Commando VM 2.0

Commando VM 2.0, a new version of Windows-based security distribution released for penetration testing community and red teamers with updated hacking tools and new features such as Kali Linux, Docker containers.

Earlier of 2019, FireEye released a Commando VM with 140 hacking tools in Black Hat Asia Arsenal and it is dedicated to performing internal penetration tests.

The current version of Commando VM 2.0 received major changes including, the fixes of 61 bugs and added 26 new tools with three major new features and more.

In order to install software, it uses BoxstarterChocolatey, and MyGet packages to install software and tools other utilities for red teamer and other pentesing community.

According to FireEye, The benefits of using Commando VM include native support for Windows and Active Directory, using your VM as a staging area for command and control (C2) frameworks, more easily (and interactively) browsing network shares, and using tools such as PowerView  and  BloodHound  without any worry about placing output files on client assets.

Installed Tools with Commando VM 2.0

Commando VM 2.0 focused on many toolsets such as Active Directory Tools, Command & Control, Developer Tools, Docker, Evasion, Exploitation, Information Gathering and recently FireEye added Kali Linux.

It is recommended to install the Commando VM 2.0 in a virtual machine, for installation, it requires 60 GB of disk space, 2 GB memory, and the operating system should be Windows 7 Service Pack 1, or Windows 10

Active Directory Tools includes Remote Server Administration Tools (RSAT), Sysinternals and SQL Server Command Line Utilities.

There are 4 command and control modules Covenant, WMImplant, PoshC2, WMIOps are installed along with 10 following developers tools

Python 2
Python 3 (default)
Ruby Devkit
Visual Studio 2017 Build Tools (Windows 10)
Visual Studio Code

Apart from this, we could see a variety of exploitation tools are deployed with Commando VM 2.0 that includes PowerSploit, Metasploit, SharpSploit, Vulcan, EvilClippy, API Monitor, Impacket, LuckyStrike, MetaTwin, PrivExchange, Nishang, Ruler, PowerUpSQL, SpoolSample, CrackMapExec and more.

Kali Linux & Docker

Commando VM 2.0 now officially supports Kali Linux, a pentesing OS in WSL (Windows Subsystem for Linux) and the support for Kali Linux in WSL announced in 2018 by Offensive security.

Commando VM 2.0

Displaying the Linux GUI and passing windows to Windows had been previously documented by Offensive Security. Commando VM 2.0 now combined these to include the GUI as well as shortcuts to take advantage of popular programs such as Terminator.

Since the Docker is used for various pentesting purpose, FireEye brings it in Commando VM 2.0 with tools such as Amass and SpiderFoot and provide scripts to launch the containers for each tool

Commando VM 2.0
 Impacket container running on Docker

Penetration testers and security professionals need to use different tools in the various scenario, and sometimes they would like to install additional reversing tools.

Therefore, an option provides in Commando VM 2.0 let users customize to selectively install only the packages, which means it supports for installation customization.

default profile Used in Commando VM 2.0 and removing or adding tools to it as you see fit., FireEye said.

The installation process is pretty simple, all you need is to install a fresh copy of the Windows operating system in VM and then Vmware tools for additional functionalities such as copy/paste.

Then need to download the Commando VM from GitHub to the windows machine, you can find the step by step installation instructions in FireEye blog post.

Sponsored: Best Practices to Strengthen Cyber Security – Manage all the Endpoint networks from a single Console.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Leave a Reply