Nightingale is an open-source tool that utilizes the power of Docker to provide a ready-to-use environment for penetration testers. With Nightingale, pentesters can easily set up and manage testing environments for web applications, network infrastructure, and other types of systems.
Docker is a powerful technology that allows users to create isolated environments for their applications. In the context of penetration testing, this means that testers can set up a testing environment that is consistent and repeatable, which can save time and effort when re-running tests.
One of the key advantages of Nightingale is that it eliminates the need to install multiple programming languages and modules. This can be a significant time-saver for pentesters, as it eliminates the need to go through the process of setting up and configuring a testing environment from scratch.
Nightingale also allows pentesters to take advantage of the fast booting process that is inherent in virtualization. This means that testers can quickly spin up and tear down testing environments as needed, which can save time and make testing more efficient.
Another advantage of Nightingale is that it is designed to be resource-efficient, which means that it only requires the resources that are needed at the time of testing. This can be particularly beneficial for testers who are working with limited resources.
Nightingale also allows pentesters to perform vulnerability assessment and penetration testing of any scope. It includes all the useful tools that are required for a penetration tester. And also it allows to access the environment via a browser by calling the local IP address.
Overall, Nightingale is an incredibly useful tool for penetration testers, and its use of Docker makes it even more powerful. With Nightingale, testers can easily set up and manage testing environments, and can save time and effort when re-running tests. It’s a platform-independent penetration toolkit that makes it easy for pentesters to perform their work in a consistent, repeatable, and efficient way.
Nightingale: Docker for Pentesters
Welcome to the Nightingale documentation! This guide will provide you with all the information you need to install and set up Nightingale, a powerful open-source tool that utilizes the power of Docker to provide a ready-to-use environment for penetration testing.
- Operating System: Windows, Mac, Linux
- Docker engine installed as per the Operating System
- Operating System tools (Windows, Mac, Linux)
- Compression tools (7zip, tar, zip)
- Development Essentials (Git, GitLab, etc)
- Programming Languages support (Python, Ruby, Java, etc)
- Exploit Frameworks (Metasploit, Exploit-DB, etc)
- Port Scanning tools (nmap,etc)
- Network tools (Tcpdump, etc)
- Forensic tools (exiftool,steghide, binwalk, foremost, etc)
- Red Team Tools (Metasploit, etc)
- Information Gathering tools
Operating System Tools
Compression Techniques Tools
Programming Language Support
Web VAPT Tools
Port Scanning Tools
Red Team Tool
- Impact toolkit
Mobile Application Support (Android Only)
- Debian : Latest
This program is free software. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed stated under GNU GENERAL PUBLIC LICENSE
Installation and Setup
Welcome to the Installation and Setup guide for Nightingale! In this guide, we will walk you through the process of building and running the Nightingale Docker image, as well as providing some additional Docker tips and tricks to help you get the most out of this powerful open-source tool.
Before getting started, you will need to have the following installed on your system:
Docker Image Build and Run
- Take a clone of the Nightingale repository by running the following command in your terminal
git clone --depth 1 <https://github.com/RAJANAGORI/Nightingale.git>
This command will download the latest version of the Nightingale repository to your local machine.
- Change the directory to Nightingale by running the following command:
This will navigate you to the Nightingale folder on your local machine.
- Build the Docker Image by running the following command:
docker build -t rajanagori/nightingale .
This command will build the Nightingale Docker image with the tag
. at the end of the command tells Docker to use the
Dockerfilein the current directory.
- After creating the Docker Image, log in to the image and start using Nightingale by running the following command:
docker run -ti --hostname nightingale rajanagori/nightingale /bin/bash
This command will run the Nightingale Docker container in interactive mode and will give you the terminal access to the container. The
--hostname flag sets the hostname of the container to
- To access Nightingale’s interactive terminal using a browser, run the following command:
docker run -it -p 0.0.0.0:8080:7681 -d rajanagori/nightingale /home/binaries/ttyd -p 7681 bash
This command will run the Nightingale container and map port 8080 of the host machine to port 7681 of the container. It also runs the **
ttyd**command inside the container which allows you to access the container’s terminal via a web browser by visiting
http://localhost:8080 in your browser.
- To run MobSF along with Nightingale, run the following commands:
docker run -it -p 0.0.0.0:8080:7681 -p 0.0.0.0:8081:8081 -d rajanagori/nightingale /home/binaries/ttyd -p 7681 bash cd /home/tools_mobile_vapt/Mobile-Security-Framework-MobSF/ source venv/bin/activate ./run 0.0.0.0:8081 &
This will run the Nightingale container and map ports 8080 and 8081 of the host machine to ports 7681 and 8081 of the container respectively. The second command runs MobSF inside the container by activating the virtual environment and running the
- To bind your host machine directory to your container directory, use the following command:
docker run -it -p 0.0.0.0:8080:7681 -p 0.0.0.0:8081:8081 -v /<your_host_machine_directory_path>:/<your_container_directory_path> -d rajanagori/nightingale /home/binaries/ttyd -p 7681 bash
This command will run the Nightingale container and map ports 8080 and 8081 of the host machine to ports 7681 and 8081 of the container respectively. It also binds the host machine directory specified in
<your_host_machine_directory_path> to the container directory specified in <your_container_directory_path>. This allows you to access the files in the host machine directory from inside the container, and any changes made to the files in the container will be reflected in the host machine directory as well.
Additional Docker Tips and Tricks
- To see a list of all running containers, use the command
docker ps. To see a list of all containers, including stopped ones, use the command
docker ps -a.
- To stop a running container, use the command
docker stop <container_id>.
- To remove a container, use the command
docker rm <container_id>.
- To see the logs of a container, use the command
docker logs <container_id>.
- To open a shell inside a running container, use the command
docker exec -it <container_id> /bin/bash.
- To stop all running containers, use the command
docker stop $(docker ps -q).
- To remove all containers, use the command
docker rm $(docker ps -a -q).
Need some more tips and tricks
Persist Data: You can use Docker volumes to persist data generated by the container even if the container is deleted. This can be useful for storing the results of penetration testing.\
docker run -ti -v <host_directory_path>:<container_directory_path> rajanagori/nightingale /bin/bash
Run Multiple Containers: You can run multiple Nightingale containers in parallel by specifying different ports for each container. This allows you to run multiple penetration testing tasks at the same time.\
docker run -ti -p <host_port1>:<container_port1> -p <host_port2>:<container_port2> rajanagori/nightingale /bin/bash
Run in Detached Mode: You can run Nightingale containers in detached mode by using the
-doption. This allows you to run the container in the background and continue to use your terminal for other tasks.\
docker run -d -p <host_port>:<container_port> rajanagori/nightingale /bin/bash
Use Environment Variables: You can use environment variables to configure Nightingale, such as specifying the location of a configuration file. This allows you to easily switch between different configurations without having to rebuild the Docker image.\
docker run -e <ENV_VAR>=<value> -p <host_port>:<container_port> rajanagori/nightingale /bin/bash
Automate with Docker Compose: You can use Docker Compose to automate the process of building, running and managing multiple containers. This can be useful for setting up a testing environment with all the required tools in one go.\
This command will automate the process of building, running, and managing multiple containers defined in a **
Access the host machine from the container: You can access your host machine’s files and network from inside the container by using the
--network hostflag when running the container. This can be useful for performing testing on the host machine’s network.\
docker run --network host -p <host_port>:<container_port> rajanagori/nightingale /bin/bash
--rmflag while running container: This flag will automatically remove the container when it exits, so you don’t have to worry about cleaning up after yourself.\
docker run --rm -p <host_port>:<container_port> rajanagori/nightingale /bin/bash
Use –name flag while running container: This flag allows you to specify a name for the container, making it easier to identify and manage.\
docker run --name <container_name> -p <host_port>:<container_port> rajanagori/nightingale /bin/bash