mirror of
https://github.com/CyberSecurityUP/NeuroSploit.git
synced 2026-02-12 14:02:45 +00:00
52 lines
1.2 KiB
YAML
52 lines
1.2 KiB
YAML
# NeuroSploit v3 - Security Sandbox
|
|
# Isolated container for running real penetration testing tools
|
|
#
|
|
# Usage:
|
|
# docker compose -f docker-compose.sandbox.yml up -d
|
|
# docker compose -f docker-compose.sandbox.yml exec sandbox nuclei -u https://target.com
|
|
# docker compose -f docker-compose.sandbox.yml down
|
|
|
|
services:
|
|
sandbox:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile.sandbox
|
|
image: neurosploit-sandbox:latest
|
|
container_name: neurosploit-sandbox
|
|
command: ["sleep infinity"]
|
|
restart: unless-stopped
|
|
networks:
|
|
- sandbox-net
|
|
volumes:
|
|
- sandbox-output:/opt/output
|
|
- sandbox-templates:/opt/nuclei-templates
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
memory: 2G
|
|
cpus: '2.0'
|
|
reservations:
|
|
memory: 512M
|
|
cpus: '0.5'
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
cap_add:
|
|
- NET_RAW # Required for naabu/nmap raw sockets
|
|
- NET_ADMIN # Required for packet capture
|
|
healthcheck:
|
|
test: ["CMD", "/opt/healthcheck.sh"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
|
|
networks:
|
|
sandbox-net:
|
|
driver: bridge
|
|
internal: false
|
|
|
|
volumes:
|
|
sandbox-output:
|
|
sandbox-templates:
|