diff --git a/README.md b/README.md index de534d8..45d7e5d 100644 --- a/README.md +++ b/README.md @@ -46,6 +46,14 @@ And finally simply run Docker-Compose: $ docker compose . ``` +## Examples + +The examples directory includes various scenarios to emulate and capture network traffic of popular tools and interactions: + +* [Port scan with nmap](examples/port-scan/README.md) +* [SSH brute force with HYDRA](examples/ssh-brute-force/README.md) + + ## License This framework is released under the [LGPL-3.0](LICENSE). Feel free to use, modify, and distribute it in accordance with the terms of the license. diff --git a/docker-compose.example.yml b/docker-compose.example.yml index fb3003b..5c11b27 100644 --- a/docker-compose.example.yml +++ b/docker-compose.example.yml @@ -7,37 +7,8 @@ services: dockerfile: Dockerfile.dorothea network_mode: "host" volumes: + # This directory is mounted to retrieve the pmacct configuration + # and to dump the captured netflows outside the container. - .:/dorothea # YOUR ACTIONS: Remove the example service below and add your own - guinea-pig: - build: - context: . - dockerfile: Dockerfile.guineapig - network_mode: "bridge" - ports: - - "80:80" - healthcheck: - test: ["CMD-SHELL", "service ssh status || exit 1"] - interval: 10s - timeout: 5s - retries: 5 - deploy: - resources: - limits: - cpus: '1.0' # Limit to 1.0 CPUs - memory: 1024M # Limit to 1024 MB of RAM - reservations: - cpus: '0.25' # Reserve 0.5 CPUs - memory: 512M # Reserve 512 MB of RAM - - attacker: - build: - context: . - dockerfile: Dockerfile.attacker - network_mode: "bridge" - depends_on: - guinea-pig: - condition: service_healthy - command: ["nmap", "-p0-", "-v", "-A", "-T4", "172.17.0.0/16"] - \ No newline at end of file diff --git a/examples/port-scan/README.md b/examples/port-scan/README.md new file mode 100644 index 0000000..2462304 --- /dev/null +++ b/examples/port-scan/README.md @@ -0,0 +1 @@ +# Port scan \ No newline at end of file