When you are running Docker on Linux and want to access services on the host from within a container, you can make use of the
docker0 bridge interface (
ip a s docker0). This does not work when running Docker for Mac as the interface is inside a separate virtual machine (which you can confirm by getting a shell in that vm:
screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty) and thus not visible on the local host.
To workaround this, a reliable way to get to the macOS host is to use the
host.docker.internal DNS name which will always resolve to an IP where the host is reachable.
Let’s say you want to run some script in the container that connects to a specific HTTP target and want to observe the requests through a proxy running on your macOS machine (e.g. Burp). Then you would do:
# Run some container docker run -it alpine:latest /bin/sh # ... install the dependencies for your script ... # then run the script and target your local (!) intercept proxy python3 exploit.py http://host.docker.internal:8081/whatever # now observe the request in the proxy application running on the host