Official Docker image for OWASP OWTF.
-
Install Docker.(specific instructions can be found here).
-
Then run these commands, please notice that the first time these commands are run the script will download docker images from the registry, which might take a while depending on your internet connection.
git clone https://github.com/owtf/owtf-docker.git
-
Run
docker build -t <yourpreferredname> <path to Dockerfile>
.
-
You can launch your OWTF container by running
# docker run -itd --privileged -p 8008:8008 -p 8009:8009 -p 8010:8010 <image name> -e [-u]
# docker run -itd --privileged --net=host <image name> [-u]
-d
launches the container as a daemon.-p
flags map the host port to the container port-e
allow access to web ui. Recommended when a virtual host is used-u
install optional dependencies- Get the image name by running
docker images
.
-
To use the OWTF mitm proxy, set the proxy settings to
localhost:8008
. -
Point your browser to
<hostip>:8009
.
- You can save the updated image by following these steps:
-
run your docker image with the --update option
# docker run -it --privileged --net=host <image name> --update
-
commit the running image into a new one. You can find the container_id by running
# docker ps
# docker commit <container_id> <extended image name>
-
run the extended image
# docker run -it --privileged --net=host <extended image name>