Wednesday, April 24, 2024

Commando VM 2.0 – A New Version of Offensive Pentesting VM Updated With Kali Linux & New Hacking Tools

Commando VM 2.0, a new version of Windows-based security distribution released for penetration testing community and red teamers with updated hacking tools and new features such as Kali Linux, Docker containers.

Earlier of 2019, FireEye released a Commando VM with 140 hacking tools in Black Hat Asia Arsenal and it is dedicated to performing internal penetration tests.

The current version of Commando VM 2.0 received major changes including, the fixes of 61 bugs and added 26 new tools with three major new features and more.

In order to install software, it uses BoxstarterChocolatey, and MyGet packages to install software and tools other utilities for red teamer and other pentesing community.

According to FireEye, The benefits of using Commando VM include native support for Windows and Active Directory, using your VM as a staging area for command and control (C2) frameworks, more easily (and interactively) browsing network shares, and using tools such as PowerView  and  BloodHound  without any worry about placing output files on client assets.

Installed Tools with Commando VM 2.0

Commando VM 2.0 focused on many toolsets such as Active Directory Tools, Command & Control, Developer Tools, Docker, Evasion, Exploitation, Information Gathering and recently FireEye added Kali Linux.

It is recommended to install the Commando VM 2.0 in a virtual machine, for installation, it requires 60 GB of disk space, 2 GB memory, and the operating system should be Windows 7 Service Pack 1, or Windows 10

Active Directory Tools includes Remote Server Administration Tools (RSAT), Sysinternals and SQL Server Command Line Utilities.

There are 4 command and control modules Covenant, WMImplant, PoshC2, WMIOps are installed along with 10 following developers tools

Python 2
Python 3 (default)
Ruby Devkit
Visual Studio 2017 Build Tools (Windows 10)
Visual Studio Code

Apart from this, we could see a variety of exploitation tools are deployed with Commando VM 2.0 that includes PowerSploit, Metasploit, SharpSploit, Vulcan, EvilClippy, API Monitor, Impacket, LuckyStrike, MetaTwin, PrivExchange, Nishang, Ruler, PowerUpSQL, SpoolSample, CrackMapExec and more.

Kali Linux & Docker

Commando VM 2.0 now officially supports Kali Linux, a pentesing OS in WSL (Windows Subsystem for Linux) and the support for Kali Linux in WSL announced in 2018 by Offensive security.

Commando VM 2.0

Displaying the Linux GUI and passing windows to Windows had been previously documented by Offensive Security. Commando VM 2.0 now combined these to include the GUI as well as shortcuts to take advantage of popular programs such as Terminator.

Since the Docker is used for various pentesting purpose, FireEye brings it in Commando VM 2.0 with tools such as Amass and SpiderFoot and provide scripts to launch the containers for each tool

Commando VM 2.0
 Impacket container running on Docker

Penetration testers and security professionals need to use different tools in the various scenario, and sometimes they would like to install additional reversing tools.

Therefore, an option provides in Commando VM 2.0 let users customize to selectively install only the packages, which means it supports for installation customization.

default profile Used in Commando VM 2.0 and removing or adding tools to it as you see fit., FireEye said.

The installation process is pretty simple, all you need is to install a fresh copy of the Windows operating system in VM and then Vmware tools for additional functionalities such as copy/paste.

Then need to download the Commando VM from GitHub to the windows machine, you can find the step by step installation instructions in FireEye blog post.

Sponsored: Best Practices to Strengthen Cyber Security – Manage all the Endpoint networks from a single Console.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.


Latest articles

Researchers Uncover that UK.GOV Websites Sending Data to Chinese Ad Vendor Analysts

Analysts from Silent Push, a data analytics firm, have uncovered several UK government websites...

Ransomware Victims Who Opt To Pay Ransom Hits Record Low

Law enforcement operations disrupted BlackCat and LockBit RaaS operations, including sanctions on LockBit members...

IBM Nearing Talks to Acquire Cloud-software Provider HashiCorp

IBM is reportedly close to finalizing negotiations to acquire HashiCorp, a prominent cloud infrastructure...

Rewards Up to $10 Million for Information on Iranian Hackers

The United States Justice Department has announced big rewards for information leading to the...

PoC Exploit Released For Critical Oracle VirtualBox Vulnerability

Oracle Virtualbox was identified and reported as having a critical vulnerability associated with Privilege...

Tracing the Steps of Cyber Intruders: The Path of Lateral Movement

When cyber attacks strike, it's rarely a single computer that suffers. Nowadays, cybercriminals set...

U.S. to Impose Visa Restrictions on 13 Individuals Involved in Commercial Spyware Operations

To combat the misuse of commercial spyware, the United States Department of State has...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.


Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

Related Articles