Merge pull request mandiant#69 from fireeye/Commando_1.2

Version 1.2
godsapple · May 31, 2019 · 77f0e32 · 77f0e32
2 parents a3533bd + 83d689c
commit 77f0e32
Show file tree

Hide file tree

Showing 11 changed files with 81 additions and 19 deletions.
diff --git a/Commando.png b/Commando.png
diff --git a/README.md b/README.md
@@ -7,7 +7,7 @@
                \/             \/      \/     \/     \/      \/       
                         C O M P L E T E  M A N D I A N T                    
                              O F F E N S I V E   V M                        
-                                   Version 1.1                                 
+                                   Version 1.2                                 
                _____________________________________________________          
 
                                    Developed by                                
@@ -35,6 +35,14 @@ Requirements
 * 60 GB Hard Drive
 * 2 GB RAM
 
+Recommended
+-----------
+* Windows 10
+* 80+ GB Hard Drive
+* 4+ GB RAM
+* 2 network adapters
+* Enable Virtualization support for VM
+
 Instructions
 ------------
 1. Create and configure a new Windows Virtual Machine
@@ -166,6 +174,7 @@ Installed Tools
 - BloodHound
 - dnsrecon
 - Get-ReconInfo
+- GoBuster
 - GoWitness
 - Nmap
 - PowerView
@@ -190,6 +199,7 @@ Installed Tools
 ### Password Attacks
 - ASREPRoast
 - CredNinja
+- DomainPasswordSpray
 - DSInternals
 - Get-LAPSPasswords
 - Hashcat
@@ -219,6 +229,7 @@ Installed Tools
 - AutoIT
 - Cmder
 - CyberChef
+- Explorer Suite
 - Gimp
 - Greenshot
 - Hashcheck
@@ -228,6 +239,7 @@ Installed Tools
 - MobaXterm
 - Mozilla Thunderbird
 - Neo4j Community Edition
+- Notepad++
 - Pidgin
 - Process Hacker 2
 - SQLite DB Browser
@@ -252,13 +264,23 @@ Installed Tools
 - Firefox
 - OWASP Zap
 - Subdomain-Bruteforce
+- Wfuzz
 
 ### Wordlists
 - FuzzDB
 - PayloadsAllTheThings
 - SecLists
 
 ## Changelog:
+1.2 - May 31 2019
+- Added recommended hardware settings #20
+- Added DomainPasswordSpray https://github.com/dafthack/DomainPasswordSpray #2
+- Added GoBuster https://github.com/OJ/gobuster #39
+- Added Wfuzz https://github.com/xmendez/wfuzz #40
+- Added Notepad++
+- Added TextFX plugin for Notepad++
+- Added Explorer Suite (CFF Explorer)
+
 1.1 - April 30 2019
 - Added AD-Control-Paths https://github.com/ANSSI-FR/AD-control-paths/releases
 - Added DefenderCheck https://github.com/matterpreter/DefenderCheck
@@ -275,10 +297,10 @@ Installed Tools
 - Updated Rubeus package to current version (1.4.2) #31
 
 1.0.2 - April 10 2019
-- Added missing 'seclists.fireeye' package to packages.json
+- Added missing 'seclists.fireeye' package to packages.json #38
 
 1.0.1 - March 31 2019
-- Used https instead of http to install boxstarter
+- Used https instead of http to install boxstarter #10
 
 Legal Notice
 ============
@@ -397,5 +419,8 @@ https://www.yworks.com/products/yed/license.html
 http://www.apache.org/licenses/LICENSE-2.0
 https://github.com/Dionach/NtdsAudit/blob/master/LICENSE
 https://github.com/ANSSI-FR/AD-control-paths/blob/master/LICENSE.txt
-
+https://github.com/OJ/gobuster/blob/master/LICENSE
+https://github.com/xmendez/wfuzz/blob/master/LICENSE
+https://github.com/dafthack/DomainPasswordSpray/blob/master/LICENSE
+https://github.com/nettitude/PoshC2_Python/blob/master/LICENSE
 </pre>
diff --git a/commandovm.win10.config.fireeye/commandovm.win10.config.fireeye.nuspec b/commandovm.win10.config.fireeye/commandovm.win10.config.fireeye.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>commandovm.win10.config.fireeye</id>
-    <version>1.0.0.3</version>
+    <version>1.2.0.0</version>
     <title>CommandoVM</title>
     <authors>Jake Barteaux</authors>
     <description>CommandoVM - Penetration Testing Distribution</description>

diff --git a/commandovm.win10.config.fireeye/tools/readme.txt b/commandovm.win10.config.fireeye/tools/readme.txt
@@ -6,7 +6,7 @@
                \/             \/      \/     \/     \/      \/       
                         C O M P L E T E  M A N D I A N T                    
                              O F F E N S I V E   V M                        
-                                   Version 1.1                                 
+                                   Version 1.2                                 
                _____________________________________________________          
 
                                    Developed by                                
@@ -43,6 +43,15 @@ issues here:
 https://github.com/fireeye/commando-vm
 
 Changelog:
+1.2 - May 31 2019
+- Added recommended hardware settings #20
+- Added DomainPasswordSpray https://github.com/dafthack/DomainPasswordSpray
+- Added GoBuster https://github.com/OJ/gobuster #39
+- Added Wfuzz https://github.com/xmendez/wfuzz #40
+- Added Notepad++
+- Added TextFX plugin for Notepad++
+- Added Explorer Suite (CFF Explorer)
+
 1.1 - April 30 2019
 - Added AD-Control-Paths https://github.com/ANSSI-FR/AD-control-paths/releases
 - Added DefenderCheck https://github.com/matterpreter/DefenderCheck
@@ -54,12 +63,12 @@ Changelog:
 - Fixed issue #18 with PATH 
 - Added Commando Logos with transparent backgrounds to $Home\Pictures
 - Pinned Firefox to Taskbar
-- Fixed misspellings in (this) Readme #42/#43
+- Fixed misspellings in Readme #42/#43
 - Added Ruby and Ruby Devkit #1
 - Updated Rubeus package to current version (1.4.2) #31
 
 1.0.2 - April 10 2019
-- Added missing 'seclists.fireeye' package to packages.json
+- Added missing 'seclists.fireeye' package to packages.json #38
 
 1.0.1 - March 31 2019
-- Used https instead of http to install boxstarter
+- Used https instead of http to install boxstarter #10
diff --git a/commandovm.win10.installer.fireeye/commandovm.win10.installer.fireeye.nuspec b/commandovm.win10.installer.fireeye/commandovm.win10.installer.fireeye.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>commandovm.win10.installer.fireeye</id>
-    <version>1.0.1.4</version>
+    <version>1.2.0.0</version>
     <title>CommandoVM</title>
     <authors>Jake Barteaux</authors>
     <description>CommandoVM - Penetration Testing Distribution</description>

diff --git a/commandovm.win10.installer.fireeye/tools/packages.json b/commandovm.win10.installer.fireeye/tools/packages.json
@@ -71,6 +71,11 @@
         {"name": "apimonitor.fireeye"},
         {"name": "orca.fireeye"},
         {"name": "fiddler.fireeye"},
+        {
+            "name": "notepadplusplus",
+            "args": "--x86"
+        },
+        {"name": "notepadplusplus-textfx.fireeye"},
         {"name": "hxd.fireeye"},
         {
             "name": "metasploit.flare",
@@ -94,14 +99,17 @@
         {"name": "CrackMapExecWin.fireeye"},
         {"name": "demiguise.fireeye"},
         {"name": "DotNetToJScript.fireeye"},
+        {"name": "DomainPasswordSpray.fireeye"},
         {"name": "DSInternals.fireeye"},
         {"name": "Egress-Assess.fireeye"},
-        {"name": "flare-floss.fireeye"},
+        {"name": "explorersuite.flare"},
         {"name": "Exchange-AD-Privesc.fireeye"},
+        {"name": "flare-floss.fireeye"},
         {"name": "fuzzdb.fireeye"},
         {"name": "Generate-Macro.fireeye"},
         {"name": "Get-LAPSPasswords.fireeye"},
         {"name": "Get-ReconInfo.fireeye"},
+        {"name": "GoBuster.fireeye"},
         {"name": "GoFetch.fireeye"},
         {
             "name": "gowitness.fireeye",
@@ -173,13 +181,15 @@
         {"name": "WMIOps.fireeye"},
         {"name": "zBang.fireeye"},
         {"name": "Elite.fireeye"},
+        {"name": "covenant.fireeye"},
         {"name": "ad-control-paths.fireeye"},
         {"name": "defendercheck.fireeye"},
         {"name": "dnsrecon.fireeye"},
         {"name": "EvilClippy.fireeye"},
         {"name": "NtdsAudit.fireeye"},
         {"name": "SharpExec.fireeye"},
         {"name": "subdomain-bruteforce.fireeye"},
+        {"name": "wfuzz.fireeye"},
         {"name": "openvpn.fireeye", "args":"--parameters \'/SELECT_SHORTCUTS=0 /SELECT_LAUNCH=0\'"}
     ]
 }
diff --git a/commandovm.win7.config.fireeye/commandovm.win7.config.fireeye.nuspec b/commandovm.win7.config.fireeye/commandovm.win7.config.fireeye.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>commandovm.win7.config.fireeye</id>
-    <version>1.0.0.3</version>
+    <version>1.2.0.0</version>
     <title>CommandoVM</title>
     <authors>Jake Barteaux</authors>
     <description>CommandoVM - Penetration Testing Distribution</description>

diff --git a/commandovm.win7.config.fireeye/tools/readme.txt b/commandovm.win7.config.fireeye/tools/readme.txt
@@ -6,7 +6,7 @@
                \/             \/      \/     \/     \/      \/       
                         C O M P L E T E  M A N D I A N T                    
                              O F F E N S I V E   V M                        
-                                   Version 1.1                                 
+                                   Version 1.2                                 
                _____________________________________________________          
 
                                    Developed by                                
@@ -43,6 +43,15 @@ issues here:
 https://github.com/fireeye/commando-vm
 
 Changelog:
+1.2 - May 31 2019
+- Added recommended hardware settings #20
+- Added DomainPasswordSpray https://github.com/dafthack/DomainPasswordSpray
+- Added GoBuster https://github.com/OJ/gobuster #39
+- Added Wfuzz https://github.com/xmendez/wfuzz #40
+- Added Notepad++
+- Added TextFX plugin for Notepad++
+- Added Explorer Suite (CFF Explorer)
+
 1.1 - April 30 2019
 - Added AD-Control-Paths https://github.com/ANSSI-FR/AD-control-paths/releases
 - Added DefenderCheck https://github.com/matterpreter/DefenderCheck
@@ -54,12 +63,12 @@ Changelog:
 - Fixed issue #18 with PATH 
 - Added Commando Logos with transparent backgrounds to $Home\Pictures
 - Pinned Firefox to Taskbar
-- Fixed misspellings in (this) Readme #42/#43
+- Fixed misspellings in Readme #42/#43
 - Added Ruby and Ruby Devkit #1
 - Updated Rubeus package to current version (1.4.2) #31
 
 1.0.2 - April 10 2019
-- Added missing 'seclists.fireeye' package to packages.json
+- Added missing 'seclists.fireeye' package to packages.json #38
 
 1.0.1 - March 31 2019
-- Used https instead of http to install boxstarter
+- Used https instead of http to install boxstarter #10
diff --git a/commandovm.win7.installer.fireeye/commandovm.win7.installer.fireeye.nuspec b/commandovm.win7.installer.fireeye/commandovm.win7.installer.fireeye.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>commandovm.win7.installer.fireeye</id>
-    <version>1.0.1.3</version>
+    <version>1.2.0.0</version>
     <title>CommandoVM</title>
     <authors>Jake Barteaux</authors>
     <description>CommandoVM - Penetration Testing Distribution</description>

diff --git a/commandovm.win7.installer.fireeye/tools/packages.json b/commandovm.win7.installer.fireeye/tools/packages.json
@@ -71,6 +71,11 @@
         {"name": "apimonitor.fireeye"},
         {"name": "orca.fireeye"},
         {"name": "fiddler.fireeye"},
+        {
+            "name": "notepadplusplus",
+            "args": "--x86"
+        },
+        {"name": "notepadplusplus-textfx.fireeye"},
         {"name": "hxd.fireeye"},
         {
             "name": "metasploit.flare",
@@ -93,15 +98,18 @@
         {"name": "CrackMapExec.fireeye"},
         {"name": "CrackMapExecWin.fireeye"},
         {"name": "demiguise.fireeye"},
+        {"name": "DomainPasswordSpray.fireeye"},
         {"name": "DotNetToJScript.fireeye"},
         {"name": "DSInternals.fireeye"},
         {"name": "Egress-Assess.fireeye"},
-        {"name": "flare-floss.fireeye"},
+        {"name": "explorersuite.flare"},
         {"name": "Exchange-AD-Privesc.fireeye"},
+        {"name": "flare-floss.fireeye"},
         {"name": "fuzzdb.fireeye"},
         {"name": "Generate-Macro.fireeye"},
         {"name": "Get-LAPSPasswords.fireeye"},
         {"name": "Get-ReconInfo.fireeye"},
+        {"name": "GoBuster.fireeye"},
         {"name": "GoFetch.fireeye"},
         {
             "name": "gowitness.fireeye",
@@ -179,6 +187,7 @@
         {"name": "NtdsAudit.fireeye"},
         {"name": "SharpExec.fireeye"},
         {"name": "subdomain-bruteforce.fireeye"},
+        {"name": "wfuzz.fireeye"},
         {"name": "openvpn.fireeye", "args":"--parameters \'/SELECT_SHORTCUTS=0 /SELECT_LAUNCH=0\'"}
     ]
 }
diff --git a/install.ps1 b/install.ps1
@@ -77,7 +77,7 @@ Write-Host "|        "  -ForegroundColor Red -NoNewline; Write-Host "        \/
 Write-Host "|                       C O M P L E T E  M A N D I A N T                     |" -ForegroundColor Red 
 Write-Host "|                            O F F E N S I V E   V M                         |" -ForegroundColor Red 
 Write-Host "|                                                                            |" -ForegroundColor Red 
-Write-Host "|                                  Version 1.1                               |" -ForegroundColor Red 
+Write-Host "|                                  Version 1.2                               |" -ForegroundColor Red 
 Write-Host "|____________________________________________________________________________|" -ForegroundColor Red 
 Write-Host "|                                                                            |" -ForegroundColor Red 
 Write-Host "|                                  Developed by                              |" -ForegroundColor Red