火眼发布Windows渗透工具包(CommandoVM) 包含140个渗透工具

火眼发布Windows渗透工具包(CommandoVM) 包含140个渗透工具
工具下载地址:github.com/fireeye/commando-vm

2019年3月28日,火眼发布了一个包含超过140个开源Windows渗透工具包,红队渗透测试员和蓝队防御人员均拥有了顶级侦察与漏洞利用程序集。该工具集名为“CommandoVM”.

CommandoVM基于火眼供恶意软件分析和应用逆向工程使用的 FLARE VM 平台,包含攻击性安全测试员常用的一系列工具,比如Python和Go编程语言,Nmap和Wirshark网络扫描器,BurpSuit之类的网络安全测试框架,以及Sysinternals、Mimikatz等Windows安全工具。

可在GitHub上免费下载CommandoVM。自述文件中列出了该发行版包含的全部工具。

工具包括下面的这些

Active Directory Tools
Remote Server Administration Tools (RSAT)
SQL Server Command Line Utilities
Sysinternals
Command & Control
Covenant
PoshC2
WMImplant
WMIOps
Developer Tools
Dep
Git
Go
Java
Python 2
Python 3 (default)
Visual Studio 2017 Build Tools (Windows 10)
Visual Studio Code
Evasion
CheckPlease
Demiguise
DotNetToJScript
Invoke-CradleCrafter
Invoke-DOSfuscation
Invoke-Obfuscation
Invoke-Phant0m
Not PowerShell (nps)
PS>Attack
PSAmsi
Pafishmacro
PowerLessShell
PowerShdll
StarFighters
Exploitation
ADAPE-Script
API Monitor
CrackMapExec
CrackMapExecWin
DAMP
Exchange-AD-Privesc
FuzzySec's PowerShell-Suite
FuzzySec's Sharp-Suite
Generate-Macro
GhostPack
Rubeus
SafetyKatz
Seatbelt
SharpDPAPI
SharpDump
SharpRoast
SharpUp
SharpWMI
GoFetch
Impacket
Invoke-ACLPwn
Invoke-DCOM
Invoke-PSImage
Invoke-PowerThIEf
Kali Binaries for Windows
LuckyStrike
MetaTwin
Metasploit
Mr. Unikod3r's RedTeamPowershellScripts
NetshHelperBeacon
Nishang
Orca
PSReflect
PowerLurk
PowerPriv
PowerSploit
PowerUpSQL
PrivExchange
Ruler
SharpExchangePriv
SpoolSample
UACME
impacket-examples-windows
vssown
Information Gathering
ADACLScanner
ADExplorer
ADOffline
ADRecon
BloodHound
Get-ReconInfo
GoWitness
Nmap
PowerView
Dev branch included
SharpHound
SharpView
SpoolerScanner
Networking Tools
Citrix Receiver
OpenVPN
Proxycap
PuTTY
Telnet
VMWare Horizon Client
VMWare vSphere Client
VNC-Viewer
WinSCP
Windump
Wireshark
Password Attacks
ASREPRoast
CredNinja
DSInternals
Get-LAPSPasswords
Hashcat
Internal-Monologue
Inveigh
Invoke-TheHash
KeeFarce
KeeThief
LAPSToolkit
MailSniper
Mimikatz
Mimikittenz
RiskySPN
SessionGopher
Reverse Engineering
DNSpy
Flare-Floss
ILSpy
PEview
Windbg
x64dbg
Utilities
7zip
Adobe Reader
AutoIT
Cmder
CyberChef
Gimp
Greenshot
Hashcheck
Hexchat
HxD
Keepass
MobaXterm
Mozilla Thunderbird
Neo4j Community Edition
Pidgin
Process Hacker 2
SQLite DB Browser
Screentogif
Shellcode Launcher
Sublime Text 3
TortoiseSVN
VLC Media Player
Winrar
yEd Graph Tool
Vulnerability Analysis
Egress-Assess
Grouper2
zBang
Web Applications
Burp Suite
Fiddler
Firefox
OWASP Zap
Wordlists
FuzzDB
PayloadsAllTheThings
SecLists

攻击示例:

fireeye.com/commando-vm-windows-offensive-distribution.html

CommandoVM下载地址:

github.com/fireeye/commando-vm

下面我具体介绍一下工具的安装过程:

1:硬件要求:

Windows 7 Service Pack 1或windows10
至少有60 GB的硬盘
最低 2 GB内存

2:选择安装了win7或者win10系统的虚拟机进行CommandoVM的安装

3:下载install.ps1 下载地址:github
不会下载的直接复制里面的内容新建一个文件粘贴进去再重命名后缀名为ps1

4:管理员身份运行powershell, 输入cd命令到install.ps1所在位置,然后输入 ./install.ps1回车

 ./install.ps1
CommandoVM

如上图所示,如果报错的话就输入这个命令再从头执行:

Set-ExecutionPolicy -ExecutionPolicy UNRESTRICTED

执行策略更改这里输入Y回车即可

CommandoVM

安装过程中会出现
Do you need to take a snapshot before continuing?
继续之前是否需要拍摄快照?
输入N即可

登陆凭证就是你的登陆密码,输入后待会会自动重启

CommandoVM

重启后计算机会自动运行脚本继续刚才的安装

CommandoVM

安装过程中可能会出现无法连接远程服务器这类的提示,建议挂代理下载。国内下载贼慢

CommandoVM

火眼发布Windows渗透工具包(CommandoVM) 包含140个渗透工具
工具下载地址:github.com/fireeye/commando-vm

工具的使用可以参考这里
fireeye.com/commando-vm-windows-offensive-distribution.html