FireEye’s Commando VM Turns Your Windows Computer Into A Hacking Machine
Cybersecurity company FireEye recently released an automated installation script called Complete Mandiant Offensive VM (“Commando VM”) aimed at penetration testers and red teamers.
According to the company, Commando VM is a “first of its kind Windows-based security distribution for penetration testing and red teaming.” This automation installation script turns a Windows operating system into a hacking system.
FireEye says that Commando VM originated from their company’s popular Flare VM that focuses on reverse engineering and malware analysis platform.
“Penetration testers commonly use their own variants of Windows machines when assessing Active Directory environments. Commando VM was designed specifically to be the go-to platform for performing these internal penetration tests.” reads the post published by FireEye.
“The benefits of using a Windows machine include native support for Windows and Active Directory, using your VM as a staging area for C2 frameworks, browsing shares more easily (and interactively), and using tools such as PowerView and BloodHound without having to worry about placing output files on client assets.”
Commando VM uses Boxstarter, Chocolatey, and MyGet packages to install all software packages, and delivers many tools and utilities to support penetration testing.
Just running a single command automatically updates all hacking software that you have installed.
It also automatically installs more than 140 tools, including Nmap, Wireshark, Covenant, Python, Go, Remote Server Administration Tools, Sysinternals, Mimikatz, Burp-Suite, x64dbg, Hashcat, on your Windows machine.
“With such versatility, Commando VM aims to be the de facto Windows machine for every penetration tester and red teamer,” says Firefox.
There is also full support for Blue teamers, who are involved in the defense of networks and would like to use Command VM. The versatile tool sets included in Commando VM provide blue teams with the tools necessary to audit their networks and improve their detection capabilities.
“With a library of offensive tools, it makes it easy for blue teams to keep up with offensive tooling and attack trends,” adds FireEye.
Commando VM users are advised to run the distribution in a virtual machine (VM), as this eases deployment and provides the ability to revert to a clean state prior to each engagement. The minimum requirements for installation of a Commando VM is 60GB of disk space and 2GB of memory, and the operating system should be Windows 7 Service Pack 1, or Windows 10. However, it allows installing more features in Windows 10.
“We believe this distribution will become the standard tool for penetration testers and look forward to continued improvement and development of the Windows attack platform,” concluded FireEye.
You can download the installation script of Commando VM from GitHub.
Source: FireEye Blog