Kali Linux with 200+ penetration testing tools for automated security workflows
50K+
ā
Join the Community! Connect with security researchers, AI enthusiasts, and fellow ethical hackers. Get support, share insights, and stay updated with the latest PentAGI developments.
š”ļø Production-ready Kali Linux containers with 200+ curated CLI security tools
Streamlined Docker images specifically optimized for headless penetration testing environments. Get started with security testing in seconds without spending hours installing and configuring tools.
# Pull the latest image
docker pull vxcontrol/kali-linux
# Start interactive session
docker run --rm -it vxcontrol/kali-linux bash
# Run with network capabilities for advanced scanning
docker run --rm -it --cap-add NET_ADMIN --cap-add NET_RAW --net=host vxcontrol/kali-linux bash
go install and package managersdocker pull vxcontrol/kali-linux:latest
Lightweight container with essential penetration testing tools.
docker pull vxcontrol/kali-linux:systemd
Extended image with systemctl support for tools requiring service management.
nmap - Network discovery and security auditingmasscan - High-speed internet-wide port scanneramass - In-depth subdomain enumerationsubfinder - Fast passive subdomain discoveryhttpx - Fast HTTP probing and technology detectionnuclei - Fast vulnerability scanner with YAML templatessqlmap - Automatic SQL injection detection and exploitationgobuster - Directory/file and DNS enumerationffuf - Fast web fuzzernikto - Web server vulnerability scannerimpacket-* - Complete suite for Windows protocol exploitationevil-winrm - Windows Remote Management shellbloodhound-python - Active Directory relationship mappingcrackmapexec - Post-exploitation tool for Windows networkshashcat - Advanced password recoveryjohn - Password hash cracking toolhydra - Network authentication brute-forcermetasploit - Complete exploitation frameworkradare2 - Reverse engineering toolkitbinwalk - Firmware analysis toolComplete tool list available in the repositoryā
# Mount current directory for file access
docker run --rm -it -v $(pwd):/work -w /work vxcontrol/kali-linux bash
# Network scanning with proper capabilities
docker run --rm --net=host --cap-add NET_ADMIN --cap-add NET_RAW \
vxcontrol/kali-linux nmap -sS -O example.com
# Web application testing
docker run --rm -v $(pwd):/data -w /data \
vxcontrol/kali-linux sqlmap -u "http://example.com/page?id=1"
# Vulnerability scanning with results export
docker run --rm -v $(pwd)/results:/results \
vxcontrol/kali-linux nuclei -u example.com -o /results/vulns.json
# Subdomain enumeration
docker run --rm -v $(pwd):/output \
vxcontrol/kali-linux subfinder -d example.com -o /output/subdomains.txt
# Directory brute-forcing
docker run --rm -v $(pwd)/results:/results \
vxcontrol/kali-linux gobuster dir -u http://example.com \
-w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt \
-o /results/directories.txt
# docker-compose.yml
services:
security-scan:
image: vxcontrol/kali-linux
volumes:
- ./reports:/results
- ./targets.txt:/targets.txt
command: |
bash -c "
nuclei -l /targets.txt -o /results/vulnerabilities.json
subfinder -dL /targets.txt -o /results/subdomains.txt
"
Add these aliases to your shell profile (.bashrc, .zshrc) for instant access to tools:
# Network scanning
alias nmap='docker run --rm --net=host --cap-add NET_ADMIN --cap-add NET_RAW vxcontrol/kali-linux nmap'
alias masscan='docker run --rm --net=host --cap-add NET_ADMIN --cap-add NET_RAW vxcontrol/kali-linux masscan'
alias naabu='docker run --rm --net=host --cap-add NET_ADMIN --cap-add NET_RAW vxcontrol/kali-linux naabu'
# Web application testing
alias nuclei='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux nuclei'
alias sqlmap='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux sqlmap'
alias gobuster='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux gobuster'
alias ffuf='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux ffuf'
alias nikto='docker run --rm --net=host -v $(pwd):/work -w /work vxcontrol/kali-linux nikto'
# Reconnaissance
alias subfinder='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux subfinder'
alias httpx='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux httpx'
alias amass='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux amass'
alias katana='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux katana'
# Windows/AD testing
alias crackmapexec='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux crackmapexec'
alias evil-winrm='docker run --rm -it -v $(pwd):/work -w /work vxcontrol/kali-linux evil-winrm'
alias impacket-secretsdump='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux impacket-secretsdump'
# Password cracking
alias hashcat='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux hashcat'
alias john='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux john'
alias hydra='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux hydra'
# Metasploit
alias msfconsole='docker run --rm -it --net=host -v ~/.msf4:/root/.msf4 -v $(pwd):/work -w /work vxcontrol/kali-linux msfconsole'
alias msfvenom='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux msfvenom'
# Interactive shell
alias kali-shell='docker run --rm -it -v $(pwd):/work -w /work --cap-add NET_ADMIN --cap-add NET_RAW vxcontrol/kali-linux bash'
For macOS users, add these aliases to your shell profile (.zshrc, .bash_profile):
# Network scanning
alias nmap='docker run --rm --net=host vxcontrol/kali-linux nmap'
alias masscan='docker run --rm --net=host vxcontrol/kali-linux masscan'
alias naabu='docker run --rm --net=host vxcontrol/kali-linux naabu'
# Web application testing
alias nuclei='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux nuclei'
alias sqlmap='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux sqlmap'
alias gobuster='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux gobuster'
alias ffuf='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux ffuf'
alias nikto='docker run --rm --net=host -v $(pwd):/work -w /work vxcontrol/kali-linux nikto'
# Reconnaissance
alias subfinder='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux subfinder'
alias httpx='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux httpx'
alias amass='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux amass'
alias katana='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux katana'
# Windows/AD testing
alias crackmapexec='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux crackmapexec'
alias evil-winrm='docker run --rm -it -v $(pwd):/work -w /work vxcontrol/kali-linux evil-winrm'
alias impacket-secretsdump='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux impacket-secretsdump'
# Password cracking
alias hashcat='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux hashcat'
alias john='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux john'
alias hydra='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux hydra'
# Metasploit
alias msfconsole='docker run --rm -it --net=host -v ~/.msf4:/root/.msf4 -v $(pwd):/work -w /work vxcontrol/kali-linux msfconsole'
alias msfvenom='docker run --rm -v $(pwd):/work -w /work vxcontrol/kali-linux msfvenom'
# Interactive shell
alias kali-shell='docker run --rm -it -v $(pwd):/work -w /work vxcontrol/kali-linux bash'
Note for macOS users: Raw network capabilities (--cap-add NET_ADMIN --cap-add NET_RAW) are not available in Docker Desktop for Mac, so they are omitted from network scanning tools. For advanced network testing, consider using a Linux VM or remote testing environment.
Perfect for autonomous AI-driven penetration testing:
# Spawn container for AI agent automation
docker run --rm -d --name pentesting-session \
--cap-add NET_ADMIN --cap-add NET_RAW \
-v /tmp/results:/results \
vxcontrol/kali-linux tail -f /dev/null
# AI agents can execute commands
docker exec pentesting-session nmap -sn 192.168.1.0/24
docker exec pentesting-session nuclei -u https://example.com -o /results/vulns.json
Designed for seamless integration with PentAGIā - an autonomous AI agents system for penetration testing.
ā ļø Important: These images contain penetration testing tools intended for authorized security testing only.
See Disclaimer section for complete legal and ethical usage guidelines.
Container Configuration: The Docker configuration files and build scripts in this project are licensed under the MIT License.
Included Software: This Docker image contains software packages from the official Kali Linux repository and third-party tools, each governed by their respective licenses. Users are responsible for ensuring compliance with the individual licenses of all included software for their specific use cases.
Base Image: Built upon the official kalilinux/kali-rollingā image, subject to its licensing terms and conditions.
Ethical Use Only: This image is provided exclusively for ethical hacking, authorized penetration testing, and security research in full compliance with the Kali Linux EULA and the licenses of all included software.
No Warranty: The authors and contributors provide this image "as is" without warranty of any kind and disclaim all liability for any damages arising from the use of this image or any software contained within it.
User Responsibility: Users are solely responsible for ensuring their use complies with all applicable laws, regulations, and the terms of service of target systems. Only use on systems you own or have explicit written authorization to test.
Content type
Image
Digest
sha256:555541e10ā¦
Size
4.7 GB
Last updated
7 months ago
docker pull vxcontrol/kali-linux:systemd