As a pentester/red teamer/general security person, there’s often the need to use a lot of tools to get the job done, and often a need for different environments for different customers. Traditionally this kind of requirement has been managed by using Virtual Machines to create isolated environments, but keeping those VMs updated with patches and storing them can be a bit of a pain.
However, there is another way! Containers can be used to create regularly updated, isolated environments for running tools with less resource overhead than VMs. This talk will explain a bit about how containers work, and go through the tricks and tips of using them for security work.
This talk was delivered at BSides Dublin 2023, there’s a recording from that event here