GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → fireeye → Commando Vm

fireeye / Commando Vm

Licence: apache-2.0
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

Programming Languages

powershell
5483 projects

Labels

windowspenetration-testingred-teamingfireeye-flare

Projects that are alternatives of or similar to Commando Vm

Ghostwriter
The SpecterOps project management and reporting engine
Stars: ✭ 394 (-92.17%)
Mutual labels:  penetration-testing
Dradis Ce
Dradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (-91.19%)
Mutual labels:  penetration-testing
Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (-2.64%)
Mutual labels:  penetration-testing
Archstrike
An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Stars: ✭ 401 (-92.03%)
Mutual labels:  penetration-testing
Cloud enum
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Stars: ✭ 420 (-91.65%)
Mutual labels:  penetration-testing
Justtryharder
JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (-91.05%)
Mutual labels:  penetration-testing
Nmap
Idiomatic nmap library for go developers
Stars: ✭ 391 (-92.23%)
Mutual labels:  penetration-testing
Hackerpro
All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog
Stars: ✭ 474 (-90.58%)
Mutual labels:  penetration-testing
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-91.51%)
Mutual labels:  penetration-testing
Netcat
NetCat for Windows
Stars: ✭ 463 (-90.8%)
Mutual labels:  penetration-testing
Sifter
Sifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-91.99%)
Mutual labels:  penetration-testing
Pwndoc
Pentest Report Generator
Stars: ✭ 417 (-91.71%)
Mutual labels:  penetration-testing
Penetration Testing Study Notes
Penetration Testing notes, resources and scripts
Stars: ✭ 461 (-90.83%)
Mutual labels:  penetration-testing
Stegcracker
Steganography brute-force utility to uncover hidden data inside files
Stars: ✭ 396 (-92.13%)
Mutual labels:  penetration-testing
Chimera
Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (-90.8%)
Mutual labels:  penetration-testing
Slackor
A Golang implant that uses Slack as a command and control server
Stars: ✭ 392 (-92.21%)
Mutual labels:  penetration-testing
Vanquish
Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
Stars: ✭ 449 (-91.07%)
Mutual labels:  penetration-testing
Iprotate burp extension
Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
Stars: ✭ 484 (-90.38%)
Mutual labels:  penetration-testing
Thc Archive
All releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (-90.58%)
Mutual labels:  penetration-testing
Pentestkit
Useful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (-90.8%)
Mutual labels:  penetration-testing
View All Similar Projects ➔ 
      _________                                           .___      
      \_   ___ \  ____   _____   _____ _____    ____    __| _/____  
      /    \  \/ /  _ \ /     \ /     \\__  \  /    \  / __ |/  _ \ 
      \     \___(  <_> )  Y Y  \  Y Y  \/ __ \|   |  \/ /_/ (  <_> )
       \______  /\____/|__|_|  /__|_|  (____  /___|  /\____ |\____/ 
              \/             \/      \/     \/     \/      \/       
                    C O M P L E T E  M A N D I A N T                    
                         O F F E N S I V E   V M                        
                              Version 2021.2                                 
                          [email protected]
           _____________________________________________________          

                                Created by                                
                         Jake Barteaux @day1player                              
                             Mandiant Red Team  
                      Blaine Stancill @MalwareMechanic                           
                                Nhan Huynh   
                 FireEye Labs Advanced Reverse Engineering

Commando VM

Welcome to CommandoVM - a fully customizable, Windows-based security distribution for penetration testing and red teaming.

For detailed install instructions or more information please see our blog

Installation (Install Script)

Requirements

  • Windows 10 1803, 1809, 1903, 1909, 2004, 20H2, or 21H1

Insider Preview editions of Windows are not supported

  • 60 GB Hard Drive
  • 2 GB RAM

Recommended

  • Windows 10 21H1
  • 80+ GB Hard Drive
  • 4+ GB RAM
  • 2 network adapters

Instructions

Pre-Install Procedures

You MUST disable Windows Defender for a smooth install. The best way to accomplish this is through Group Policy

In Windows versions 1909 and higher, Tamper Protection was added. Tamper Protection must be disabled, otherwise Group Policy settings are ignored.

  1. Open Windows Security (type Windows Security in the search box)
  2. Virus & threat protection > Virus & threat protection settings > Manage settings
  3. Switch Tamper Protection to Off

It is not necessary to change any other setting (Real Time Protection, etc.)

Important. Tamper Protection must be disabled before changing Group Policy settings.

To permanently disable Real Time Protection

  1. Open Local Group Policy Editor (type gpedit in the search box)
  2. Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus > Real-time Protection
  3. Enable Turn off real-time protection
  4. Reboot

Make sure to reboot before making the next change

To permanently disable Microsoft Defender:

  1. Open Local Group Policy Editor (type gpedit in the search box)
  2. Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus
  3. Enable Turn off Microsoft Defender Antivirus
  4. Reboot

Standard install

  1. Create and configure a new Windows Virtual Machine

Ensure VM is updated completely. You may have to check for updates, reboot, and check again until no more remain

  1. Take a snapshot of your machine!
  2. Download and copy install.ps1 on your newly configured machine.
  3. Open PowerShell as an Administrator
  4. Unblock the install file by running Unblock-File .\install.ps1
  5. Enable script execution by running Set-ExecutionPolicy Unrestricted -f
  6. Finally, execute the installer script as follows:
  • .\install.ps1
  • You can also pass your password as an argument: .\install.ps1 -password <password>

The script will set up the Boxstarter environment and proceed to download and install the Commando VM environment. You will be prompted for the administrator password in order to automate host restarts during installation. If you do not have a password set, hitting enter when prompted will also work.

Custom install

Please see our custom profiles for more custom install options or create your own following the instructions below.

  1. Download the zip from https://github.com/fireeye/commando-vm into your Downloads folder.
  2. Decompress the zip and edit the ${Env:UserProfile}\Downloads\commando-vm-master\commando-vm-master\profile.json file by removing tools or adding tools in the “packages” section. You can add any package listed in our package list or any package from the chocolatey repository.
  3. Open an administrative PowerShell window and enable script execution. Set-ExecutionPolicy Unrestricted -f
  4. Change to the unzipped project directory. cd ${Env:UserProfile}\Downloads\commando-vm-master\commando-vm-master\
  5. Unblock the install file by running Unblock-File .\install.ps1
  6. Take a snapshot of your machine!
  7. Execute the install with the -profile_file argument. .\install.ps1 -profile_file .\profile.json

For more detailed instructions about custom installations, see our blog

Installing a new package

Commando VM uses the Chocolatey Windows package manager. It is easy to install a new package. For example, enter the following command as Administrator to deploy Github Desktop on your system:

cinst github

You can find packages to install from our package list, which hosts more than just pentesting tools, or from the chocolatey repository.

Staying up to date

Type the following command to update all of the packages to the most recent version:

cup all

Available Tools

Active Directory Tools

  • Remote Server Administration Tools (RSAT)
  • SQL Server Command Line Utilities
  • Sysinternals

Command & Control

  • Covenant
  • WMImplant
  • WMIOps

Developer Tools

  • Dep
  • Git
  • Go
  • Java
  • Python 2
  • Python 3 (default)
  • Ruby
  • Ruby Devkit
  • Visual Studio 2017 Build Tools (Windows 10)
  • Visual Studio Code

Docker

  • Amass
  • SpiderFoot

Evasion

  • CheckPlease
  • Demiguise
  • DefenderCheck
  • DotNetToJScript
  • Invoke-CradleCrafter
  • Invoke-DOSfuscation
  • Invoke-Obfuscation
  • Invoke-Phant0m
  • Not PowerShell (nps)
  • PS>Attack
  • PSAmsi
  • Pafishmacro
  • PowerLessShell
  • PowerShdll
  • StarFighters
  • SysWhispers

Exploitation

  • ADAPE-Script
  • API Monitor
  • CrackMapExec
  • CrackMapExecWin
  • DAMP
  • Dumpert
  • EvilClippy
  • Exchange-AD-Privesc
  • FuzzySec's PowerShell-Suite
  • FuzzySec's Sharp-Suite
  • GadgetToJScript
  • Generate-Macro
  • GhostPack
    • Rubeus
    • SafetyKatz
    • Seatbelt
    • SharpDPAPI
    • SharpDump
    • SharpRoast
    • SharpUp
    • SharpWMI
  • GoFetch
  • Impacket
  • Invoke-ACLPwn
  • Invoke-DCOM
  • Invoke-PSImage
  • Invoke-PowerThIEf
  • Juicy Potato
  • Kali Binaries for Windows
  • LuckyStrike
  • MetaTwin
  • Metasploit
  • Mr. Unikod3r's RedTeamPowershellScripts
  • NetshHelperBeacon
  • Nishang
  • Orca
  • PSBits
  • PSReflect
  • PowerLurk
  • PowerPriv
  • PowerSploit
  • PowerUpSQL
  • PrivExchange
  • RottenPotatoNG
  • Ruler
  • SharpClipHistory
  • SharpExchangePriv
  • SharpExec
  • SpoolSample
  • SharpSploit
  • ThreadContinue
  • TikiTorch
  • UACME
  • impacket-examples-windows
  • vssown
  • Vulcan

Information Gathering

  • ADACLScanner
  • ADExplorer
  • ADOffline
  • ADRecon
  • BeRoot
  • BloodHound
  • BloodHound-Custom-Queries (Hausec)
  • dnsrecon
  • FOCA
  • Get-ReconInfo
  • GoBuster
  • GoWitness
  • Net-GPPPassword
  • NetRipper
  • Nmap
  • PowerView
    • Dev branch included
  • Privesc (enjoiz)
  • Recon-AD
  • SharpHound
  • SharpView
  • SpoolerScanner
  • Watson

Kali Linux

  • kali-linux-default
  • kali-linux-xfce
  • VcXsrv

Networking Tools

  • Citrix Receiver
  • OpenVPN
  • Powercat
  • Proxycap
  • PuTTY
  • Telnet
  • VMWare Horizon Client
  • VMWare vSphere Client
  • VNC-Viewer
  • WinSCP
  • Windump
  • Wireshark

Password Attacks

  • ASREPRoast
  • CredNinja
  • DomainPasswordSpray
  • DSInternals
  • Get-LAPSPasswords
  • Hashcat
  • Internal-Monologue
  • Inveigh
  • Invoke-TheHash
  • KeeFarce
  • KeeThief
  • LAPSToolkit
  • MailSniper
  • Mimikatz
  • Mimikittenz
  • RiskySPN
  • SessionGopher

Reverse Engineering

  • DNSpy
  • Flare-Floss
  • ILSpy
  • PEview
  • Windbg
  • x64dbg

Utilities

  • 7zip
  • Adobe Reader
  • AutoIT
  • Cmder
  • CyberChef
  • Explorer Suite
  • Gimp
  • Greenshot
  • Hashcheck
  • HeidiSQL
  • Hexchat
  • HTTP File Server (hfs)
  • HxD
  • Keepass
  • MobaXterm
  • Mozilla Thunderbird
  • Neo4j Community Edition
  • NirLauncher
  • Notepad++
  • Pidgin
  • Process Hacker 2
  • qBittorrent
  • SQLite DB Browser
  • Screentogif
  • Shellcode Launcher
  • SimpleDNSCrypt
  • SQLite DB Browser
  • Sublime Text 3
  • Tor Browser
  • TortoiseSVN
  • VLC Media Player
  • yEd Graph Tool

Vulnerability Analysis

  • AD Control Paths
  • Egress-Assess
  • Grouper2
  • NtdsAudit
  • PwnedPasswordsNTLM
  • zBang

Web Applications

  • Burp Suite
  • Fiddler
  • Firefox
  • OWASP Zap
  • Subdomain-Bruteforce
  • Wfuzz

Wordlists

  • FuzzDB
  • PayloadsAllTheThings
  • SecLists
  • Probable-Wordlists
  • RobotsDisallowed

Legal Notice

This download configuration script is provided to assist penetration testers
in creating handy and versatile toolboxes for offensive engagements. It provides 
a convenient interface for them to obtain a useful set of pentesting Tools directly 
from their original sources. Installation and use of this script is subject to the 
Apache 2.0 License.
 
You as a user of this script must review, accept and comply with the license
terms of each downloaded/installed package listed below. By proceeding with the
installation, you are accepting the license terms of each package, and
acknowledging that your use of each package will be subject to its respective
license terms.

Licenses for each package can be found in the packages.csv file for this repository.
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].