Commando VM - an alternative to Kali Linux for Windows
Just the other day, FireEye presented the Commando VM system designed for pentesters and the Red Team, running under the Microsoft Windows operating systems.
FireEye positions Commando VM as a “first-of-its-kind” distro for pentesters under Windows, but they are obviously cunning, since immediately comes to mind at least a project Pentest Box , which is also ground under Windows.
At the same time, the Commando VM system itself is quite interesting and deserves attention ...
Short description
Commando VM is based on the popular Flare VM virtual machine, which is designed for reverse engineering and malware analysis.
')
In fact, Commando VM is not an image of a virtual machine, but rather an unattended installation script that turns a Windows operating system running on a virtual machine into a tool for conducting pentests.
Commando VM uses Boxstarter, Chocolatey and MyGet packages to install all the software and provides many tools and utilities to support Pentest.
List of utilities
Active Directory Tools
- Remote Server Administration Tools (RSAT)
- SQL Server Command Line Utilities
- Sysinternals
Command & Control
- Covenant
- PoshC2
- WMImplant
- WMIOps
Developer Tools
- Dep
- git
- go
- java
- Python 2
- Python 3 (default)
- Visual Studio 2017 Build Tools (Windows 10)
- Visual Studio Code
Evasion
- CheckPlease
- Demiguise
- DotNetToJScript
- Invoke-CradleCrafter
- Invoke-DOSfuscation
- Invoke-Obfuscation
- Invoke-Phant0m
- Not PowerShell (nps)
- PS> Attack
- PSAmsi
- Pafishmacro
- PowerLessShell
- PowerShdll
- StarFighters
Exploitation
- ADAPE-Script
- API Monitor
- CrackMapExec
- CrackMapExecWin
- DAMP
- Exchange-AD-Privesc
- FuzzySec's PowerShell Suite
- FuzzySec's Sharp-Suite
- Generate Macro
- GhostPack
- Rubeus
- SafetyKatz
- Seatbelt
- SharpDPAPI
- SharpDump
- SharpRoast
- SharpUp
- SharpWMI
- GoFetch
- Impacket
- Invoke-ACLPwn
- Invoke-DCOM
- Invoke-PSImage
- Invoke-PowerThIEf
- Kali Binaries for Windows
- LuckyStrike
- MetaTwin
- Metasploit
- Mr. Unikod3r's RedTeamPowershellScripts
- NetshHelperBeacon
- Nishang
- Orca
- PSReflect
- PowerLurk
- PowerPriv
- PowerSploit
- PowerUpSQL
- PrivExchange
- Ruler
- SharpExchangePriv
- SpoolSample
- UACME
- impacket-examples-windows
- vssown
Information harvesting
- ADACLScanner
- ADExplorer
- ADOffline
- ADRecon
- BloodHound
- Get-ReconInfo
- GoWitness
- nmap
- PowerView
- Dev branch included
- SharpHound
- SharpView
- SpoolerScanner
Networking tools
- Citrix Receiver
- OpenVPN
- Proxycap
- PuTTY
- Telnet
- VMWare Horizon Client
- VMWare vSphere Client
- VNC-Viewer
- WinSCP
- Windump
- Wireshark
Password Attacks
- ASREPRoast
- CredNinja
- DSInternals
- Get-LAPSPasswords
- hashcat
- Internal-Monologue
- Inveigh
- Invoke-TheHash
- KeeFarce
- KeeThief
- LAPSToolkit
- MailSniper
- Mimikatz
- Mimikittenz
- RiskySPN
- SessionGopher
Reverse engineering
- DNSpy
- Flare-Floss
- ILSpy
- PEview
- windbg
- x64dbg
Utilities
- 7zip
- Adobe Reader
- AutoIT
- cmder
- CyberChef
- Gimp
- Greenshot
- Hashcheck
- Hexchat
- HxD
- Keepass
- MobaXterm
- Mozilla Thunderbird
- Neo4j Community Edition
- Pidgin
- Process Hacker 2
- SQLite DB Browser
- Screentogif
- Shellcode Launcher
- Sublime Text 3
- TortoiseSVN
- VLC Media Player
- Winrar
- yEd Graph Tool
Vulnerability Analysis
- Egress-Assess
- Grouper2
- zBang
Web Applications
- Burp Suite
- Fiddler
- Firefox
- OWASP Zap
Wordlists
- FuzzDB
- PayloadsAllTheThings
- SecLists
- Remote Server Administration Tools (RSAT)
- SQL Server Command Line Utilities
- Sysinternals
Command & Control
- Covenant
- PoshC2
- WMImplant
- WMIOps
Developer Tools
- Dep
- git
- go
- java
- Python 2
- Python 3 (default)
- Visual Studio 2017 Build Tools (Windows 10)
- Visual Studio Code
Evasion
- CheckPlease
- Demiguise
- DotNetToJScript
- Invoke-CradleCrafter
- Invoke-DOSfuscation
- Invoke-Obfuscation
- Invoke-Phant0m
- Not PowerShell (nps)
- PS> Attack
- PSAmsi
- Pafishmacro
- PowerLessShell
- PowerShdll
- StarFighters
Exploitation
- ADAPE-Script
- API Monitor
- CrackMapExec
- CrackMapExecWin
- DAMP
- Exchange-AD-Privesc
- FuzzySec's PowerShell Suite
- FuzzySec's Sharp-Suite
- Generate Macro
- GhostPack
- Rubeus
- SafetyKatz
- Seatbelt
- SharpDPAPI
- SharpDump
- SharpRoast
- SharpUp
- SharpWMI
- GoFetch
- Impacket
- Invoke-ACLPwn
- Invoke-DCOM
- Invoke-PSImage
- Invoke-PowerThIEf
- Kali Binaries for Windows
- LuckyStrike
- MetaTwin
- Metasploit
- Mr. Unikod3r's RedTeamPowershellScripts
- NetshHelperBeacon
- Nishang
- Orca
- PSReflect
- PowerLurk
- PowerPriv
- PowerSploit
- PowerUpSQL
- PrivExchange
- Ruler
- SharpExchangePriv
- SpoolSample
- UACME
- impacket-examples-windows
- vssown
Information harvesting
- ADACLScanner
- ADExplorer
- ADOffline
- ADRecon
- BloodHound
- Get-ReconInfo
- GoWitness
- nmap
- PowerView
- Dev branch included
- SharpHound
- SharpView
- SpoolerScanner
Networking tools
- Citrix Receiver
- OpenVPN
- Proxycap
- PuTTY
- Telnet
- VMWare Horizon Client
- VMWare vSphere Client
- VNC-Viewer
- WinSCP
- Windump
- Wireshark
Password Attacks
- ASREPRoast
- CredNinja
- DSInternals
- Get-LAPSPasswords
- hashcat
- Internal-Monologue
- Inveigh
- Invoke-TheHash
- KeeFarce
- KeeThief
- LAPSToolkit
- MailSniper
- Mimikatz
- Mimikittenz
- RiskySPN
- SessionGopher
Reverse engineering
- DNSpy
- Flare-Floss
- ILSpy
- PEview
- windbg
- x64dbg
Utilities
- 7zip
- Adobe Reader
- AutoIT
- cmder
- CyberChef
- Gimp
- Greenshot
- Hashcheck
- Hexchat
- HxD
- Keepass
- MobaXterm
- Mozilla Thunderbird
- Neo4j Community Edition
- Pidgin
- Process Hacker 2
- SQLite DB Browser
- Screentogif
- Shellcode Launcher
- Sublime Text 3
- TortoiseSVN
- VLC Media Player
- Winrar
- yEd Graph Tool
Vulnerability Analysis
- Egress-Assess
- Grouper2
- zBang
Web Applications
- Burp Suite
- Fiddler
- Firefox
- OWASP Zap
Wordlists
- FuzzDB
- PayloadsAllTheThings
- SecLists
Installation
Developers are advised to use Commando VM only as a virtual machine!
Iron requirements:
- 60 GB of free disk space.
- 2 GB of RAM.
OS requirements:
- Windows 7 SP1
- Windows 10 (priority)
Installation is performed by running the installation script in PowerShell, which can be downloaded from the Commando VM repository
Installation video guide
Screenshots
Source: https://habr.com/ru/post/446152/
All Articles