diff --git a/qcow2/Dockerfile b/qcow2/Dockerfile
new file mode 100644
index 00000000..07a24fae
--- /dev/null
+++ b/qcow2/Dockerfile
@@ -0,0 +1,14 @@
+FROM ubuntu:22.04
+
+RUN apt-get update
+
+RUN mkdir -p /testdata
+
+# Set working directory
+WORKDIR /testdata
+
+# Copy valid .qcow2 files into the container
+COPY valid-ext-exfat-fat32-ntfs.qcow2 /testdata/valid-ext-exfat-fat32-ntfs.qcow2
+COPY valid-ext-exfat-fat32-ntfs-encrypted.qcow2 /testdata/valid-ext-exfat-fat32-ntfs-encrypted.qcow2
+
+CMD ["/bin/bash"]
diff --git a/qcow2/README.md b/qcow2/README.md
new file mode 100644
index 00000000..d07223fa
--- /dev/null
+++ b/qcow2/README.md
@@ -0,0 +1,26 @@
+# OSV-Scalibr: QCOW2 Extractor
+
+This directory contains a test Dockerfile for validating OSV-Scalibr's QCOW2 Extractor plugin. A QCOW (Copy on Write) file is a disk image format commonly used by virtual machines to emulate a physical hard drive.
+
+## Setup
+
+### Build the Docker Image
+
+```bash
+cd security-testbeds/qcow2
+docker build -t qcow2-extractor-testbed .
+```
+
+### Run the Container
+
+```bash
+docker run -it --rm qcow2-extractor-testbed /bin/bash
+```
+
+### Running OSV-Scalibr
+
+Build or copy the `scalibr` binary to the current directory, and inside the container, run `scalibr` with the qcow2 extractor:
+
+```bash
+./scalibr --plugin-config=qcow2:{password:\"Yuvraj\"} --plugins=secrets/privatekey --extractors=embeddedfs/qcow2 --result out.textproto valid-ext-exfat-fat32-ntfs.qcow2 valid-ext-exfat-fat32-ntfs-encrypted.qcow2
+```
diff --git a/qcow2/genqcow2.sh b/qcow2/genqcow2.sh
new file mode 100755
index 00000000..6a966bf5
--- /dev/null
+++ b/qcow2/genqcow2.sh
@@ -0,0 +1,44 @@
+#!/usr/bin/env bash
+
+dd if=/dev/zero of=valid.img bs=1M count=256
+parted -s --align optimal valid.img --script mklabel gpt
+parted -s --align optimal valid.img --script mkpart primary ext4 0% 25%
+parted -s --align optimal valid.img --script mkpart primary ntfs 25% 50%
+parted -s --align optimal valid.img --script set 2 msftdata on
+parted -s --align optimal valid.img --script mkpart primary ntfs 50% 75%
+parted -s --align optimal valid.img --script set 3 msftdata on
+parted -s --align optimal valid.img --script mkpart primary ntfs 75% 100%
+parted -s --align optimal valid.img --script set 3 msftdata on
+sudo losetup -fP valid.img
+LOOPDEV=$(losetup -j valid.img | cut -d: -f1)
+PARTITION1="${LOOPDEV}p1"
+PARTITION2="${LOOPDEV}p2"
+PARTITION3="${LOOPDEV}p3"
+PARTITION4="${LOOPDEV}p4"
+sudo mkfs.ext4 $PARTITION1
+sudo mkfs.exfat $PARTITION2
+sudo mkfs.vfat -F 32 $PARTITION3
+sudo mkfs.ntfs $PARTITION4
+sudo rm -rf /mnt/valid*
+sudo mkdir /mnt/valid1
+sudo mkdir /mnt/valid2
+sudo mkdir /mnt/valid3
+sudo mkdir /mnt/valid4
+sudo mount ${PARTITION1} /mnt/valid1
+sudo mount ${PARTITION2} /mnt/valid2
+sudo mount ${PARTITION3} /mnt/valid3
+sudo mount ${PARTITION4} /mnt/valid4
+openssl genrsa -out private-key.pem 4096
+sudo cp private-key.pem /mnt/valid1/private-key1.pem
+sudo cp private-key.pem /mnt/valid2/private-key2.pem
+sudo cp private-key.pem /mnt/valid3/private-key3.pem
+sudo cp private-key.pem /mnt/valid4/private-key4.pem
+sudo umount /mnt/valid1
+sudo umount /mnt/valid2
+sudo umount /mnt/valid3
+sudo umount /mnt/valid4
+sudo losetup -d ${LOOPDEV}
+sudo rm -rf /mnt/valid*
+qemu-img convert valid.img -O qcow2 valid-ext-exfat-fat32-ntfs.qcow2
+qemu-img convert --object secret,data="Yuvraj",id=sec0 -f raw valid.img -o encrypt.format=luks,encrypt.key-secret=sec0 -O qcow2 valid-ext-exfat-fat32-ntfs-encrypted.qcow2
+rm private-key.pem valid.img
diff --git a/qcow2/valid-ext-exfat-fat32-ntfs-encrypted.qcow2 b/qcow2/valid-ext-exfat-fat32-ntfs-encrypted.qcow2
new file mode 100644
index 00000000..e332b552
Binary files /dev/null and b/qcow2/valid-ext-exfat-fat32-ntfs-encrypted.qcow2 differ
diff --git a/qcow2/valid-ext-exfat-fat32-ntfs.qcow2 b/qcow2/valid-ext-exfat-fat32-ntfs.qcow2
new file mode 100644
index 00000000..555b3f6f
Binary files /dev/null and b/qcow2/valid-ext-exfat-fat32-ntfs.qcow2 differ