CommandoVM渗透工具包

CommandoVM基于火眼供恶意软件分析和应用逆向工程使用的 FLARE VM 平台，包含攻击性安全测试员常用的一系列工具，比如Python和Go编程语言，Nmap和Wirshark网络扫描器，BurpSuit之类的网络安全测试框架，以及Sysinternals、Mimikatz等Windows安全工具。

火眼Windows渗透工具包CommandoVM下载

https://github.com/fireeye/commando-vm

安装要求

Windows 7 Service Pack 1或windows10至少有60 GB的硬盘最低 2 GB内

commandoVM安装教程/视频

    https://www.youtube.com/watch?v=L5j1XO1hIk4 自备水管    https://www.bilibili.com/video/av48721042/ 国内

CommandoVM包含的工具

Active Directory Tools

• Remote Server Administration Tools (RSAT)

• SQL Server Command Line Utilities

• Sysinternals

Command & Control

• Covenant

• PoshC2

• WMImplant

• WMIOps

Developer Tools

• Dep

• Git

• Go

• Java

• Python 2

• Python 3 (default)

• Visual Studio 2017 Build Tools (Windows 10)

• Visual Studio Code

Evasion

• CheckPlease

• Demiguise

• DotNetToJScript

• Invoke-CradleCrafter

• Invoke-DOSfuscation

• Invoke-Obfuscation

• Invoke-Phant0m

• Not PowerShell (nps)

• PS>Attack

• PSAmsi

• Pafishmacro

• PowerLessShell

• PowerShdll

• StarFighters

Exploitation

• ADAPE-Script

• API Monitor

• CrackMapExec

• CrackMapExecWin

• DAMP

• Exchange-AD-Privesc

• FuzzySec's PowerShell-Suite

• FuzzySec's Sharp-Suite

• Generate-Macro

• GhostPack

• Rubeus

• SafetyKatz

• Seatbelt

• SharpDPAPI

• SharpDump

• SharpRoast

• SharpUp

• SharpWMI

• GoFetch

• Impacket

• Invoke-ACLPwn

• Invoke-DCOM

• Invoke-PSImage

• Invoke-PowerThIEf

• Kali Binaries for Windows

• LuckyStrike

• MetaTwin

• Metasploit

• Mr. Unikod3r's RedTeamPowershellScripts

• NetshHelperBeacon

• Nishang

• Orca

• PSReflect

• PowerLurk

• PowerPriv

• PowerSploit

• PowerUpSQL

• PrivExchange

• Ruler

• SharpExchangePriv

• SpoolSample

• UACME

• impacket-examples-windows

• vssown

Information Gathering

• ADACLScanner

• ADExplorer

• ADOffline

• ADRecon

• BloodHound

• Get-ReconInfo

• GoWitness

• Nmap

• PowerView

• Dev branch included

• SharpHound

• SharpView

• SpoolerScanner

Networking Tools

• Citrix Receiver

• OpenVPN

• Proxycap

• PuTTY

• Telnet

• VMWare Horizon Client

• VMWare vSphere Client

• VNC-Viewer

• WinSCP

• Windump

• Wireshark

Password Attacks

• ASREPRoast

• CredNinja

• DSInternals

• Get-LAPSPasswords

• Hashcat

• Internal-Monologue

• Inveigh

• Invoke-TheHash

• KeeFarce

• KeeThief

• LAPSToolkit

• MailSniper

• Mimikatz

• Mimikittenz

• RiskySPN

• SessionGopher

Reverse Engineering

• DNSpy

• Flare-Floss

• ILSpy

• PEview

• Windbg

• x64dbg

Utilities

• 7zip

• Adobe Reader

• AutoIT

• Cmder

• CyberChef

• Gimp

• Greenshot

• Hashcheck

• Hexchat

• HxD

• Keepass

• MobaXterm

• Mozilla Thunderbird

• Neo4j Community Edition

• Pidgin

• Process Hacker 2

• SQLite DB Browser

• Screentogif

• Shellcode Launcher

• Sublime Text 3

• TortoiseSVN

• VLC Media Player

• Winrar

• yEd Graph Tool

Vulnerability Analysis

• Egress-Assess

• Grouper2

• zBang

Web Applications

• Burp Suite

• Fiddler

• Firefox

• OWASP Zap

Wordlists

• FuzzDB

• PayloadsAllTheThings

• SecLists

原文链接：https://www.uedbox.com/post/54087/

侵权请私聊公众号删文