Home Unlabelled Commando Vm V2.0 - The Showtime Amount Windows-Based Penetration Testing Virtual Motorcar Distribution

Commando Vm V2.0 - The Showtime Amount Windows-Based Penetration Testing Virtual Motorcar Distribution

By
Friday, April 12, 2013
Read
Add Comment

Welcome to CommandoVM - a fully customizable, Windows-based safety distribution for penetration testing as well as blood-red teaming.
For detailed install instructions or to a greater extent than information delight encounter our blog

Installation (Install Script)

Requirements
  • Windows vii Service Pack 1 or Windows 10
  • 60 GB Hard Drive
  • 2 GB RAM

Recommended
  • Windows 10
  • 80+ GB Hard Drive
  • 4+ GB RAM
  • 2 network adapters
  • Enable Virtualization back upwards for VM
    • REQUIRED FOR KALI OR DOCKER

Instructions

Standard install
  1. Create as well as configure a novel Windows Virtual Machine
  • Ensure VM is updated completely. You may get got to depository fiscal establishment jibe for updates, reboot, as well as depository fiscal establishment jibe ane time to a greater extent than until no to a greater extent than remain
  • Take a snapshot of your machine!
  • Download as well as re-create install.ps1 on your newly configured machine.
  • Open PowerShell every bit an Administrator
  • Enable script execution past times running the next command:
    • Set-ExecutionPolicy Unrestricted
  • Finally, execute the installer script every bit follows:
    • .\install.ps1
    • You tin also overstep your password every bit an argument: .\install.ps1 -password
The script volition ready the Boxstarter surround as well as overstep on to download as well as install the Commando VM environment. You volition endure prompted for the administrator password inwards social club to automate host restarts during installation. If you lot produce non get got a password set, hitting move into when prompted volition also work.

Custom install
  1. Download the zip from https://github.com/fireeye/commando-vm into your Downloads folder.
  2. Decompress the zip as well as edit the ${Env:UserProfile}\Downloads\commando-vm-master\commando-vm-master\profile.json file past times removing tools or adding tools inwards the “packages” section. Tools are available from our package list or from the chocolatey repository.
  3. Open an administrative PowerShell window as well as enable script execution. Set-ExecutionPolicy Unrestricted -f
  4. Change to the unzipped projection directory. cd ${Env:UserProfile}\Downloads\commando-vm-master\commando-vm-master\
  5. Execute the install alongside the -profile_file argument. .\install.ps1 -profile_file .\profile.json
For to a greater extent than detailed instructions virtually custom installations, encounter our blog

Installing a novel package
Commando VM uses the Chocolatey Windows bundle manager. It is slowly to install a novel package. For example, move into the next command every bit Administrator to deploy Github Desktop on your system:
cinst github

Staying upwards to date
Type the next command to update all of the packages to the most recent version:
cup all

Installed Tools

Active Directory Tools
  • Remote Server Administration Tools (RSAT)
  • SQL Server Command Line Utilities
  • Sysinternals

Command & Control
  • Covenant
  • PoshC2
  • WMImplant
  • WMIOps

Developer Tools
  • Dep
  • Git
  • Go
  • Java
  • Python 2
  • Python three (default)
  • Ruby
  • Ruby Devkit
  • Visual Studio 2017 Build Tools (Windows 10)
  • Visual Studio Code

Docker
  • Amass
  • SpiderFoot

Evasion
  • CheckPlease
  • Demiguise
  • DefenderCheck
  • DotNetToJScript
  • Invoke-CradleCrafter
  • Invoke-DOSfuscation
  • Invoke-Obfuscation
  • Invoke-Phant0m
  • Not PowerShell (nps)
  • PS>Attack
  • PSAmsi
  • Pafishmacro
  • PowerLessShell
  • PowerShdll
  • StarFighters

Exploitation
  • ADAPE-Script
  • API Monitor
  • CrackMapExec
  • CrackMapExecWin
  • DAMP
  • EvilClippy
  • Exchange-AD-Privesc
  • FuzzySec's PowerShell-Suite
  • FuzzySec's Sharp-Suite
  • Generate-Macro
  • GhostPack
    • Rubeus
    • SafetyKatz
    • Seatbelt
    • SharpDPAPI
    • SharpDump
    • SharpRoast
    • SharpUp
    • SharpWMI
  • GoFetch
  • Impacket
  • Invoke-ACLPwn
  • Invoke-DCOM
  • Invoke-PSImage
  • Invoke-PowerThIEf
  • Juicy Potato
  • Kali Binaries for Windows
  • LuckyStrike
  • MetaTwin
  • Metasploit
  • Mr. Unikod3r's RedTeamPowershellScripts
  • NetshHelperBeacon
  • Nishang
  • Orca
  • PSReflect
  • PowerLurk
  • PowerPriv
  • PowerSploit
  • PowerUpSQL
  • PrivExchange
  • RottenPotatoNG
  • Ruler
  • SharpClipHistory
  • SharpExchangePriv
  • SharpExec
  • SpoolSample
  • SharpSploit
  • UACME
  • impacket-examples-windows
  • vssown
  • Vulcan

Information Gathering
  • ADACLScanner
  • ADExplorer
  • ADOffline
  • ADRecon
  • BloodHound
  • dnsrecon
  • FOCA
  • Get-ReconInfo
  • GoBuster
  • GoWitness
  • NetRipper
  • Nmap
  • PowerView
    • Dev branch included
  • SharpHound
  • SharpView
  • SpoolerScanner
  • Watson

Kali Linux
  • kali-linux-default
  • kali-linux-xfce
  • VcXsrv

Networking Tools
  • Citrix Receiver
  • OpenVPN
  • Proxycap
  • PuTTY
  • Telnet
  • VMWare Horizon Client
  • VMWare vSphere Client
  • VNC-Viewer
  • WinSCP
  • Windump
  • Wireshark

Password Attacks
  • ASREPRoast
  • CredNinja
  • DomainPasswordSpray
  • DSInternals
  • Get-LAPSPasswords
  • Hashcat
  • Internal-Monologue
  • Inveigh
  • Invoke-TheHash
  • KeeFarce
  • KeeThief
  • LAPSToolkit
  • MailSniper
  • Mimikatz
  • Mimikittenz
  • RiskySPN
  • SessionGopher

Reverse Engineering
  • DNSpy
  • Flare-Floss
  • ILSpy
  • PEview
  • Windbg
  • x64dbg

Utilities
  • 7zip
  • Adobe Reader
  • AutoIT
  • Cmder
  • CyberChef
  • Explorer Suite
  • Gimp
  • Greenshot
  • Hashcheck
  • Hexchat
  • HxD
  • Keepass
  • MobaXterm
  • Mozilla Thunderbird
  • Neo4j Community Edition
  • Notepad++
  • Pidgin
  • Process Hacker 2
  • SQLite DB Browser
  • Screentogif
  • Shellcode Launcher
  • Sublime Text 3
  • TortoiseSVN
  • VLC Media Player
  • Winrar
  • yEd Graph Tool

Vulnerability Analysis
  • AD Control Paths
  • Egress-Assess
  • Grouper2
  • NtdsAudit
  • PwndPasswordsNTLM
  • zBang

Web Applications
  • Burp Suite
  • Fiddler
  • Firefox
  • OWASP Zap
  • Subdomain-Bruteforce
  • Wfuzz

Wordlists
  • FuzzDB
  • PayloadsAllTheThings
  • SecLists
  • Probable-Wordlists
  • RobotsDisallowed

Legal Notice
This download configuration script is provided to assistance penetration testers inwards creating handy as well as versatile toolboxes for offensive engagements. It provides  a convenient interface for them to obtain a useful laid of pentesting Tools straight  from their original sources. Installation as well as purpose of this script is dependent champaign to the  Apache 2.0 License.   You every bit a user of this script must review, convey as well as comply alongside the license damage of each downloaded/installed bundle listed below. By proceeding alongside the installation, you lot are accepting the license damage of each package, as well as acknowledging that your purpose of each bundle volition endure dependent champaign to its respective license terms.  List of bundle licenses:  http://technet.microsoft.com/en-us/sysinternals/bb469936 https://github.com/stufus/ADOffline/blob/master/LICENCE.md https://github.com/HarmJ0y/ASREPRoast/blob/master/LICENSE https://github.com/BloodHoundAD/BloodHound/blo   b/master/LICENSE.md https://github.com/Arvanaghi/CheckPlease/blob/master/LICENSE https://github.com/cobbr/Covenant/blob/master/LICENSE https://github.com/byt3bl33d3r/CrackMapExec/blob/master/LICENSE https://github.com/Raikia/CredNinja/blob/master/LICENSE https://github.com/MichaelGrafnetter/DSInternals/blob/master/LICENSE.md https://github.com/tyranid/DotNetToJScript/blob/master/LICENSE https://github.com/FortyNorthSecurity/Egress-Assess/blob/master/LICENSE https://github.com/cobbr/Elite/blob/master/LICENSE https://github.com/GoFetchAD/GoFetch/blob/master/LICENSE.md http://www.gnu.org/licenses/gpl.html https://github.com/Kevin-Robertson/Inveigh/blob/master/LICENSE.md https://github.com/danielbohannon/Invoke-CradleCrafter/blob/master/LICENSE https://github.com/rvrsh3ll/Misc-Powershell-Scripts/blob/master/LICENSE https://github.com/danielbohannon/Invoke-Obfuscation/blob/master/LICENSE https://github.com/Kevin-Robertson/Invoke   -TheHash/blob/master/LICENSE.md https://github.com/denandz/KeeFarce/blob/master/LICENSE https://github.com/HarmJ0y/KeeThief/blob/master/LICENSE https://github.com/gentilkiwi/mimikatz https://github.com/nettitude/PoshC2/blob/master/LICENSE https://github.com/Mr-Un1k0d3r/PowerLessShell/blob/master/LICENSE.md https://github.com/G0ldenGunSec/PowerPriv/blob/master/LICENSE https://github.com/p3nt4/PowerShdll/blob/master/LICENSE.md https://github.com/FuzzySecurity/PowerShell-Suite/blob/master/LICENSE https://github.com/PowerShellMafia/PowerSploit/blob/master/LICENSE https://github.com/PowerShellMafia/PowerSploit/blob/master/LICENSE https://github.com/dirkjanm/PrivExchange/blob/master/LICENSE https://github.com/Mr-Un1k0d3r/RedTeamPowershellScripts/blob/master/LICENSE.md https://github.com/cyberark/RiskySPN/blob/master/LICENSE.md https://github.com/GhostPack/Rubeus/blob/master/LICENSE https://github.com/GhostPack/SafetyKatz/blob/mas   ter/LICENSE https://github.com/NickeManarin/ScreenToGif/blob/master/LICENSE.txt https://github.com/GhostPack/Seatbelt https://github.com/danielmiessler/SecLists/blob/master/LICENSE https://github.com/Arvanaghi/SessionGopher https://github.com/GhostPack/SharpDPAPI/blob/master/LICENSE https://github.com/GhostPack/SharpDump/blob/master/LICENSE https://github.com/tevora-threat/SharpView/blob/master/LICENSE https://github.com/GhostPack/SharpRoast/blob/master/LICENSE https://github.com/GhostPack/SharpUp/blob/master/LICENSE https://github.com/GhostPack/SharpWMI/blob/master/LICENSE https://github.com/leechristensen/SpoolSample/blob/master/LICENSE https://github.com/vletoux/SpoolerScanner/blob/master/LICENSE http://www.sublimetext.com/eula https://github.com/HarmJ0y/TrustVisualizer/blob/master/LICENSE https://github.com/hfiref0x/UACME/blob/master/LICENSE.md https://github.com/FortyNorthSecurity/WMIOps/blob/master/LICENSE htt   ps://github.com/FortyNorthSecurity/WMImplant/blob/master/LICENSE http://www.adobe.com/products/eulas/pdfs/Reader10_combined-20100625_1419.pdf http://www.rohitab.com/apimonitor http://www.autoitscript.com/autoit3/docs/license.htm https://portswigger.net/burp http://www.citrix.com/buy/licensing/agreements.html https://github.com/cmderdev/cmder/blob/master/LICENSE https://github.com/nccgroup/demiguise/blob/master/LICENSE.txt http://www.telerik.com/purchase/license-agreement/fiddler https://www.mozilla.org/en-US/MPL/2.0/ https://github.com/fireeye/flare-floss https://github.com/fuzzdb-project/fuzzdb/blob/master/_copyright.txt https://www.gimp.org/about/ https://www.google.it/intl/en/chrome/browser/privacy/eula_text.html https://github.com/sensepost/gowitness/blob/master/LICENSE.txt https://github.com/hashcat/hashcat/blob/master/docs/license.txt https://www.gnu.org/licenses/gpl-2.0.html https://mh-nexus.de/en/hxd/license   .php https://github.com/SecureAuthCorp/impacket/blob/master/LICENSE https://github.com/SecureAuthCorp/impacket/blob/master/LICENSE https://www.kali.org/about-us/ http://keepass.info/help/v2/license.html https://github.com/putterpanda/mimikittenz http://mobaxterm.mobatek.net/license.html http://neo4j.com/open-source-project/ https://github.com/samratashok/nishang/blob/master/LICENSE https://svn.nmap.org/nmap/COPYING https://github.com/Ben0xA/nps/blob/master/LICENSE https://openvpn.net/index.php/license.html https://www.microsoft.com/en-us/servicesagreement/ https://github.com/joesecurity/pafishmacro/blob/master/LICENSE https://hg.pidgin.im/pidgin/main/file/f02ebb71b5e3/COPYING http://www.proxycap.com/eula.pdf http://www.chiark.greenend.org.uk/ sgtatham/putty/licence.html https://support.microsoft.com/en-us/gp/mats_eula https://raw.githubusercontent.com/sqlitebrowser/sqlitebrowser/master/LICENSE http://technet   .microsoft.com/en-us/sysinternals/bb469936 http://www.mozilla.org/en-US/legal/eula/thunderbird.html http://www.videolan.org/legal.html http://www.vmware.com/download/eula/universal_eula.html https://www.vmware.com/help/legal.html https://www.realvnc.com/legal/ https://code.visualstudio.com/License http://go.microsoft.com/fwlink/?LinkID=251960 http://opensource.org/licenses/BSD-3-Clause https://winscp.net/docs/license http://www.gnu.org/copyleft/gpl.html https://github.com/x64dbg/x64dbg/blob/development/LICENSE https://www.yworks.com/products/yed/license.html http://www.apache.org/licenses/LICENSE-2.0 https://github.com/Dionach/NtdsAudit/blob/master/LICENSE https://github.com/ANSSI-FR/AD-control-paths/blob/master/LICENSE.txt https://github.com/OJ/gobuster/blob/master/LICENSE https://github.com/xmendez/wfuzz/blob/master/LICENSE https://github.com/dafthack/DomainPasswordSpray/blob/master/LICENSE https://github.   com/nettitude/PoshC2_Python/blob/master/LICENSE https://github.com/ElevenPaths/FOCA/blob/master/LICENSE.txt https://github.com/ohpe/juicy-potato/blob/master/LICENSE https://github.com/NytroRST/NetRipper/blob/master/LICENSE.TXT https://github.com/unixrox/prebellico/blob/master/LICENSE.md https://github.com/rasta-mouse/Watson/blob/master/LICENSE.txt https://github.com/berzerk0/Probable-Wordlists/blob/master/License.txt https://github.com/cobbr/SharpSploit/blob/master/LICENSE


Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us