SSJ is a silly little script that makes use of Docker installed on your everyday Linux distribution (Ubuntu, Debian, etc.) and magically arms it with hundreds of penetration testing and forensics tools. All of these run with almost native performance (as containers utilize the host operating system’s kernel) and thus is a slightly better alternative to Virtual Machines in terms of speed, performance and convenience.
Technical Details
SSJ is a Docker image that uses Kali Linux base image,kalilinux/kali
and installs kali-linux-large
metapackage over it. It uses the kali.download/kali
mirror and kali-last-snapshot
branch. It also allows you to run GUI applications like Burpsuite, Wireshark, Ettercap, etc. from within the container on your everyday Linux distribution by using --privileged
container capabilities and adding a universal access control to xhost
. This script pulls/builds the Docker image and creates a .desktop
file (the Application Launcher) for you that initiates the runs the container. So, the only thing you need to do is, find SSJ in you aplicaiton drawer/menu and click on it to launch it. A terminator
terminal will popup with all your pentesting and forensics tools in it. Execute burpsuite
to fire up the proxy, wireshark
to fire up the packet analyzer and like that, you have access to hundreds of tools and packages that are there in Kali Linux (particularly the kali-linux-large
metapackage), right on your everyday Linux distribution. Also, contrary to virtual machines, that are either networked behind a virtual NAT or bridged along with the host operating system, SSJ utilizes the host network stack as it is (using --net=host
) which means that the SSJ container will have direct access to all the network interfaces as the host Linux distribution and will also share the same IP address.
Prerequisites
docker
group)Installation
wget https://raw.githubusercontent.com/thirdbyte/ssj/main/ssj_quick.sh -O /tmp/ssj.sh && chmod +x /tmp/ssj.sh && sudo /tmp/./ssj.sh
This might take variable time depending upon your Internet speed. It pulls the Docker image from Docker Hub that weighs around 4G. This method is fast, certain and recommended.
OR
wget https://raw.githubusercontent.com/thirdbyte/ssj/main/ssj_build.sh -O /tmp/ssj.sh && chmod +x /tmp/ssj.sh && sudo /tmp/./ssj.sh
This might take variable time depending upon your Internet speed. It builds the image locally which requires downloading of all the packages in kali-linux-large
metapackage that weigh around 3G to 4G. This method is slower, uncertain and not recommended but might make sense in case a user does not trust pre-built Docker Hub images.
Usage
terminator
terminal will pop up.msfconsole
, burpsuite
, wireshark
, etc./root
directory inside the container and find it at /home/ssj
on your host Linux distribution.Screenshots
xfce4-terminal
which is now replaced with terminator
.Plugins
kali-linux-large
metapackage.Updates
Redo the installation and if you are using Add Tools plugin, you’ll need to re-execute the add-tools
script as well.
Troubleshooting
404
error finding some packages while trying to build the image or install SSJ using the Build Install command. The only way to resolve this as of now is to either wait a few hours and try again, or install SSJ using the Quick Install command./root
directory have the owner set to root. On the host Linux distribution, this directory is /home/ssj
. All the files and sub directories inside /home/ssj
will require the root user of the host Linux distribution in case any data needs to be written to or deleted from this directory.Limitations
--privileged
container capabilities and --net=host
networking. It also adds a universal access control to xhost
for making GUI applications work, but immidiately closes it once SSJ’s terminator
is exited. This might allow any application to access the X server or GUI of your host Linux distribution in particular for the time SSJ is running which can be a security or a privacy concern for many.Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…
This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…
GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…
The free and open-source security platform SecHub, provides a central API to test software with…
Don't worry if there are any bugs in the tool, we will try to fix…