This Docker setup provides a Kali Linux environment optimized for wireless testing and packet capture, with automatic monitor mode activation and USB Wi-Fi card support.
- USB Wi-Fi card passthrough
- Host networking mode
- Automatic monitor mode activation
- Preinstalled wireless tools (airodump-ng, iwconfig, tcpdump)
- Common error handling (RTNETLINK errors, rfkill blocks, driver issues)
- Persistent capture storage
- Interactive container management
- X11 forwarding support
- Full Kali Linux toolset (kali-linux-default)
- GUI application support (Burp Suite, etc.)
- Pre-installed tools: PEASS, PayloadsAllTheThings
- Docker and Docker Compose installed
- Linux host system (Ubuntu/Debian recommended)
- USB Wi-Fi card compatible with monitor mode
- Root/sudo access
- X11 server running (for GUI apps)
- Linux: Already configured
- Mac: Install XQuartz
- Windows: Install VcXsrv
- At least 4GB RAM recommended
- 20GB free disk space
This setup uses Docker to provide a secure, isolated environment for penetration testing and wireless security research. Here's how it protects your host system:
- Isolation: All testing activities are contained within the Docker container, preventing accidental modifications to your host system
- Resource Control: Docker's resource limits prevent any single container from consuming all system resources
- Clean Environment: Each container starts with a fresh, known-good state, eliminating conflicts with existing tools or configurations
- Easy Cleanup: Simply removing the container eliminates all testing artifacts and potential malware
- Version Control: Docker images can be versioned and rolled back if needed
- Reproducibility: The same environment can be recreated on any system with Docker installed
- Network Isolation: While we use host networking for wireless testing, other network interfaces remain isolated
- File System Protection: The container's file system is isolated from the host, preventing accidental file system corruption
-
Clone this repository:
git clone https://github.com/lpolish/kali-pentest-container.git cd kali-pentest-container -
Build the Docker image:
docker compose build
-
Start the container using the management script:
./start.sh
-
From the menu, select:
- Option 3 for wireless testing
- Option 1 for general pentesting
- Option 8 to attach to a running container
The main management script that provides:
- Interactive menu for container management
- Container lifecycle control (start/stop/rebuild)
- X11 forwarding setup
- Persistent storage management
- Container status monitoring
- Easy container attachment
A specialized script for wireless testing that:
- Automatically configures wireless interfaces
- Handles monitor mode activation
- Manages driver issues
- Provides wireless-specific error handling
- Runs automatically when the wireless container starts
Once inside the container, you can use the following commands:
-
List wireless interfaces:
iwconfig
-
Start packet capture:
airodump-ng wlan0
-
Capture packets to file:
tcpdump -i wlan0 -w /root/captures/capture.pcap
-
Run GUI apps from container shell:
burp # Burp Suite firefox # Firefox browser wireshark # Network analysis
-
Use tmux for session management:
tmux # Start new session tmux a # Attach to existing session
-
Check if the device is recognized by the host:
lsusb
-
Verify USB passthrough:
docker exec -it kali-wifi lsusb
-
Check interface status:
iwconfig
-
Manually reload driver:
modprobe -r <driver> modprobe <driver>
-
Check for conflicting processes:
airmon-ng check
-
Kill conflicting processes:
airmon-ng check kill
- Ensure X11 server is running
- Run on Linux/Mac:
xhost +local:root
- Check environment variables:
echo $DISPLAY echo $XAUTHORITY
- Verify host networking mode is active
- Check host firewall rules
- Ensure Docker has necessary permissions
- Increase Docker resource limits
- Check host system resources
- Consider using volume mounts for large datasets
Dockerfile: Container configurationdocker-compose.yml: Docker Compose configurationstart.sh: Main container management scriptstart_monitor.sh: Wireless interface setup scriptcaptures/: Directory for packet capturespentest/: Directory for persistent pentesting data
- This container runs in privileged mode and uses host networking
- Use only on systems you own or have permission to test
- Follow all applicable laws and regulations
- Keep the system updated and secure
- Destroy container after use to wipe temporary data
- No sensitive data stored in container
- Regular security updates via apt
This project is licensed under the MIT License - see the LICENSE file for details.