查看原文
其他

Windows渗透工具包 – CommandoVM

uedbox LemonSec 2023-06-18

CommandoVM渗透工具包


CommandoVM基于火眼供恶意软件分析和应用逆向工程使用的 FLARE VM 平台,包含攻击性安全测试员常用的一系列工具,比如Python和Go编程语言,Nmap和Wirshark网络扫描器,BurpSuit之类的网络安全测试框架,以及Sysinternals、Mimikatz等Windows安全工具。

火眼Windows渗透工具包CommandoVM下载

https://github.com/fireeye/commando-vm

安装要求

Windows 7 Service Pack 1或windows10至少有60 GB的硬盘最低 2 GB内

commandoVM安装教程/视频

https://www.youtube.com/watch?v=L5j1XO1hIk4 自备水管 https://www.bilibili.com/video/av48721042/ 国内

CommandoVM包含的工具

Active Directory Tools

  • Remote Server Administration Tools (RSAT)

  • SQL Server Command Line Utilities

  • Sysinternals

Command & Control

  • Covenant

  • PoshC2

  • WMImplant

  • WMIOps

Developer Tools

  • Dep

  • Git

  • Go

  • Java

  • Python 2

  • Python 3 (default)

  • Visual Studio 2017 Build Tools (Windows 10)

  • Visual Studio Code

Evasion

  • CheckPlease

  • Demiguise

  • DotNetToJScript

  • Invoke-CradleCrafter

  • Invoke-DOSfuscation

  • Invoke-Obfuscation

  • Invoke-Phant0m

  • Not PowerShell (nps)

  • PS>Attack

  • PSAmsi

  • Pafishmacro

  • PowerLessShell

  • PowerShdll

  • StarFighters

Exploitation

  • ADAPE-Script

  • API Monitor

  • CrackMapExec

  • CrackMapExecWin

  • DAMP

  • Exchange-AD-Privesc

  • FuzzySec's PowerShell-Suite

  • FuzzySec's Sharp-Suite

  • Generate-Macro

  • GhostPack

    • Rubeus

    • SafetyKatz

    • Seatbelt

    • SharpDPAPI

    • SharpDump

    • SharpRoast

    • SharpUp

    • SharpWMI

  • GoFetch

  • Impacket

  • Invoke-ACLPwn

  • Invoke-DCOM

  • Invoke-PSImage

  • Invoke-PowerThIEf

  • Kali Binaries for Windows

  • LuckyStrike

  • MetaTwin

  • Metasploit

  • Mr. Unikod3r's RedTeamPowershellScripts

  • NetshHelperBeacon

  • Nishang

  • Orca

  • PSReflect

  • PowerLurk

  • PowerPriv

  • PowerSploit

  • PowerUpSQL

  • PrivExchange

  • Ruler

  • SharpExchangePriv

  • SpoolSample

  • UACME

  • impacket-examples-windows

  • vssown

Information Gathering

  • ADACLScanner

  • ADExplorer

  • ADOffline

  • ADRecon

  • BloodHound

  • Get-ReconInfo

  • GoWitness

  • Nmap

  • PowerView

    • Dev branch included

  • SharpHound

  • SharpView

  • SpoolerScanner

Networking Tools

  • Citrix Receiver

  • OpenVPN

  • Proxycap

  • PuTTY

  • Telnet

  • VMWare Horizon Client

  • VMWare vSphere Client

  • VNC-Viewer

  • WinSCP

  • Windump

  • Wireshark

Password Attacks

  • ASREPRoast

  • CredNinja

  • DSInternals

  • Get-LAPSPasswords

  • Hashcat

  • Internal-Monologue

  • Inveigh

  • Invoke-TheHash

  • KeeFarce

  • KeeThief

  • LAPSToolkit

  • MailSniper

  • Mimikatz

  • Mimikittenz

  • RiskySPN

  • SessionGopher

Reverse Engineering

  • DNSpy

  • Flare-Floss

  • ILSpy

  • PEview

  • Windbg

  • x64dbg

Utilities

  • 7zip

  • Adobe Reader

  • AutoIT

  • Cmder

  • CyberChef

  • Gimp

  • Greenshot

  • Hashcheck

  • Hexchat

  • HxD

  • Keepass

  • MobaXterm

  • Mozilla Thunderbird

  • Neo4j Community Edition

  • Pidgin

  • Process Hacker 2

  • SQLite DB Browser

  • Screentogif

  • Shellcode Launcher

  • Sublime Text 3

  • TortoiseSVN

  • VLC Media Player

  • Winrar

  • yEd Graph Tool

Vulnerability Analysis

  • Egress-Assess

  • Grouper2

  • zBang

Web Applications

  • Burp Suite

  • Fiddler

  • Firefox

  • OWASP Zap

Wordlists

  • FuzzDB

  • PayloadsAllTheThings

  • SecLists

原文链接:https://www.uedbox.com/post/54087/

侵权请私聊公众号删文


 热文推荐  


欢迎关注LemonSec
觉得不错点个“赞”、“在看“

您可能也对以下帖子感兴趣

文章有问题?点此查看未经处理的缓存