Jump to content
Report any bug Read more... ×
We're hiring! We are accepting applications for Developers, Teachers, Redactors and Junior Moderators. Read more... ×

Create an account on our board

or login and enjoy all the possibilities

Existing user? Sign In

Sign In



Sign Up

Learn Or Teach

You can learn computer security by practicing in the Dashboard, you can also be taught by a teacher. Or You can teach community members regardless of your specialty, and earn points for each person!

Learn or Teach

The Challenges

The new Challenges page is here. Take advantage of several vulnerable web applications to help train you such as, DVWA, XVWA, Mutillidae. You can also launch an existing or custom virtual machine.

Play Now !

Collaboration Room

The first categories of the forum are rooms that you can create or join in order to participate in events with the other members of the community. You can also create your room to make a teaching request, or attend your teacher's presentation. In this room you can create a private forum, store your information, invite other people etc.

Create Room

Create your club

You can create a club with your friends, earn points in teams. Creating a club gives you access to a team space. There you will have a private forum where you can store files, share information etc. Invite your friends and play together!

Create yours now!

VIP

Several VIP packs are available, understand that the survival of this site depends on it. Of course you can buy this pack with your points won during events. Formulas: Vip Member Vip Teacher Vip student

Buy
News
  • For new users read this
  • Challenges
  • for new users thank you to post in introduction and answer "Accept" on the topic of the rules to have access to the integrity of the forum and receive your Exploit-Code
  • The challenges board is being developed you are likely to encounter some bugs if this is the case report to an administrator.
Sign in to follow this  
AdminSec

Commando VM — Turn Your Windows Computer Into A Hacking Machine

Recommended Posts

Hidden Content

    Give reaction or reply to this topic to see the hidden content.

 

 

 

 

 

 

 

 

 

 

 

FireEye today released Commando VM, which according to the company, is a "first of its kind Windows-based security distribution for penetration testing and red teaming."

When it comes to the best-operating systems for hackers, Kali Linux is always the first choice for penetration testers and ethical hackers.

However, Kali is a Linux-based distribution, and using Linux without learning some basics is not everyone's cup of tea as like Windows or macOS operating systems.

Moreover, if you are wondering why there is no popular Windows-based operating system for hackers? First, because Windows is not open-source and second, manually installing penetration testing tools on Windows is pretty problematic for most users.

To help researchers and cyber security enthusiasts, cybersecurity firm FireEye today released an automated installer called Commando VM.

But don't get confused with its name. Commando VM is not a pre-configured snapshot of a virtual machine image with many tools installed on a Windows system. It's not even a complete distribution.

Instead, Commando VM is an automated installation script that turns your Windows operating system, running on a virtual machine (VM) or even on the base system, into a hacking machine.

    "It is possible to archive the same result if you run the install script on the base machine. However, we strongly discourage this behavior. Commando VM downloads additional offensive and red team tools on Windows. Many of these tools are flagged by windows defenders as malicious. Therefore, we disable many Windows security features. Running Commando VM on the host will leave it vulnerable, and therefore strongly discouraged," FireEye researcher confirmed The Hacker News via an email conversation.


But, I have to mention that Commando VM is not the first of its kind.

Available since 2015, PentestBox is a similar open-source tool, running which automatically installs all the security tools as a software package directly on your Windows computer.

Developed by Indian security researcher Aditya Agrawal, PentestBox has been designed to eliminate the requirement of virtual machines or dual boot environments on Windows.

Commando VM release 1.0 includes two different set-ups, one works on Windows 7 Service Pack 1 and another for users running Windows 10 operating system.

Commando VM offers a smooth working environment by automatically installing more than 140 tools, including Nmap, Wireshark, Remote Server Administration Tools, Mimikatz, Burp-Suite, x64db, Metasploit, PowerSploit, Hashcat, and Owasp ZAP, on your Windows machine.
windows hacking tools
According to one of the authors of Commando VMs, the following are the top three features of the tool that make it more interesting:

    Native Windows protocol support (SMB, PowerShell, RSAT, Sysinternals, etc.)
    Organized toolsets (Tools folder on the desktop with Info Gathering, Exploitation, Password Attacks, etc.)
    Windows-based C2 frameworks like Covenant (dotnet) and PoshC2 (PowerShell)


    "With such versatility, Commando VM aims to be the de facto Windows machine for every penetration tester and red teamer," FireEye says.

    "The versatile tool sets included in Commando VM provide blue teams with the tools necessary to audit their networks and improve their detection capabilities. With a library of offensive tools, it makes it easy for blue teams to keep up with offensive tooling and attack trends."

 

Hidden Content

    Give reaction or reply to this topic to see the hidden content.
 


According to FireEye, Commando VM also uses Boxstarter, Chocolatey, and MyGet packages to install all software packages. Running a single command will automatically update all your installed hacking software.

To use this on your Windows computer, you need at least 60 GB of free hard drive space, 2GB of RAM and a freshly installed Windows OS on a virtual machine software, like VMware or Oracle VirtualBox installed on your system.

Installing Commando VM is pretty easy. Just download the Commando VM, decompress it and then execute the PowerShell script available in the package on your VM-based Windows to complete the installation.

The remaining installation process will be done automatically, which may take between 2 to 3 hours to finish depending upon your Internet speed.

    "The VM will reboot multiple times due to the numerous software installation requirements," FireEye says. "Once the installation completes, the PowerShell prompt remains open waiting for you to hit any key before exiting."


After the completion of the installation process, you'll be presented with Commando VM, and all you need to do is reboot your machine to ensure the final configuration changes take effect.

  • Like 2

Share this post


Link to post
Share on other sites

Very nice , we can pentest with windows like with kali now ahah , 60Go for test :S i will wait.

This environment is for user which are pro windows (anti linux/mac) ? Or it can be usefull for pentest on windows environment ? (specially active diretory)

 

Thanks for the share

Share this post


Link to post
Share on other sites
Sign in to follow this  

×