Monday, November 25, 2024
HomeComputer SecurityCommando VM 2.0 - A New Version of Offensive Pentesting VM Updated...

Commando VM 2.0 – A New Version of Offensive Pentesting VM Updated With Kali Linux & New Hacking Tools

Published on

Commando VM 2.0, a new version of Windows-based security distribution released for penetration testing community and red teamers with updated hacking tools and new features such as Kali Linux, Docker containers.

Earlier of 2019, FireEye released a Commando VM with 140 hacking tools in Black Hat Asia Arsenal and it is dedicated to performing internal penetration tests.

The current version of Commando VM 2.0 received major changes including, the fixes of 61 bugs and added 26 new tools with three major new features and more.

- Advertisement - SIEM as a Service

In order to install software, it uses BoxstarterChocolatey, and MyGet packages to install software and tools other utilities for red teamer and other pentesing community.

According to FireEye, The benefits of using Commando VM include native support for Windows and Active Directory, using your VM as a staging area for command and control (C2) frameworks, more easily (and interactively) browsing network shares, and using tools such as PowerView  and  BloodHound  without any worry about placing output files on client assets.

https://twitter.com/FireEye/status/1159502071999188994

Installed Tools with Commando VM 2.0

Commando VM 2.0 focused on many toolsets such as Active Directory Tools, Command & Control, Developer Tools, Docker, Evasion, Exploitation, Information Gathering and recently FireEye added Kali Linux.

https://twitter.com/FireEye/status/1159197032113942528

It is recommended to install the Commando VM 2.0 in a virtual machine, for installation, it requires 60 GB of disk space, 2 GB memory, and the operating system should be Windows 7 Service Pack 1, or Windows 10

Active Directory Tools includes Remote Server Administration Tools (RSAT), Sysinternals and SQL Server Command Line Utilities.

There are 4 command and control modules Covenant, WMImplant, PoshC2, WMIOps are installed along with 10 following developers tools

Dep
Git
Go
Java
Python 2
Python 3 (default)
Ruby
Ruby Devkit
Visual Studio 2017 Build Tools (Windows 10)
Visual Studio Code

Apart from this, we could see a variety of exploitation tools are deployed with Commando VM 2.0 that includes PowerSploit, Metasploit, SharpSploit, Vulcan, EvilClippy, API Monitor, Impacket, LuckyStrike, MetaTwin, PrivExchange, Nishang, Ruler, PowerUpSQL, SpoolSample, CrackMapExec and more.

Kali Linux & Docker

Commando VM 2.0 now officially supports Kali Linux, a pentesing OS in WSL (Windows Subsystem for Linux) and the support for Kali Linux in WSL announced in 2018 by Offensive security.

Commando VM 2.0

Displaying the Linux GUI and passing windows to Windows had been previously documented by Offensive Security. Commando VM 2.0 now combined these to include the GUI as well as shortcuts to take advantage of popular programs such as Terminator.

Since the Docker is used for various pentesting purpose, FireEye brings it in Commando VM 2.0 with tools such as Amass and SpiderFoot and provide scripts to launch the containers for each tool

Commando VM 2.0
 Impacket container running on Docker

Penetration testers and security professionals need to use different tools in the various scenario, and sometimes they would like to install additional reversing tools.

Therefore, an option provides in Commando VM 2.0 let users customize to selectively install only the packages, which means it supports for installation customization.

default profile Used in Commando VM 2.0 and removing or adding tools to it as you see fit., FireEye said.

The installation process is pretty simple, all you need is to install a fresh copy of the Windows operating system in VM and then Vmware tools for additional functionalities such as copy/paste.

Then need to download the Commando VM from GitHub to the windows machine, you can find the step by step installation instructions in FireEye blog post.

Sponsored:  â€“ Manage all the Endpoint networks from a single Console.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting...

Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials

The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ...

XSS Vulnerability in Bing.com Let Attackers Send Crafted Malicious Requests

A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to...

Meta Removed 2 Million Account Linked to Malicious Activities

 Meta has announced the removal of over 2 million accounts connected to malicious activities,...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Embargo Ransomware Actors Abuses Safe Mode To Disable Security Solutions

In July 2024, the ransomware group Embargo targeted US companies using the malicious loader...

SMB Force-Authentication Vulnerability Impacts All OPA Versions For Windows

Open Policy Agent (OPA) recently patched a critical vulnerability that could have exposed NTLM...

Hackers Exploiting Selenium Grid Tool To Deploy Exploit Kit & Proxyjacker

Two campaigns targeting Selenium Grid's default lack of authentication are underway, as threat actors...