March 31, 2019 at 18:27Commando VM - Kali Linux Alternative for Windows
Just the other day, FireEye presented the Commando VM system , designed for Pentesters and the Red Team, running the Microsoft Windows operating system family.
FireEye positions Commando VM as the "first of its kind" distribution kit for pentesters under Windows, however, they are clearly cunning, because At least the Pentest Box project , which is also imprisoned for Windows, immediately comes to mind .
At the same time, the Commando VM system itself is quite interesting and deserves attention ...
Short description
Commando VM is based on the popular Flare VM virtual machine , which is designed for reverse engineering and malware analysis.
In fact, Commando VM is not a virtual machine image, but rather an unattended installation script that turns a Windows operating system running on a virtual machine into a pentest tool.
Commando VM uses the Boxstarter, Chocolatey and MyGet packages to install all the software and provides many tools and utilities to support the pentest.
Utility List
Active Directory Tools
- Remote Server Administration Tools (RSAT)
- SQL Server Command Line Utilities
- Sysinternals
Command & Control
- Covenant
- PoshC2
- WMImplant
- WMIOps
Developer Tools
- Dep
- Git
- Go
- Java
- Python 2
- Python 3 (default)
- Visual Studio 2017 Build Tools (Windows 10)
- Visual Studio Code
Evasion
- CheckPlease
- Demiguise
- DotNetToJScript
- Invoke-CradleCrafter
- Invoke-DOSfuscation
- Invoke-Obfuscation
- Invoke-Phant0m
- Not PowerShell (nps)
- PS> Attack
- PSAmsi
- Pafishmacro
- PowerLessShell
- PowerShdll
- Starfighters
Exploitation
- ADAPE-Script
- the API Monitor
- CrackMapExec
- CrackMapExecWin
- DAMP
- the Exchange-the AD-Privesc
- FuzzySec's PowerShell-Suite
- FuzzySec's Sharp-Suite
- the Generate-the Macro
- GhostPack
- Rubeus
- SafetyKatz
- Seatbelt
- SharpDPAPI
- SharpDump
- SharpRoast
- SharpUp
- SharpWMI
- GoFetch
- Impacket
- Invoke-ACLPwn
- Invoke-DCOM
- Invoke-PSImage
- Invoke-PowerThIEf
- Kali Binaries for Windows
- LuckyStrike
- MetaTwin
- Metasploit
- Mr. Unikod3r's RedTeamPowershellScripts
- NetshHelperBeacon
- Nishang
- the Orca
- PSReflect
- PowerLurk
- PowerPriv
- PowerSploit
- PowerUpSQL
- PrivExchange
- Ruler
- SharpExchangePriv
- SpoolSample
- UACME
- impacket-the examples-windows
- vssown
Information Part Gathering
- ADACLScanner
- ADExplorer
- ADOffline
- ADRecon
- Bloodhound
- the Get -ReconInfo
- GoWitness
- Nmap
- PowerView
- Dev branch included
- SharpHound
- SharpView
- SpoolerScanner
Networking Tools
- Citrix Receiver
- OpenVPN
- Proxycap
- PuTTY
- Telnet
- VMWare Horizon Client
- VMWare vSphere Client
- VNC-Viewer
- WinSCP
- Windump
- Wireshark
Password Attacks
- ASREPRoast
- CredNinja
- DSInternals
- Get-LAPSPasswords
- Hashcat
- Internal-Monologue
- Inveigh
- Invoke-TheHash
- KeeFarce
- KeeThief
- LAPSToolkit
- MailSniper
- Mimikatz
- Mimikittenz
- RiskySPN
- SessionGopher
the Reverse Engineering
- DNSpy
- Flare-the Floss
- ILSpy
- PEview
- Windbg
- x64dbg
the Utilities
- 7zip
- as Adobe Reader
- AutoIT
- Cmder
- CyberChef
- the Gimp
- Greenshot
- Hashcheck
- Hexchat
- HxD
- Keepass
- MobaXterm
- Mozilla Thunderbird
- Neo4j Community Edition
- Pidgin
- Process Hacker 2
- SQLite DB Browser
- Screentogif
- Shellcode Launcher
- Sublime Text 3
- TortoiseSVN
- VLC Media Player
- Winrar
- yEd Graph Tool
Vulnerability Analysis
- Egress-Assess
- Grouper2
- zBang
Web Applications
- Burp Suite
- Fiddler
- Firefox
- OWASP Zap
Wordlists
- FuzzDB
- PayloadsAllTheThings
- SecLists
- Remote Server Administration Tools (RSAT)
- SQL Server Command Line Utilities
- Sysinternals
Command & Control
- Covenant
- PoshC2
- WMImplant
- WMIOps
Developer Tools
- Dep
- Git
- Go
- Java
- Python 2
- Python 3 (default)
- Visual Studio 2017 Build Tools (Windows 10)
- Visual Studio Code
Evasion
- CheckPlease
- Demiguise
- DotNetToJScript
- Invoke-CradleCrafter
- Invoke-DOSfuscation
- Invoke-Obfuscation
- Invoke-Phant0m
- Not PowerShell (nps)
- PS> Attack
- PSAmsi
- Pafishmacro
- PowerLessShell
- PowerShdll
- Starfighters
Exploitation
- ADAPE-Script
- the API Monitor
- CrackMapExec
- CrackMapExecWin
- DAMP
- the Exchange-the AD-Privesc
- FuzzySec's PowerShell-Suite
- FuzzySec's Sharp-Suite
- the Generate-the Macro
- GhostPack
- Rubeus
- SafetyKatz
- Seatbelt
- SharpDPAPI
- SharpDump
- SharpRoast
- SharpUp
- SharpWMI
- GoFetch
- Impacket
- Invoke-ACLPwn
- Invoke-DCOM
- Invoke-PSImage
- Invoke-PowerThIEf
- Kali Binaries for Windows
- LuckyStrike
- MetaTwin
- Metasploit
- Mr. Unikod3r's RedTeamPowershellScripts
- NetshHelperBeacon
- Nishang
- the Orca
- PSReflect
- PowerLurk
- PowerPriv
- PowerSploit
- PowerUpSQL
- PrivExchange
- Ruler
- SharpExchangePriv
- SpoolSample
- UACME
- impacket-the examples-windows
- vssown
Information Part Gathering
- ADACLScanner
- ADExplorer
- ADOffline
- ADRecon
- Bloodhound
- the Get -ReconInfo
- GoWitness
- Nmap
- PowerView
- Dev branch included
- SharpHound
- SharpView
- SpoolerScanner
Networking Tools
- Citrix Receiver
- OpenVPN
- Proxycap
- PuTTY
- Telnet
- VMWare Horizon Client
- VMWare vSphere Client
- VNC-Viewer
- WinSCP
- Windump
- Wireshark
Password Attacks
- ASREPRoast
- CredNinja
- DSInternals
- Get-LAPSPasswords
- Hashcat
- Internal-Monologue
- Inveigh
- Invoke-TheHash
- KeeFarce
- KeeThief
- LAPSToolkit
- MailSniper
- Mimikatz
- Mimikittenz
- RiskySPN
- SessionGopher
the Reverse Engineering
- DNSpy
- Flare-the Floss
- ILSpy
- PEview
- Windbg
- x64dbg
the Utilities
- 7zip
- as Adobe Reader
- AutoIT
- Cmder
- CyberChef
- the Gimp
- Greenshot
- Hashcheck
- Hexchat
- HxD
- Keepass
- MobaXterm
- Mozilla Thunderbird
- Neo4j Community Edition
- Pidgin
- Process Hacker 2
- SQLite DB Browser
- Screentogif
- Shellcode Launcher
- Sublime Text 3
- TortoiseSVN
- VLC Media Player
- Winrar
- yEd Graph Tool
Vulnerability Analysis
- Egress-Assess
- Grouper2
- zBang
Web Applications
- Burp Suite
- Fiddler
- Firefox
- OWASP Zap
Wordlists
- FuzzDB
- PayloadsAllTheThings
- SecLists
Installation
Developers advise using Commando VM only as a virtual machine!
Hardware requirements:
- 60 GB of free disk space.
- 2 GB of RAM.
OS requirements:
- Windows 7 SP1
- Windows 10 (priority)
Installation is done by running the installation script in PowerShell, which can be downloaded from the Commando VM repository
Installation video guide
Screenshots
