FireEye today released Commando VM, a first of its kind Windows-based security distribution for penetration testing and red teaming.
When it comes to the best-operating systems for hackers, Kali Linux is always the first choice for penetration testers and ethical hackers.
However, Kali is a Linux-based distribution, and using Linux without learning some basics is not everyone’s cup of tea as like Windows or macOS operating systems.
Moreover, if you are wondering why there is no popular Windows-based operating system for hackers? First, because Windows is not open-source and second, manually installing penetration testing tools on Windows is pretty problematic for most users.
To help researchers and cyber security enthusiasts, cybersecurity firm FireEye today released virtual machine (VM) based installer for Commando VM—a customized Windows-based distribution that comes pre-installed with useful penetration testing tools, just like Kali Linux.
“Penetration testers commonly use their own variants of Windows machines when assessing Active Directory environments,” FireEye says. “Commando VM was designed specifically to be the go-to platform for performing these internal penetration tests.”
The release 1.0 includes two different VM images, one based upon Windows 7 and another Windows 10.
Both Commando VMs include more than 140 tools, including Nmap, Wireshark, Remote Server Administration Tools, Mimikatz, Burp-Suite, x64db, Metasploit, PowerSploit, Hashcat, and Owasp ZAP, pre-configured for a smooth working environment.
According to one of the authors of Commando VMs, the following are the top three features of the tool that make it more interesting:
- Native Windows protocol support (SMB, PowerShell, RSAT, Sysinternals, etc.)
- Organized toolsets (Tools folder on the desktop with Info Gathering, Exploitation, Password Attacks, etc.)
- Windows-based C2 frameworks like Covenant (dotnet) and PoshC2 (PowerShell)
“With such versatility, Commando VM aims to be the de facto Windows machine for every penetration tester and red teamer,” FireEye says.
“The versatile tool sets included in Commando VM provide blue teams with the tools necessary to audit their networks and improve their detection capabilities. With a library of offensive tools, it makes it easy for blue teams to keep up with offensive tooling and attack trends.”
According to FireEye, Commando VM also uses Boxstarter, Chocolatey, and MyGet packages to install all software packages. Running a single command will automatically update all your installed hacking software on Commando VM.
To use this on your Windows computer, you need at least 60 GB of free hard drive space, 2GB of RAM and a virtual machine software, like VMware or Oracle VirtualBox installed on your system.
Installing Commando VM is pretty easy. Just download the Commando VM, decompress it and then execute the PowerShell script available in the package to complete the installation.
The remaining installation process will be done automatically, which may take between 2 to 3 hours to finish depending upon your Internet speed.
“The VM will reboot multiple times due to the numerous software installation requirements,” FireEye says. “Once the installation completes, the PowerShell prompt remains open waiting for you to hit any key before exiting.”
After the completion of the installation process, you’ll be presented with Commando VM, and all you need to do is reboot your machine to ensure the final configuration changes take effect.
In recent years, we have been asked by a number of our readers to list some of the best Windows-based operating systems for penetration testing. Commando VM is the first, and now I believe we will have more to this list really soon.
The information contained in this website is for general information purposes only. The information is gathered from The Hacker News while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.
Through this website, you are able to link to other websites which are not under the control of CSIRT-CY. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.
Every effort is made to keep the website up and running smoothly. However, CSIRT-CY takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.