Last active
October 15, 2024 07:27
-
-
Save 0xdevalias/7901821 to your computer and use it in GitHub Desktop.
My steps to setup a new pentest environment
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /dev/alias Pentest Environment Setup | |
| # Version: 0.2 (20131211) | |
| # Created By: Glenn 'devalias' Grant (http://devalias.net) | |
| # License: The MIT License (MIT) - Copyright (c) 2013 Glenn 'devalias' Grant (see http://choosealicense.com/licenses/mit/ for full license text) | |
| # TODO: | |
| # * Option to check if tools (from this script and external) exist/are already installed and what versions | |
| # * Eg nmap , metasploit, etc | |
| # * Lair: https://github.com/fishnetsecurity/Lair | |
| # * apt-get install python-pip | |
| # * pip install /path/to/lairdrone-v0.0.tar.gz | |
| # * export MONGO_URL="monogodb://lairdb:[email protected]:11014/lair?ssl=true" | |
| # * Setup checks to see if folders already exist/etc, if so, update the repos instead? | |
| # * Ask the user if they want to install each section? | |
| # * Add steps to configure each git repos with the users personal fork (if it exists) so they can easily submit pull requests/etc | |
| # * Browser extensions for firefox/chrome/etc, and autoinstall if possible? | |
| # * Lastpass | |
| # * Firecat/Kromcat, etc | |
| # * Maybe: | |
| # * http://code.google.com/p/hash-identifier/ (https://isc.sans.edu/forums/diary/Those+Look+Just+Like+Hashes+/17195) | |
| # * http://pentestmonkey.net/yaptest/overview/yaptest-overview | |
| # Manual Step: Install Kali (http://www.kali.org/) | |
| # OS Info | |
| cat /etc/os-release | |
| cat/proc/version | |
| uname -a | |
| lsb_release -a | |
| # Update packages | |
| echo Updating packages | |
| apt-get update && apt-get dist-upgrade | |
| # Setup directory layout | |
| echo Setting up directory layout.. | |
| cd ~ | |
| mkdir pentest | |
| cd pentest | |
| mkdir assessments | |
| # Setup vFeed + helper scripts (https://github.com/toolswatch/vFeed, https://gist.github.com/alias1/7554985) | |
| echo Setting up VFeed and helper scripts.. | |
| cd ~/pentest | |
| git clone https://github.com/toolswatch/vFeed.git vfeed | |
| cd vfeed | |
| git clone https://gist.github.com/7554985.git bin | |
| cd bin | |
| chmod +x vfeed*.sh | |
| ln -s ~/pentest/vfeed/bin/vfeed.sh /usr/local/bin/vfeed | |
| ln -s ~/pentest/vfeed/bin/vfeedcli.sh /usr/local/bin/vfeedcli | |
| ln -s ~/pentest/vfeed/bin/vfeed_update.sh /usr/local/bin/vfeed_update | |
| # Setup nmap.sh (https://gist.github.com/alias1/5963377) | |
| # TODO Link this into /usr/bin or similar? Give it a better name? | |
| echo Setting up nmap-sh.. | |
| cd ~/pentest | |
| git clone https://gist.github.com/5963377.git nmap.sh | |
| # Setup SecLists | |
| echo Setting up SecLists.. | |
| cd ~/pentest | |
| git clone https://github.com/danielmiessler/SecLists.git seclists | |
| # Setup Exploit-DB | |
| echo Setting up ExploitDB.. | |
| cd ~/pentest | |
| git clone https://github.com/offensive-security/exploit-database.git exploitdb | |
| # Setup PwnWiki | |
| echo Setting up PwnWiki.. | |
| cd ~/pentest | |
| git clone https://github.com/pwnwiki/pwnwiki.github.io.git pwnwiki | |
| #git clone https://github.com/pwnwiki/pwnwiki-tools.git pwnwiki-tools | |
| # Setup KaliWiki | |
| echo Setting up KaliWiki.. | |
| cd ~/pentest | |
| git clone https://github.com/pwnwiki/kaliwiki.git kaliwiki | |
| # Setup WebAppDefaultsDb | |
| echo Setting up WebAppDefaultsDb.. | |
| cd ~/pentest | |
| git clone https://github.com/pwnwiki/webappdefaultsdb webappdefaultsdb | |
| # Setup Mubix's tools/etc | |
| echo Setting Up Mubixs stuff.. | |
| cd ~/pentest | |
| git clone https://github.com/mubix/post-exploitation-wiki.git mubix-post-exploitation-wiki | |
| git clone https://github.com/mubix/post-exploitation mubix-post-exploitation | |
| #git clone https://github.com/mubix/tools.git mubix-tools | |
| # Setup Mainframed | |
| echo Setting up Mainframed.. | |
| cd ~/pentest | |
| git clone https://github.com/mainframed/Mainframed.git mainframed | |
| # Setup DNSFootprint (http://dnsfootprint.com/) | |
| # TODO: Track this in a git repository if possible (does licence allow it?) | |
| echo Setting up DNSFootprint.. | |
| cd ~/pentest | |
| mkdir dnsfootprint | |
| cd dnsfootprint | |
| wget http://dnsfootprint.com/DNSFootprint.zip | |
| unzip DNSFootprint.zip | |
| rm DNSFootprint.zip | |
| # Setup Powersploit | |
| echo Setting up Powersploit.. | |
| cd ~/pentest | |
| git clone https://github.com/mattifestation/PowerSploit.git powersploit | |
| # Setup Dumpmon-mon | |
| echo Setting up Dumpmon-mon | |
| cd ~/pentest | |
| git clone https://github.com/alias1/dumpmonmon.git dumpmonmon | |
| cd dumpmonmon | |
| bundle | |
| #leafpad dumpmonmon.yml & | |
| # Setup apt related tools | |
| echo Setting up tools through apt | |
| apt-get update | |
| apt-get install kali-linux-complete mono-complete | |
| echo Finished setting things up. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment