Commando Vm - The Rootage Of Its Form Windows Offensive Distribution


Welcome to CommandoVM - a fully customized, Windows-based safety distribution for penetration testing in addition to ruby-red teaming.

Installation (Install Script)

Requirements
  • Windows vii Service Pack 1 or Windows 10
  • 60 GB Hard Drive
  • 2 GB RAM

Instructions
  1. Create in addition to configure a novel Windows Virtual Machine
  • Ensure VM is updated completely. You may bring to depository fiscal establishment stand upwards for for updates, reboot, in addition to depository fiscal establishment stand upwards for in 1 lawsuit again until no to a greater extent than remain
  • Take a snapshot of your machine!
  • Download in addition to re-create install.ps1 on your newly configured machine.
  • Open PowerShell every bit an Administrator
  • Enable script execution yesteryear running the next command:
    • Set-ExecutionPolicy Unrestricted
  • Finally, execute the installer script every bit follows:
    • .\install.ps1
    • You tin toilet besides top your password every bit an argument: .\install.ps1 -password
The script volition ready the Boxstarter surround in addition to continue to download in addition to install the Commando VM environment. You volition live on prompted for the administrator password inward lodge to automate host restarts during installation. If you lot create non bring a password set, hitting come inward when prompted volition besides work.

Installing a novel package
Commando VM uses the Chocolatey Windows packet manager. It is slowly to install a novel package. For example, come inward the next ascendance every bit Administrator to deploy Github Desktop on your system:
cinst github

Staying upwards to date
Type the next ascendance to update all of the packages to the close recent version:
cup all

Installed Tools

Active Directory Tools
  • Remote Server Administration Tools (RSAT)
  • SQL Server Command Line Utilities
  • Sysinternals

Command & Control
  • Covenant
  • PoshC2
  • WMImplant
  • WMIOps

Developer Tools
  • Dep
  • Git
  • Go
  • Java
  • Python 2
  • Python iii (default)
  • Visual Studio 2017 Build Tools (Windows 10)
  • Visual Studio Code

Evasion
  • CheckPlease
  • Demiguise
  • DotNetToJScript
  • Invoke-CradleCrafter
  • Invoke-DOSfuscation
  • Invoke-Obfuscation
  • Invoke-Phant0m
  • Not PowerShell (nps)
  • PS>Attack
  • PSAmsi
  • Pafishmacro
  • PowerLessShell
  • PowerShdll
  • StarFighters

Exploitation
  • ADAPE-Script
  • API Monitor
  • CrackMapExec
  • CrackMapExecWin
  • DAMP
  • Exchange-AD-Privesc
  • FuzzySec's PowerShell-Suite
  • FuzzySec's Sharp-Suite
  • Generate-Macro
  • GhostPack
    • Rubeus
    • SafetyKatz
    • Seatbelt
    • SharpDPAPI
    • SharpDump
    • SharpRoast
    • SharpUp
    • SharpWMI
  • GoFetch
  • Impacket
  • Invoke-ACLPwn
  • Invoke-DCOM
  • Invoke-PSImage
  • Invoke-PowerThIEf
  • Kali Binaries for Windows
  • LuckyStrike
  • MetaTwin
  • Metasploit
  • Mr. Unikod3r's RedTeamPowershellScripts
  • NetshHelperBeacon
  • Nishang
  • Orca
  • PSReflect
  • PowerLurk
  • PowerPriv
  • PowerSploit
  • PowerUpSQL
  • PrivExchange
  • Ruler
  • SharpExchangePriv
  • SpoolSample
  • UACME
  • impacket-examples-windows
  • vssown

Information Gathering
  • ADACLScanner
  • ADExplorer
  • ADOffline
  • ADRecon
  • BloodHound
  • Get-ReconInfo
  • GoWitness
  • Nmap
  • PowerView
    • Dev branch included
  • SharpHound
  • SharpView
  • SpoolerScanner

Networking Tools
  • Citrix Receiver
  • OpenVPN
  • Proxycap
  • PuTTY
  • Telnet
  • VMWare Horizon Client
  • VMWare vSphere Client
  • VNC-Viewer
  • WinSCP
  • Windump
  • Wireshark

Password Attacks
  • ASREPRoast
  • CredNinja
  • DSInternals
  • Get-LAPSPasswords
  • Hashcat
  • Internal-Monologue
  • Inveigh
  • Invoke-TheHash
  • KeeFarce
  • KeeThief
  • LAPSToolkit
  • MailSniper
  • Mimikatz
  • Mimikittenz
  • RiskySPN
  • SessionGopher

Reverse Engineering
  • DNSpy
  • Flare-Floss
  • ILSpy
  • PEview
  • Windbg
  • x64dbg

Utilities
  • 7zip
  • Adobe Reader
  • AutoIT
  • Cmder
  • CyberChef
  • Gimp
  • Greenshot
  • Hashcheck
  • Hexchat
  • HxD
  • Keepass
  • MobaXterm
  • Mozilla Thunderbird
  • Neo4j Community Edition
  • Pidgin
  • Process Hacker 2
  • SQLite DB Browser
  • Screentogif
  • Shellcode Launcher
  • Sublime Text 3
  • TortoiseSVN
  • VLC Media Player
  • Winrar
  • yEd Graph Tool

Vulnerability Analysis
  • Egress-Assess
  • Grouper2
  • zBang

Web Applications
  • Burp Suite
  • Fiddler
  • Firefox
  • OWASP Zap

Wordlists
  • FuzzDB
  • PayloadsAllTheThings
  • SecLists