files navigation

apod (Attacker Pod)

apod is a lightweight wrapper and Containerfile designed for security professionals who need a Kali Linux environment with GUI support without the overhead of a full Virtual Machine.

It streamlines the process of launching GUI applications (via X11 or XWayland) and provides the necessary network capabilities (NET_RAW, NET_ADMIN) for networking tools such as OpenVPN.

While apod provides a flexible and scalable foundation for general security workflows, it is designed as a general-purpose tool. Users handling intensive workloads—such as high-speed password cracking—may need to further customize the container configuration for hardware acceleration and resource optimization.

Features

  • Containerized: Rootless container provided by podman.
  • GUI Ready: Forwards X11 and Wayland sockets to the container. Plus you can access it via RDP on port 63389.
  • Persistence: Supports a shared host-to-container directory
  • Prepared tools: Includes a massive suite of security tools (Metasploit, Bloodhound, Ghidra, etc.) on a Kali Rolling base.
  • Flexible: easy to extend and customize the container and the wrapper script.

Caution

apod is not working on Windows machines. It was tested on Debian and Void Linux.

Installation

1. Clone the repository

git clone https://github.com/RedB34r/apod
cd apod/Container

Feel free to change the confiugration of the container or the attached files (vimrc, tmux.conf).

2. Build the container

Build the image:

podman build -t <image name>:<version> .

You can customize the root password using a build argument:

podman build --build-arg PASSWORD="<root password> -t <image name>:<version> .

3. Configure the wrapper

Open apod.sh and ensure the variables match your environment:

  • shared: Path to your local project folder (e.g., ~/tools/shared).
  • podman_image_name: Must match the tag and version used in Step 2.

Usage

The apod.sh script manages the container lifecycle.

Basic Commands

Action Command Description
Start ./apod.sh start Initializes and starts the container.
Shell ./apod.sh shell Drops you into an interactive Bash session.
Run ./apod.sh run <cmd> Executes a single command (or GUI app) in the background.
Stop ./apod.sh stop Stops the container while keeping its state.
Remove ./apod.sh stop --rm Stops and deletes the container instance.

Examples

  • Launch a GUI app: ./apod.sh run firefox-esr
  • Using extra parameters for the container: ./apod.sh start --rm (Passes extra flags directly to podman run).

Important Notes

Caution

This project is a "quick and dirty" solution. It grants the container significant privileges (networking and display access). Use it only in environments you trust.

  • Audio: Currently not supported. If you have a clean way to implement PulseAudio/PipeWire forwarding, PRs are welcome!
  • Development Status: This is a hobby project. It is not under active daily development, and updates will be released sporadically

About

This is a minimal podman container and a wrapper script to launch (GUI) applications from a podman container.

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages