How to Build a Docker‑Based Kali Linux Lab with Web Target for Pen‑Testing

Background

When learning network security, a personal attack machine and multiple target machines are needed. Using full‑virtual machines is resource‑intensive and inconvenient, so a Linux VM with Docker installed can host both a desktop‑based attack machine and web targets.

Docker basic concepts

Image (Image)

Container (Container)

Repository (Repository)

Creating the operation machine

1. Install Docker on the host (CentOS example)

yum list docker-ce --showduplicates | sort -r

yum install docker-ce-20.10.6 docker-ce-cli-20.10.6 containerd.io

docker version   # or docker info

systemctl start docker

systemctl enable docker   # enable on boot

2. Build the Kali operation machine

Search and pull a suitable Kali image. docker search kali Typical images: kalilinux/kali-rolling or kalilinux/kali .

docker pull kalilinux/kali-rolling

docker images

docker run -itd -p 3399:3389 kalilinux/kali-rolling /bin/bash

The container ID indicates a successful start.

docker ps

docker attach <em>ID</em>

3. Install basic tools inside the container

apt-get -y update && apt-get -y upgrade && \
DEBIAN_FRONTEND=noninteractive apt-get install -y \
    kali-tools-top10 \
    pciutils \
    vim \
    iputils-ping \
    bash-completion && \
apt-get autoremove -y && apt-get clean

Key packages:

kali-tools-top10 : common penetration‑testing tools

pciutils : lspci utility

vim : text editor

bash-completion : command auto‑completion

iputils-ping : network utilities

4. Commit the customized container as a new image

docker commit <em>ID</em> kali-2021

Remote desktop setup

Run a new container from the committed image and map the XRDP port. docker run -itd -p 3399:3389 kali-2021 Enter the container: docker exec -it <em>ID</em> /bin/bash Replace the default Kali apt sources:

vi /etc/apt/source.list

deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib

deb-src http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib

apt-get update

Install Xfce desktop, Xorg and XRDP: apt-get -y install kali-desktop-xfce xorg xrdp Adjust XRDP port and restart the service:

sed -i 's/port=3399/port=3389/g' /etc/xrdp/xrdp.ini

service xrdp restart

Change the root password so that remote login works:

passwd root

Web target machine

Deploy a container that runs MySQL and Tomcat.

docker run -d --name "tomcat-mysql-run" -e MYSQL_PASSWORD=root -p 1306:3306 -p 1080:8080 aallam/tomcat-mysql

Enter the container to adjust MySQL configuration: docker exec -it <em>ID</em> /bin/bash Create a data directory and modify /etc/mysql/my.cnf:

mkdir -p /data/mysql

vi /etc/mysql/my.cnf   # set datadir=/data/mysql

Connect to MySQL using host 1306, user root, password root.

Import a .sql dump as needed, then access the Tomcat management interface via port 1080, upload a WAR file, and browse the deployed web application.

Conclusion

The article demonstrates how to build a complete Docker‑based security lab from scratch, covering Docker commands, Kali workstation customization, remote desktop configuration, and a MySQL‑Tomcat web target, enabling hands‑on penetration‑testing without requiring prior Docker expertise.