Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/V0rt3xS0urc3/RedTeam-Portfolio/llms.txt

Use this file to discover all available pages before exploring further.

DockerLabs hosts 193 vulnerable machines designed to sharpen your ethical hacking skills through hands-on practice. Every machine is self-contained inside a Docker container, meaning you can spin up a target in seconds, hack it, and tear it down โ€” no hardware required. This section of the Red Team Portfolio covers writeups for the Hacking Infraestructura category, walking through each machine from initial reconnaissance to root access using real-world techniques.

Categories on DockerLabs

DockerLabs organises its content into five main categories. This portfolio currently focuses on Hacking Infraestructura, with the remaining categories in progress.
CategoryStatus
๐Ÿ”ง Hacking Infraestructuraโœ… In Progress
๐ŸŒ Hacking Web๐Ÿšง In Construction
๐Ÿ“ Hacking CMS๐Ÿšง In Construction
๐Ÿ› Bug Bounty๐Ÿšง In Construction
๐Ÿ”€ Pivoting๐Ÿšง In Construction

Difficulty Levels

Each machine is tagged with a difficulty level that determines the complexity of techniques required. The writeups in this section are all rated Muy Fรกcil (Very Easy) โ€” the ideal starting point for anyone new to infrastructure hacking.
LevelSpanishDescription
Very EasyMuy FรกcilFundamental techniques, beginner-friendly enumeration and exploitation
EasyFรกcilBasic CVEs, simple privilege escalation chains
MediumMedioChained vulnerabilities, deeper enumeration, lateral movement
HardDifรญcilComplex exploitation paths, advanced privilege escalation

Available Writeups

All four machines below are rated Very Easy and cover foundational hacking infrastructure skills: port scanning, service exploitation, credential attacks, and privilege escalation.

BorazuwarahCTF

Extract a hidden username from image metadata with exiftool, run a steghide extraction with stegseek, then brute-force SSH credentials with Hydra to gain access and escalate via a misconfigured sudo rule.

BreakMySSH

A focused SSH brute-force exercise. Enumerate the target with Nmap, then unleash Hydra against the SSH service using rockyou.txt to land a direct root shell โ€” no privilege escalation required.

firsthacking

Exploit the classic vsftpd 2.3.4 backdoor via Metasploit and a manual netcat trigger. A great introduction to CVE-based exploitation and using searchsploit to find public exploits.

trust

Enumerate a web server with Gobuster to discover a hidden PHP page leaking a username, brute-force the SSH password with Hydra, then abuse a sudo vim misconfiguration to escalate to root.

Tools Used Across Writeups

Every machine in this section was attacked from a Kali Portable environment โ€” a fully self-contained Docker-based Kali Linux station with GPU acceleration and 100+ pre-installed pentesting tools. You can read more about it at /kali-portable/overview. The core toolset across these writeups includes:
  • Nmap โ€” Service and version scanning (-sC -sV --min-rate)
  • Hydra โ€” Dictionary-based brute force against SSH
  • Gobuster โ€” Web directory and file enumeration
  • Metasploit โ€” Module-based exploitation (vsftpd backdoor)
  • stegseek / steghide / exiftool โ€” Steganography and metadata analysis
  • GTFOBins โ€” Reference for sudo/SUID privilege escalation
All writeups use 172.17.0.2 as the target IP โ€” the default address Docker assigns to the first container on the docker0 bridge network. Your machine may receive the same IP, but always confirm with the output of ./auto_deploy.sh.

Launching Your Environment

Before attacking any machine, start your Kali Portable session in a second terminal window:
./run-kali.sh normal
Then deploy the target machine in the first terminal by running the provided deploy script (see individual writeups for machine-specific commands). When you are done, press Ctrl+C in the deploy terminal to stop and remove the container.
Only test these techniques on machines you are authorised to attack. DockerLabs machines are intentionally vulnerable and designed exclusively for educational practice. Never run these attacks against systems you do not own or have explicit written permission to test.
New to hacking infrastructure? Start with BreakMySSH for a single-technique warm-up, then move to trust to chain web enumeration with privilege escalation, and finish with BorazuwarahCTF to add steganography to your skill set.

Build docs developers (and LLMs) love