Bash script to manage web apps using docker and hosts aliases.
Made for Kali linux, but should work fine with pretty much any linux distro.

• bWAPP
• WebGoat 7.1
• WebGoat 8.0
• Damn Vulnerable Web App
• Mutillidae II
• OWASP Juice Shop
• WPScan Vulnerable Wordpress
• OpenDNS Security Ninjas
• Altoro Mutual

Using any of these apps can be done in 3 quick and simple steps.

Clone this repo, or download it any way you prefer

git clone https://github.com/hoangthanhnguyen/pentestlab.git
cd pentestlab

For Kali x64 you can use this script (included in the repo).

./install_docker_kali_x64.sh

For any other distro, use the prefered way to install docker.

Now you can start and stop one or more of these apps on your system. As an example, to start bWAPP just run this command

./pentestlab.sh start bwapp

This will download the docker, add bwapp to hosts file and run the docker mapped to one of the localhost IPs. That means you can just point your browser to http://bwapp and it will be up and running.

./pentestlab.sh list 

./pentestlabs.sh 

Usage: ./pentestlab.sh {list|status|info|start|stop} [projectname]

 This scripts uses docker and hosts alias to make web apps available on localhost"

Ex.
./pentestlab.sh list
   List all available projects  

./pentestlab.sh status
   Show status for all projects  

./pentestlab.sh start bwapp
   Start docker container with bwapp and make it available on localhost  

./pentestlab.sh stop bwapp
   Stop docker container

./pentestlab.sh info bwapp
   Show information about bwapp project

DVWA - Ryan Dewhurst (vulnerables/web-dvwa)
Mutillidae II - OWASP Project (citizenstig/nowasp)
bWapp - Rory McCune (raesene/bwapp)
Webgoat(s) - OWASP Project
Juice Shop - OWASP Project (bkimminich/juice-shop)
Vulnerable Wordpress - github.com/wpscanteam/VulnerableWordpress
Security Ninjas - OpenDNS Security Ninjas
Altoro Mutual - github.com/hclproducts/altoroj

github references means the docker is custom created and hosted in dockerhub.