• Stars
    star
    137
  • Rank 266,121 (Top 6 %)
  • Language
    Python
  • License
    MIT License
  • Created about 1 year ago
  • Updated about 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Docker Remote API Scanner and Exploit

Docker Remote API Scanner and Exploit

Banner

DISCLAIMER: This educational material is provided for learning and research purposes only. The developer and publisher of this content do not accept any responsibility or liability for any misuse or unlawful actions conducted by individuals who have accessed or utilized this material.

Introduction

This repository contains a Docker Remote API Scanner and Exploit tool designed for educational and research purposes. It enables users to perform security assessments and experiments related to Docker container environments.

Features

  • Mass scanning and exploitation of Docker hosts
  • Interactive mode for manual interactions
  • Specify the target Docker API URL
  • Input a list of targets from a file
  • Generate output for your scans and exploitation results

Usage

To get started, you can use the following command-line options:

  • --url URL: Specify the target Docker API URL.
  • --file FILE: Specify a file for input, providing a list of target URLs.
  • --output OUTPUT: Specify a file for output to save the results of your scans and exploitation.
  • --mass-check: Enable mass scanning and exploitation.
  • --exploit: Exploit target(s).
  • --interact: Enter interactive mode for manual interactions.

Single Scan

python docker_remote_api_exploit.py --url http://127.0.0.1 --output potential.txt

Mass Scan

python docker_remote_api_exploit.py --file targets.txt --mass-check --output potential.txt 

Single Exploit

python docker_remote_api_exploit.py --url http://127.0.0.1 --exploit --output exploited.txt

Single Exploit (Interaction Mode)

python docker_remote_api_exploit.py --url http://127.0.0.1 --exploit --interact --output exploited.txt

Mass Exploit

python docker_remote_api_exploit.py --file potential.txt --exploit --output exploited.txt

Contributing

Contributions are welcome! Feel free to create issues, propose new features, or submit pull requests to improve this tool. Please ensure that your contributions align with the intended use of this repository.

License

This tool is available under the MIT License. Please review the license before using or contributing to this project.

Disclaimer

By using this tool, you acknowledge and agree to the terms and conditions outlined in the DISCLAIMER section above.

Author


For educational and research purposes only. Use responsibly and ethically.

GitHub

More Repositories

1

sicat

The useful exploit finder
Python
627
star
2

mass_cve-2021-41773

MASS CVE-2021-41773
Python
28
star
3

LazyRev

LazyRev for Lazy People
21
star
4

Yuyu_Scanner

Web Reconnaissance and Analyst
Python
20
star
5

LazyWare

A simple Ransomware Generator
Python
18
star
6

CVE-2022-1388

Tool for CVE-2022-1388
Python
14
star
7

CVE_Database

The Common Vulnerabilities Exposures (CVE) Database
13
star
8

zoneH-Grabber

Zone-h Grabber For Lazy people
8
star
9

LaCrot

Laravel Croter | GET SMTP, DATABASE, APP_KEY FROM MISSCONFIGURATION AND DEBUGING IN LARAVEL
Python
8
star
10

FreeDa

just show app list and run frida with js
JavaScript
8
star
11

Log4j-CVE-2021-44228

Mass Check Vulnerable Log4j CVE-2021-44228
Python
6
star
12

yusub

just subdomain enumeration from yuyu scanner
Python
6
star
13

Techincal_CheatSheet

A cheat sheet regarding Penetration testing, Bug Bounties, Capture The Flag and Others in Bahasa.
6
star
14

grab_maillist

GRAB MAILIST FROM DATABASE
PHP
5
star
15

0day-wordpress-easy-smtp

this is mass scanner 0day wordpress easy smtp
5
star
16

shells

PHP
5
star
17

htc

Tool for checking http/s from domain list
Python
3
star
18

list-divider

Tool ini untuk membagi list besar menjadi beberapa file
3
star
19

Wordpress_DOS

WORDPRESS DOS on wp-admin/load-scripts.php and wp-admin/load-styles.php
Python
3
star
20

wordlist-indo

Indonesian Password List Database
3
star
21

IPRC

IP RANGER AND CHECKER
3
star
22

ssltion

7 lines code of Python for Bypass SSL Pinning with objection
Python
3
star
23

Parameter_Cleaner

Remove some parameter like .php?id=
Python
2
star
24

Priv8-bot

my private bot
2
star
25

justakazh

Maybe Useless Information
2
star
26

oldsite

My personal website
HTML
2
star
27

CVE_PoC

Discovered references proof of concept (PoC) based on common vulnerabilities Exposures (CVE)
2
star
28

shared_prefs

Android Penetration Testing - Android Data Storage Information Disclosure
Python
1
star
29

Seo-Tool

This is a tool for seo
1
star
30

Mass_Deface

This is Mass Deface Tool Python Version, Good use after Privileges Escalation
Python
1
star
31

LazyXploit

this is a mass exploit by following the latest 0day update
1
star
32

Penetration_Testing

idk what is this
1
star
33

LazyRev-Premium

1
star
34

yuyu_api

Yuyu Scanner API
Python
1
star