Welcome to CommandoVM - a fully customized, Windows-based security distribution for penetration testing and red teaming.
Installation (Install Script)
Requirements
- Windows 7 Service Pack 1 or Windows 10
- 60 GB Hard Drive
- 2 GB RAM
Recommended
- Windows 10
- 80+ GB Hard Drive
- 4+ GB RAM
- 2 network adapters
- Enable Virtualization support for VM
Instructions
- Create and configure a new Windows Virtual Machine
- Ensure VM is updated completely. You may have to check for updates, reboot, and check again until no more remain
- Take a snapshot of your machine!
- Download and copy
install.ps1
on your newly configured machine. - Open PowerShell as an Administrator
- Enable script execution by running the following command:
Set-ExecutionPolicy Unrestricted
- Finally, execute the installer script as follows:
.\install.ps1
- You can also pass your password as an argument:
.\install.ps1 -password <password>
Installing a new package
Commando VM uses the Chocolatey Windows package manager. It is easy to install a new package. For example, enter the following command as Administrator to deploy Github Desktop on your system:
cinst github
Staying up to date
Type the following command to update all of the packages to the most recent version:
cup all
Installed Tools
Active Directory Tools
- Remote Server Administration Tools (RSAT)
- SQL Server Command Line Utilities
- Sysinternals
Command & Control
- Covenant
- PoshC2
- WMImplant
- WMIOps
Developer Tools
- Dep
- Git
- Go
- Java
- Python 2
- Python 3 (default)
- Ruby
- Ruby Devkit
- Visual Studio 2017 Build Tools (Windows 10)
- Visual Studio Code
Evasion
- CheckPlease
- Demiguise
- DefenderCheck
- DotNetToJScript
- Invoke-CradleCrafter
- Invoke-DOSfuscation
- Invoke-Obfuscation
- Invoke-Phant0m
- Not PowerShell (nps)
- PS>Attack
- PSAmsi
- Pafishmacro
- PowerLessShell
- PowerShdll
- StarFighters
Exploitation
- ADAPE-Script
- API Monitor
- CrackMapExec
- CrackMapExecWin
- DAMP
- EvilClippy
- Exchange-AD-Privesc
- FuzzySec's PowerShell-Suite
- FuzzySec's Sharp-Suite
- Generate-Macro
- GhostPack
- Rubeus
- SafetyKatz
- Seatbelt
- SharpDPAPI
- SharpDump
- SharpRoast
- SharpUp
- SharpWMI
- GoFetch
- Impacket
- Invoke-ACLPwn
- Invoke-DCOM
- Invoke-PSImage
- Invoke-PowerThIEf
- Juicy Potato
- Kali Binaries for Windows
- LuckyStrike
- MetaTwin
- Metasploit
- Mr. Unikod3r's RedTeamPowershellScripts
- NetshHelperBeacon
- Nishang
- Orca
- PSReflect
- PowerLurk
- PowerPriv
- PowerSploit
- PowerUpSQL
- PrivExchange
- RottenPotatoNG
- Ruler
- SharpClipHistory
- SharpExchangePriv
- SharpExec
- SpoolSample
- SharpSploit
- UACME
- impacket-examples-windows
- vssown
- Vulcan
Information Gathering
- ADACLScanner
- ADExplorer
- ADOffline
- ADRecon
- BloodHound
- dnsrecon
- FOCA
- Get-ReconInfo
- GoBuster
- GoWitness
- NetRipper
- Nmap
- PowerView
- Dev branch included
- SharpHound
- SharpView
- SpoolerScanner
- Watson
Networking Tools
- Citrix Receiver
- OpenVPN
- Proxycap
- PuTTY
- Telnet
- VMWare Horizon Client
- VMWare vSphere Client
- VNC-Viewer
- WinSCP
- Windump
- Wireshark
Password Attacks
- ASREPRoast
- CredNinja
- DomainPasswordSpray
- DSInternals
- Get-LAPSPasswords
- Hashcat
- Internal-Monologue
- Inveigh
- Invoke-TheHash
- KeeFarce
- KeeThief
- LAPSToolkit
- MailSniper
- Mimikatz
- Mimikittenz
- RiskySPN
- SessionGopher
Reverse Engineering
- DNSpy
- Flare-Floss
- ILSpy
- PEview
- Windbg
- x64dbg
Utilities
- 7zip
- Adobe Reader
- AutoIT
- Cmder
- CyberChef
- Explorer Suite
- Gimp
- Greenshot
- Hashcheck
- Hexchat
- HxD
- Keepass
- MobaXterm
- Mozilla Thunderbird
- Neo4j Community Edition
- Notepad++
- Pidgin
- Process Hacker 2
- SQLite DB Browser
- Screentogif
- Shellcode Launcher
- Sublime Text 3
- TortoiseSVN
- VLC Media Player
- Winrar
- yEd Graph Tool
Vulnerability Analysis
- AD Control Paths
- Egress-Assess
- Grouper2
- NtdsAudit
- PwndPasswordsNTLM
- zBang
Web Applications
- Burp Suite
- Fiddler
- Firefox
- OWASP Zap
- Subdomain-Bruteforce
- Wfuzz
Wordlists
- FuzzDB
- PayloadsAllTheThings
- SecLists
- Probable-Wordlists
- RobotsDisallowed
Changelog:
1.3 - June 28 2019
- Added RottenPotatoNG https://github.com/breenmachine/RottenPotatoNG #63
- Added Juicy Potato https://github.com/ohpe/juicy-potato #63, #64
- Added Watson https://github.com/rasta-mouse/Watson #64
- Added PwndPasswordsNTLM https://github.com/JacksonVD/PwnedPasswordsNTLM #67
- Added FOCA https://github.com/JacksonVD/PwnedPasswordsNTLM #71
- Added Vulcan https://github.com/praetorian-code/vulcan
- Added SharpClipHistory https://github.com/mwrlabs/SharpClipHistory
- Added NetRipper https://github.com/NytroRST/NetRipper
- Added RobotsDisallowed https://github.com/danielmiessler/RobotsDisallowed
- Added Probable-Wordlists https://github.com/berzerk0/Probable-Wordlists
- Added SharpSploit https://github.com/cobbr/SharpSploit
- Changed WinRM configuration #65
- Un-hardened UNC file paths #68
- Fixed install issues with Covenant #61, #76
- Added recommended hardware settings #20, #17
- Added DomainPasswordSpray https://github.com/dafthack/DomainPasswordSpray #2
- Added GoBuster https://github.com/OJ/gobuster #39
- Added Wfuzz https://github.com/xmendez/wfuzz #40
- Added Notepad++ #30
- Added TextFX plugin for Notepad++
- Added Explorer Suite (CFF Explorer)
- Added AD-Control-Paths https://github.com/ANSSI-FR/AD-control-paths/releases
- Added DefenderCheck https://github.com/matterpreter/DefenderCheck
- Added dnsrecon https://github.com/darkoperator/dnsrecon
- Added EvilClippy https://github.com/outflanknl/EvilClippy
- Added NtdsAudit https://github.com/Dionach/NtdsAudit
- Added SharpExec https://github.com/anthemtotheego/SharpExec
- Added Subdomain-Bruteforce https://github.com/visualbasic6/subdomain-bruteforce
- Fixed issue #18 with PATH
- Added Commando Logos with transparent backgrounds to $Home\Pictures
- Pinned Firefox to Taskbar
- Fixed misspellings in Readme #42/#43
- Added Ruby and Ruby Devkit #1
- Updated Rubeus package to current version (1.4.2) #31
- Added missing 'seclists.fireeye' package to packages.json #38
- Used https instead of http to install boxstarter #10