Thursday, March 28, 2024

Commando VM 2.0 – A New Version of Offensive Pentesting VM Updated With Kali Linux & New Hacking Tools

Commando VM 2.0, a new version of Windows-based security distribution released for penetration testing community and red teamers with updated hacking tools and new features such as Kali Linux, Docker containers.

Earlier of 2019, FireEye released a Commando VM with 140 hacking tools in Black Hat Asia Arsenal and it is dedicated to performing internal penetration tests.

The current version of Commando VM 2.0 received major changes including, the fixes of 61 bugs and added 26 new tools with three major new features and more.

In order to install software, it uses BoxstarterChocolatey, and MyGet packages to install software and tools other utilities for red teamer and other pentesing community.

According to FireEye, The benefits of using Commando VM include native support for Windows and Active Directory, using your VM as a staging area for command and control (C2) frameworks, more easily (and interactively) browsing network shares, and using tools such as PowerView  and  BloodHound  without any worry about placing output files on client assets.

https://twitter.com/FireEye/status/1159502071999188994

Installed Tools with Commando VM 2.0

Commando VM 2.0 focused on many toolsets such as Active Directory Tools, Command & Control, Developer Tools, Docker, Evasion, Exploitation, Information Gathering and recently FireEye added Kali Linux.

https://twitter.com/FireEye/status/1159197032113942528

It is recommended to install the Commando VM 2.0 in a virtual machine, for installation, it requires 60 GB of disk space, 2 GB memory, and the operating system should be Windows 7 Service Pack 1, or Windows 10

Active Directory Tools includes Remote Server Administration Tools (RSAT), Sysinternals and SQL Server Command Line Utilities.

There are 4 command and control modules Covenant, WMImplant, PoshC2, WMIOps are installed along with 10 following developers tools

Dep
Git
Go
Java
Python 2
Python 3 (default)
Ruby
Ruby Devkit
Visual Studio 2017 Build Tools (Windows 10)
Visual Studio Code

Apart from this, we could see a variety of exploitation tools are deployed with Commando VM 2.0 that includes PowerSploit, Metasploit, SharpSploit, Vulcan, EvilClippy, API Monitor, Impacket, LuckyStrike, MetaTwin, PrivExchange, Nishang, Ruler, PowerUpSQL, SpoolSample, CrackMapExec and more.

Kali Linux & Docker

Commando VM 2.0 now officially supports Kali Linux, a pentesing OS in WSL (Windows Subsystem for Linux) and the support for Kali Linux in WSL announced in 2018 by Offensive security.

Commando VM 2.0

Displaying the Linux GUI and passing windows to Windows had been previously documented by Offensive Security. Commando VM 2.0 now combined these to include the GUI as well as shortcuts to take advantage of popular programs such as Terminator.

Since the Docker is used for various pentesting purpose, FireEye brings it in Commando VM 2.0 with tools such as Amass and SpiderFoot and provide scripts to launch the containers for each tool

Commando VM 2.0
 Impacket container running on Docker

Penetration testers and security professionals need to use different tools in the various scenario, and sometimes they would like to install additional reversing tools.

Therefore, an option provides in Commando VM 2.0 let users customize to selectively install only the packages, which means it supports for installation customization.

default profile Used in Commando VM 2.0 and removing or adding tools to it as you see fit., FireEye said.

The installation process is pretty simple, all you need is to install a fresh copy of the Windows operating system in VM and then Vmware tools for additional functionalities such as copy/paste.

Then need to download the Commando VM from GitHub to the windows machine, you can find the step by step installation instructions in FireEye blog post.

Sponsored: Best Practices to Strengthen Cyber Security â€“ Manage all the Endpoint networks from a single Console.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Website

Latest articles

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles