feat(course): Hands-on Docker Hacking — editorial draft#3
Conversation
|
|
Analysis Failed`Repository rule violations found Cannot force-push to this branch This branch must not contain merge commits. Changes must be made through a pull request. Commits must have verified signatures. Troubleshooting
Retry: |
There was a problem hiding this comment.
Code Review
This pull request restructures the repository to introduce a Hands-on Docker Hacking course, adding a course summary, several module markdown files (covering topics like exposed APIs, container escape, and LSMs), corresponding quizzes, and a test directory. Feedback highlights several issues: missing quiz files for Module 1, encoding errors displaying replacement characters in COURSE_SUMMARY.md and README.md, a PowerShell-specific line continuation backtick in the exposed APIs module that should be a backslash, and duplicate placeholder questions in the DoS quizzes.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
|
|
||
| ## Deliverables included | ||
| - `course/modules/` � one markdown module per topic with lab steps | ||
| - `course/quizzes/` � module and final assessments |
There was a problem hiding this comment.
The PR description mentions 22 quiz files (11 module + 11 final), but only 20 are present in the repository. Module 1 (Privileged Container) is missing both its regular quiz (privileged-container.md) and final assessment (privileged-container-final.md). Please add these missing quiz files to complete the curriculum.
| - `course/modules/` � one markdown module per topic with lab steps | ||
| - `course/quizzes/` � module and final assessments |
| - `course/modules/` � topic lessons and labs | ||
| - `course/quizzes/` � assessment questions | ||
| - `COURSE_SUMMARY.md` � editorial board summary |
| docker run -d -p 2375:2375 docker:dind | ||
|
|
||
| ## Compliant | ||
| docker run -d -p 127.0.0.1:2376:2376 ` |
There was a problem hiding this comment.
| # Quiz: Denial-of-Service (DoS) | ||
| ## Questions | ||
| 1. Which control is most specific to syscall filtering? | ||
| A) AppArmor B) SELinux C) seccomp D) cgroups | ||
| 2. Exposing Docker API without auth primarily risks: | ||
| A) slower builds B) disk usage C) full host compromise D) image pulls failing | ||
| 3. The strongest container isolation boundary is: | ||
| A) shared kernel B) VM parity C) namespace + cgroup + LSM D) Docker socket | ||
| ## Answers | ||
| 1. C 2. C 3. C |
There was a problem hiding this comment.
There was a problem hiding this comment.
Micro-Learning Topic: Denial of service (Detected by phrase)
Matched on "Denial-of-Service"
The Denial of Service (DoS) attack is focused on making a resource (site, application, server) unavailable for the purpose it was designed. There are many ways to make a service unavailable for legitimate users by manipulating network packets, programming, logical, or resources handling vulnerabilities, among others. Source: https://www.owasp.org/index.php/Denial_of_Service
Try a challenge in Secure Code Warrior
| # Final assessment: Denial-of-Service (DoS) | ||
| ## Questions | ||
| 1. Which option most directly reduces runtime breakout surface? | ||
| A) --privileged B) drop caps + seccomp + read-only C) expose 2375 D) host network | ||
| 2. Which is a reliable signal of insecure images? | ||
| A) pinned digest + signed provenance B) latest tag from unknown registry C) small image size D) alpine base | ||
| ## Answers | ||
| 1. B 2. B |
There was a problem hiding this comment.
Review Summary
This PR cannot be merged in its current state due to several critical blocking issues:
Critical Issues (Must Fix):
- Missing Module 01: The PR claims to deliver modules "01*.md through 11*.md" but
course/modules/01-privileged-container.mdis missing, despite being listed in COURSE_SUMMARY.md - Systematic Quiz Content Error: All 22 quiz files contain identical boilerplate questions that don't match their respective modules. This appears to be a copy-paste error affecting the entire quiz deliverable
- Character Encoding Issues: Em-dashes (—) are corrupted to replacement characters (�) in COURSE_SUMMARY.md and README.md, causing rendering problems
- Syntax Error: Unterminated backtick in
course/modules/02-exposed-apis.mdcauses code block formatting failure
Impact:
The PR description claims "All content complies with provided curriculum" and lists 22 quiz files, but the quizzes are non-functional due to identical placeholder content. Module 01 is completely absent. These issues block merge and prevent the course from being usable.
Recommendation:
Address all critical issues before requesting re-review. Focus on: (1) adding missing Module 01, (2) creating unique, module-specific quiz content for all 22 quiz files, (3) fixing character encoding, and (4) correcting the syntax error in Module 02.
You can now have the agent implement changes and create commits directly on your pull request's source branch. Simply comment with /q followed by your request in natural language to ask the agent to make changes.
| - `course/modules/` � one markdown module per topic with lab steps | ||
| - `course/quizzes/` � module and final assessments | ||
| - `README` update for GitHub course homepage | ||
|
|
||
| ## Format notes | ||
| - Each module contains: intro, attack scenario, compliant vs noncompliant example, remediation, and hands-on lab. | ||
| - Sample 60�90 second module intro video scripts are embedded where practical. |
There was a problem hiding this comment.
🛑 Character Encoding Issue: The em-dashes in lines 18, 19, and 24 are displaying as replacement characters (�) in the diff, indicating a potential encoding corruption. This will cause rendering issues in the final document.
| - `course/modules/` � one markdown module per topic with lab steps | |
| - `course/quizzes/` � module and final assessments | |
| - `README` update for GitHub course homepage | |
| ## Format notes | |
| - Each module contains: intro, attack scenario, compliant vs noncompliant example, remediation, and hands-on lab. | |
| - Sample 60�90 second module intro video scripts are embedded where practical. | |
| - `course/modules/` — one markdown module per topic with lab steps | |
| - `course/quizzes/` — module and final assessments | |
| - `README` update for GitHub course homepage | |
| ## Format notes | |
| - Each module contains: intro, attack scenario, compliant vs noncompliant example, remediation, and hands-on lab. | |
| - Sample 60–90 second module intro video scripts are embedded where practical. |
| _summary for editorial board_ | ||
|
|
||
| ## Modules | ||
| 1. Privileged Container |
There was a problem hiding this comment.
🛑 Critical Missing File: Module 1 "Privileged Container" is listed in the summary but the corresponding file course/modules/01-privileged-container.md is missing from the deliverables. The PR description claims modules "01*.md through course/modules/11*.md" are included, but module 01 is absent.
| 1. Which control is most specific to syscall filtering? | ||
| A) AppArmor B) SELinux C) seccomp D) cgroups | ||
| 2. Exposing Docker API without auth primarily risks: | ||
| A) slower builds B) disk usage C) full host compromise D) image pulls failing | ||
| 3. The strongest container isolation boundary is: | ||
| A) shared kernel B) VM parity C) namespace + cgroup + LSM D) Docker socket |
There was a problem hiding this comment.
🛑 Quiz Content Mismatch: Question 1 asks about syscall filtering controls (AppArmor/SELinux/seccomp) which is LSM content from Module 11, not from the "Exposed Container APIs" module. Question 3 also references generic isolation topics not covered in Module 02. Quiz questions must align with the specific module content.
| 1. Which control is most specific to syscall filtering? | ||
| A) AppArmor B) SELinux C) seccomp D) cgroups | ||
| 2. Exposing Docker API without auth primarily risks: | ||
| A) slower builds B) disk usage C) full host compromise D) image pulls failing | ||
| 3. The strongest container isolation boundary is: | ||
| A) shared kernel B) VM parity C) namespace + cgroup + LSM D) Docker socket |
There was a problem hiding this comment.
🛑 Critical Copy-Paste Error: This quiz file contains identical questions to exposed-apis.md. All quiz files appear to have the same boilerplate questions that don't match their respective modules. Each quiz must contain unique, module-specific questions.
| 1. Which control is most specific to syscall filtering? | ||
| A) AppArmor B) SELinux C) seccomp D) cgroups | ||
| 2. Exposing Docker API without auth primarily risks: | ||
| A) slower builds B) disk usage C) full host compromise D) image pulls failing | ||
| 3. The strongest container isolation boundary is: | ||
| A) shared kernel B) VM parity C) namespace + cgroup + LSM D) Docker socket |
There was a problem hiding this comment.
🛑 Critical Copy-Paste Error: This quiz file contains identical questions to other quiz files. Each quiz must contain unique, module-specific questions related to insecure container images, not generic syscall filtering and API exposure questions.
| ## Course structure | ||
| - `course/modules/` � topic lessons and labs | ||
| - `course/quizzes/` � assessment questions | ||
| - `COURSE_SUMMARY.md` � editorial board summary |
There was a problem hiding this comment.
🛑 Character Encoding Issue: The em-dashes in lines 5-7 are displaying as replacement characters (�) in the diff, indicating encoding corruption identical to the issue in COURSE_SUMMARY.md. This will cause rendering problems.
| ## Course structure | |
| - `course/modules/` � topic lessons and labs | |
| - `course/quizzes/` � assessment questions | |
| - `COURSE_SUMMARY.md` � editorial board summary | |
| ## Course structure | |
| - `course/modules/` — topic lessons and labs | |
| - `course/quizzes/` — assessment questions | |
| - `COURSE_SUMMARY.md` — editorial board summary |
| ## Compliant | ||
| docker run -d -p 127.0.0.1:2376:2376 ` | ||
| --tlsverify --tlscacert ca.pem --tlscert cert.pem --tlskey key.pem docker:dind |
There was a problem hiding this comment.
🛑 Syntax Error: Unterminated backtick character at the end of line 11 causes a code block formatting error. The command spans multiple lines but lacks proper Markdown formatting.
| ## Compliant | |
| docker run -d -p 127.0.0.1:2376:2376 ` | |
| --tlsverify --tlscacert ca.pem --tlscert cert.pem --tlskey key.pem docker:dind | |
| ## Compliant | |
| docker run -d -p 127.0.0.1:2376:2376 \ | |
| --tlsverify --tlscacert ca.pem --tlscert cert.pem --tlskey key.pem docker:dind |
There was a problem hiding this comment.
Pull request overview
This PR adds an editorial draft of a “Hands-on Docker Hacking” course by introducing module writeups and paired quiz/final-assessment Markdown files, plus a course summary and a simplified repository homepage.
Changes:
- Adds modules (
course/modules/*.md) describing scenarios, noncompliant/compliant examples, remediation, and hands-on labs. - Adds module quizzes and “final assessment” quiz files (
course/quizzes/*.md). - Updates top-level repo scaffolding/docs (
README.md,COURSE_SUMMARY.md,tests/README.md,.gitignore).
Reviewed changes
Copilot reviewed 33 out of 34 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/README.md | Adds placeholder guidance for adding automated tests and suggested runners. |
| README.md | Simplifies homepage and points readers to course content directories. |
| course/quizzes/shared-kernel.md | Adds module quiz for “Shared Kernel Exploitation”. |
| course/quizzes/shared-kernel-final.md | Adds final assessment for “Shared Kernel Exploitation”. |
| course/quizzes/orchestration.md | Adds module quiz for “Insecure Container Orchestration”. |
| course/quizzes/orchestration-final.md | Adds final assessment for “Insecure Container Orchestration”. |
| course/quizzes/lsm.md | Adds module quiz for “Seccomp/AppArmor/SELinux”. |
| course/quizzes/lsm-final.md | Adds final assessment for “Seccomp/AppArmor/SELinux”. |
| course/quizzes/kernel-vulns.md | Adds module quiz for “Kernel Vulnerabilities”. |
| course/quizzes/kernel-vulns-final.md | Adds final assessment for “Kernel Vulnerabilities”. |
| course/quizzes/insecure-images.md | Adds module quiz for “Insecure Container Images”. |
| course/quizzes/insecure-images-final.md | Adds final assessment for “Insecure Container Images”. |
| course/quizzes/insecure-config.md | Adds module quiz for “Insecure Container Configuration”. |
| course/quizzes/insecure-config-final.md | Adds final assessment for “Insecure Container Configuration”. |
| course/quizzes/image-tampering.md | Adds module quiz for “Container Image Tampering”. |
| course/quizzes/image-tampering-final.md | Adds final assessment for “Container Image Tampering”. |
| course/quizzes/exposed-apis.md | Adds module quiz for “Exposed Container APIs”. |
| course/quizzes/exposed-apis-final.md | Adds final assessment for “Exposed Container APIs”. |
| course/quizzes/dos.md | Adds module quiz for “Denial-of-Service (DoS)”. |
| course/quizzes/dos-final.md | Adds final assessment for “Denial-of-Service (DoS)”. |
| course/quizzes/container-escape.md | Adds module quiz for “Container Escape”. |
| course/quizzes/container-escape-final.md | Adds final assessment for “Container Escape”. |
| course/modules/11-lsm.md | Adds module content on seccomp/AppArmor/SELinux. |
| course/modules/10-insecure-images.md | Adds module content on insecure images and registry hygiene. |
| course/modules/09-orchestration.md | Adds module content on orchestration misconfigurations and RBAC. |
| course/modules/08-shared-kernel.md | Adds module content on shared-kernel isolation boundaries and namespace risks. |
| course/modules/07-kernel-vulns.md | Adds module content on kernel CVEs and patching/isolation limitations. |
| course/modules/06-dos.md | Adds module content on resource exhaustion and runtime limits. |
| course/modules/05-insecure-config.md | Adds module content on risky runtime configuration and hardening flags. |
| course/modules/04-image-tampering.md | Adds module content on supply-chain risks, signing, and scanning. |
| course/modules/03-container-escape.md | Adds module content on escape paths (socket/privileged/namespaces/mounts). |
| course/modules/02-exposed-apis.md | Adds module content on Docker API exposure and TLS hardening. |
| COURSE_SUMMARY.md | Adds editorial-board course summary and deliverables overview. |
| .gitignore | Adds common ignores for Python/Node/Rust/editor artifacts. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # Docker Hacking Lab | ||
| ### EC-Council | Hands-on Docker Hacking Course | ||
| **Author: Adonis Jimenez | BizDevStudio** | ||
| Hands-on Docker Hacking course repo. |
| - `course/modules/` � topic lessons and labs | ||
| - `course/quizzes/` � assessment questions | ||
| - `COURSE_SUMMARY.md` � editorial board summary |
| docker run -d -p 127.0.0.1:2376:2376 ` | ||
| --tlsverify --tlscacert ca.pem --tlscert cert.pem --tlskey key.pem docker:dind |
| - `course/modules/` � one markdown module per topic with lab steps | ||
| - `course/quizzes/` � module and final assessments | ||
| - `README` update for GitHub course homepage |
|
|
||
| ## Format notes | ||
| - Each module contains: intro, attack scenario, compliant vs noncompliant example, remediation, and hands-on lab. | ||
| - Sample 60�90 second module intro video scripts are embedded where practical. |



Course deliverables
Validation
Status
Draft for editorial board review. Feedback welcome.