Add pentest stack - Security testing Docker Compose sample

README.md

@@ -65,6 +65,7 @@ with Spring framework and a Postgres database.
 - [`Plex`](https://github.com/docker/awesome-compose/tree/master/plex)
 - [`Portainer`](https://github.com/docker/awesome-compose/tree/master/portainer)
 - [`Wireguard`](https://github.com/docker/awesome-compose/tree/master/wireguard)
+- [`Pentest Stack`](n01d-pentest-stack) - Security testing environment with Kali, Metasploit, Burp Suite, and Nuclei.
 - [`FastAPI`](fastapi)
 
 ## Basic setups for different platforms (not production ready - useful for personal use)

n01d-pentest-stack/README.md

@@ -0,0 +1,71 @@
+## Penetration Testing Stack
+
+This sample provides a complete penetration testing environment with:
+- **Kali Linux** - Rolling distribution with pre-installed security tools
+- **Metasploit Framework** - Exploitation framework with PostgreSQL backend
+- **Burp Suite Community** - Web application security testing proxy
+- **Nuclei** - Fast vulnerability scanner with template support
+
+### Project structure
+
+```text
+.
+├── compose.yaml
+└── README.md
+```
+
+### Prerequisites
+- Docker Desktop 4.x or Docker Engine 20.x+
+- At least 8GB RAM recommended
+- 20GB+ free disk space
+
+### Deploy with docker compose
+
+```bash
+$ docker compose up -d
+```
+
+### Expected result
+
+```bash
+$ docker compose ps
+NAME            SERVICE      STATUS     PORTS
+n01d-kali       kali         running    
+n01d-msf        metasploit   running    0.0.0.0:4444->4444/tcp, 0.0.0.0:8080->8080/tcp
+n01d-postgres   postgres     running    5432/tcp
+n01d-burp       burpsuite    running    0.0.0.0:8081->8080/tcp
+n01d-nuclei     nuclei       running    
+```
+
+### Usage
+
+#### Access Kali container
+```bash
+docker exec -it n01d-kali /bin/bash
+```
+
+#### Start Metasploit console
+```bash
+docker exec -it n01d-msf ./msfconsole
+```
+
+#### Run Nuclei scan
+```bash
+docker exec n01d-nuclei nuclei -u https://target.com
+```
+
+#### Access Burp Suite
+Open browser to `http://localhost:8081`
+
+### Shared data
+All containers share a `/shared` volume for transferring files between tools.
+
+### Stop and remove containers
+```bash
+docker compose down
+```
+
+### Remove all data
+```bash
+docker compose down -v
+```

n01d-pentest-stack/compose.yaml

@@ -0,0 +1,73 @@
+services:
+  kali:
+    image: kalilinux/kali-rolling
+    container_name: n01d-kali
+    command: tail -f /dev/null
+    volumes:
+      - kali-data:/root
+      - shared-data:/shared
+    networks:
+      - pentest-net
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+
+  metasploit:
+    image: metasploitframework/metasploit-framework
+    container_name: n01d-msf
+    volumes:
+      - msf-data:/root/.msf4
+      - shared-data:/shared
+    networks:
+      - pentest-net
+    ports:
+      - "4444:4444"
+      - "8080:8080"
+    depends_on:
+      - postgres
+
+  postgres:
+    image: postgres:15-alpine
+    container_name: n01d-postgres
+    environment:
+      POSTGRES_USER: msf
+      POSTGRES_PASSWORD: msf
+      POSTGRES_DB: msf
+    volumes:
+      - postgres-data:/var/lib/postgresql/data
+    networks:
+      - pentest-net
+
+  burpsuite:
+    image: portswigger/burp-suite-community
+    container_name: n01d-burp
+    volumes:
+      - burp-data:/root/.java/.userPrefs
+      - shared-data:/shared
+    networks:
+      - pentest-net
+    ports:
+      - "8081:8080"
+
+  nuclei:
+    image: projectdiscovery/nuclei:latest
+    container_name: n01d-nuclei
+    volumes:
+      - nuclei-data:/root/.nuclei
+      - nuclei-templates:/root/nuclei-templates
+      - shared-data:/shared
+    networks:
+      - pentest-net
+
+volumes:
+  kali-data:
+  msf-data:
+  postgres-data:
+  burp-data:
+  nuclei-data:
+  nuclei-templates:
+  shared-data:
+
+networks:
+  pentest-net:
+    driver: bridge