Commando VM – A fully customized, Windows-based security distribution for penetration testing and red teaming developed by FireEye.
As we known about Kali Linux OS. It is a Debian-derived Linux distribution designed for digital forensics and penetration testing. But Commando VM is little different.
According to FireEye,
Penetration testers commonly use their own variants of Windows machines when assessing Active Directory environments. Commando VM was designed specifically to be the go-to platform for performing these internal penetration tests.
The benefits of using a Windows machine include native support for Windows and Active Directory, using your VM as a staging area for C2 frameworks, browsing shares more easily (and interactively), and using tools such as PowerView and BloodHound without having to worry about placing output files on client assets.
Commando VM uses Boxstarter, Chocolatey, and MyGet packages to install all of the software, and delivers many tools and utilities to support penetration testing. This list includes more than 140 tools, including:
- Nmap
- Wireshark
- Covenant
- Python
- Go
- Remote Server Administration Tools
- Sysinternals
- Mimikatz
- Burp-Suite
- x64dbg
- Hashcat
With such versatility, Commando VM aims to be the de facto Windows machine for every penetration tester and red teamer. For the blue teamers reading this, don’t worry, we’ve got full blue team support as well! The versatile tool sets included in Commando VM provide blue teams with the tools necessary to audit their networks and improve their detection capabilities. With a library of offensive tools, it makes it easy for blue teams to keep up with offensive tooling and attack trends.
Installation
Like FLARE VM, we recommend you use Commando VM in a virtual machine. This eases deployment and provides the ability to revert to a clean state prior to each engagement. We assume you have experience setting up and configuring your own virtualized environment. Next, perform a fresh installation of Windows. Commando VM is designed to be installed on Windows 7 Service Pack 1, or Windows 10, with Windows 10 allowing more features to be installed.
To start setup a new virtual machine (VM) with following minimum requirements
- Windows 7 Service Pack 1 or Windows 10
- 60 GB Hard Drive
- 2 GB RAM
Instructions
Create and configure a new Windows Virtual Machine
- Ensure VM is updated completely. You may have to check for updates, reboot, and check again until no more remain
- Take a snapshot of your machine!
- Download and copy install.ps1 on your newly configured machine.
- Open PowerShell as an Administrator
Enable script execution by running the following command:
- Set-ExecutionPolicy Unrestricted
Finally, execute the installer script as follows:
-
.\install.ps1
- You can also pass your password as an argument:
.\install.ps1 -password <password>
The script will set up the Boxstarter environment and proceed to download and install the Commando VM environment. You will be prompted for the administrator password in order to automate host restarts during installation. If you do not have a password set, hitting enter when prompted will also work.