Docker can be used as penetration testing platform running self-contained, lightweight environments that take seconds to start, below is a list of popular Docker images you can deploy:
docker pull kalilinux/kali-linux-dockerofficial Kali Linuxdocker pull owasp/zap2docker-stable– official OWASP ZAPdocker pull wpscanteam/wpscan– official WPScandocker pull remnux/metasploit– docker-metasploitdocker pull citizenstig/dvwa– Damn Vulnerable Web Application (DVWA)docker pull wpscanteam/vulnerablewordpress– Vulnerable WordPress Installationdocker pull hmlio/vaas-cve-2014-6271– Vulnerability as a service: Shellshockdocker pull hmlio/vaas-cve-2014-0160– Vulnerability as a service: Heartbleeddocker pull opendns/security-ninjas– Security Ninjasdocker pull diogomonica/docker-bench-security– Docker Bench for Securitydocker pull ismisepaul/securityshepherd– OWASP Security Shepherddocker pull danmx/docker-owasp-webgoat– OWASP WebGoat Project docker imagedocker-compose build && docker-compose up– OWASP NodeGoatdocker pull citizenstig/nowasp– OWASP Mutillidae II Web Pen-Test Practice Applicationdocker pull bkimminich/juice-shop– OWASP Juice Shop
