CorporalKraken

Docker Payload ( Bypass anti virus ). Payload data at the endpoint when running NestJS application inside a Docker container.

MIT License

Stars
15
View Code on GitHub View on X
Ecosystems: Shell, Docker

Malicious Docker Payload

This docker image is intended to emulate malicious behavior to test EDR/Anti Virus solutions on Docker/Kubernetes Hosts/Clusters.

How To Run

git clone https://github.com/pxcs/Payload_Docker && cd Payload_Docker
docker build -t Payload_Docker:latest .
docker run Payload_Docker:latest

What Tests are Running?

Anti Virus

EICAR Malware Sample

Network Endpoint Protection

Flightsim Malicious Network Sample

  • Defensive explaination

How Malware Scanner Service works

This repository contains the code to build a pipeline that scans objects uploaded to GCS for malware, moving the documents to a clean or quarantined bucket depending on the malware scan status.

It illustrates how to use Cloud Run and Eventarc to build such a pipeline.

Example

Use the tutorial to understand how to configure your Google Cloud Platform project to use Cloud Run and Eventarc.

Using Environment variables in the configuration

The tutorial above uses a configuration file config.json built into the Docker container for the configuration of the unscanned, clean, quarantined and CVD updater cloud storage buckets.

Environment variables can be used to vary the deployment in 2 ways:

Expansion of environment variables

Any environment variables specified using shell-format within the config.json file will be expanded using envsubst.

Passing entire configuration as environment variable

An alternative to building the configuration file into the container is to use environmental variables to contain the configuration of the service, so that multiple deployments can use the same container, and configuration updates do not need a container rebuild.

This can be done by setting the environmental variable CONFIG_JSON containing the JSON configuration, which will override any config in the config.json file.

If using the gcloud run deploy command line, this environment variable must be set using the --env-vars-file argument, specifying a YAML file containing the environment variable definitions (This is because the commas in JSON would break the parsing of --set-env-vars)

Take care when embedding JSON in YAML - it is recommended to use the Literal Block Scalar style using |, as this preserves newlines and quotes

Big Thanks to googlecloud for explaination

Related Projects
dotenvy

Speed up your production sites by ditching .env for key/value variable pairs as Apache, Nginx, an...

17 Feb 2019 32