Created
February 3, 2022 13:39
-
-
Save BaffledJimmy/4a529d9a9a887498dd9841554b2c516c to your computer and use it in GitHub Desktop.
Revisions
-
BaffledJimmy created this gist
Feb 3, 2022 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,324 @@ #+++ # NOTES: # * This does currently run ‘ok’ as a sh script. Lots still to do obvs... # * Run as kali *USER* - SUDO is coded where necessary. Don’t run as ROOT. # # * Please add new ‘stuff’ to the bottom of the script. # # * I suggest we do this script as a GIST for now… # * ...so we can “$ curl -sL <URL> | bash” (and easier to edit/read)? [SE9875] # # CONSTRAINTS: # * This install script will be run when building the live image. # * It cannot be assumed that the install script can be run on a live task. # * If a tool is required to be installed then it must also be preconfigured during the install. # * Most things are configured during the script. The exceptions are PoshC2 and Impacket, the commands required are in HOW_TO_USE.txt in the respective folder. #--- # https://www.theurbanpenguin.com/using-color-in-your-bash-scripts-with-echo/ export red="\033[1;31m" export green="\033[1;32m" export yellow="\033[1;33m" export blue="\033[1;34m" export purple="\033[1;35m" export cyan="\033[1;36m" export grey="\033[0;37m" export reset="\033[m" echo ${yellow}' ____ _ _ _ _____ _ _ ___ __ | _ \ (_) | | | / ____| (_) | | / _ \/_ | | |_) |_ _ _| | __| | | (___ ___ _ __ _ _ __ | |_ __ _| | | || | | _ <| | | | | |/ _` | \___ \ / __| '\_\_\| \| '_ \| __| \ \ / / | | || | | |_) | |_| | | | (_| | ____) | (__| | | | |_) | |_ \ V /| |_| || | |____/ \__,_|_|_|\__,_| |_____/ \___|_| |_| .__/ \__| \_/ \___(_)_| | | |_| ' #echo “Changing into /opt directory to install all tools” # Clean directory under home folder to run install from: echo ${blue}'###' echo ${blue}INFO: Creating new directory in home directory for tools to be downloaded. echo ${blue}'###' mkdir ~/tools BUILD_DIR=~/tools cd $BUILD_DIR echo ${blue}'###' echo ${blue}INFO: Updating OS and Kernel. echo ${blue}'###'${red} # Update current distro 1st and clean up # May need a reboot after this if the kernel has changed? [SE9875] sudo sh -c "DEBIAN_FRONTEND=noninteractive apt update && apt --yes dist-upgrade && apt purge && apt --yes autoremove" echo ${blue}'###' echo ${blue}INFO: Installing apt packages. echo ${blue}'###'${reset} # APT packages to install sudo sh -c "DEBIAN_FRONTEND=noninteractive apt install --yes ansible software-properties-common terminator bloodhound neo4j mingw-w64 wpscan figlet sshuttle ca-certificates curl apt-transport-https lsb-release gnupg amass powershell golang cme npm nodejs python3-pip" echo ${green}'###' echo ${green}SUCCESS: APT packages installed. echo ${green}'###'${reset} echo 'ansible software-properties-common terminator bloodhound neo4j mingw-w64 wpscan figlet sshuttle ca-certificates curl apt-transport-https lsb-release gnupg amass powershell golang cme npm nodejs python3-pip' > PACKAGES_INSTALLED_VIA_APT.txt # NPM sudo npm install -g npm echo ${blue}'###' echo ${blue}INFO: Installing pip. echo ${blue}'###'${reset} # Latest PIP curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py python3 get-pip.py rm get-pip.py echo ${green}'###' echo ${green}SUCCESS: Pip installed. echo ${green}'###'${reset} echo ${blue}'###' echo ${blue}INFO: Beginning large silent git clone of tooling. echo ${blue}'###'${reset} # Yes this could easily be wrapped in a loop, it is deliberately like this to make diffing / tracking / updating easier :) # ChangeMe (default creds checker) git clone -q https://github.com/ztgrace/changeme.git # Default Creds CheatSheet git clone -q https://github.com/ihebski/DefaultCreds-cheat-sheet.git # Donut Shellcode pip3 install donut-shellcode # WebRequest git clone -q https://github.com/BloodHoundAD/BloodHound # ODAT / Oracle git clone -q https://github.com/quentinhardy/odat # Unicorn git clone -q https://github.com/trustedsec/unicorn.git # Payload all the things git clone -q https://github.com/rvrsh3ll/PayloadsAllTheThings.git # WinPeas / LinPeas git clone -q https://github.com/carlospolop/PEASS-ng.git # HackTricks Guide git clone -q https://github.com/carlospolop/hacktricks.git # Hacker Recipes git clone -q https://github.com/ShutdownRepo/The-Hacker-Recipes.git # Cisco-snmp-enumeration git clone -q https://github.com/nccgroup/cisco-SNMP-enumeration.git # Icmpsh git clone -q https://github.com/bdamele/icmpsh.git # Hans git clone -q https://github.com/albertzak/hanstunnel.git # Ntlm-scanner git clone -q https://github.com/preempt/ntlm-scanner.git # Ntlm-v1-multi git clone -q https://github.com/evilmog/ntlmv1-multi.git # Responder git clone -q https://github.com/lgandx/Responder.git # SharpCollection git clone -q https://github.com/Flangvik/SharpCollection.git # SecureCRT-Decrypt git clone -q https://github.com/HyperSine/how-does-SecureCRT-encrypt-password.git # Prowler AWS git clone -q https://github.com/toniblyx/prowler.git # AWS Benchmarks # Useful reference: https://github.com/toniblyx/my-arsenal-of-aws-security-tools git clone -q https://github.com/amazon-archives/aws-security-benchmark.git # LDAPSigning Scanner git clone -q https://github.com/GoSecure/ldap-scanner.git # WSUS Exploitation git clone -q https://github.com/pimps/wsuxploit.git # Ctfr git clone -q https://github.com/UnaPibaGeek/ctfr.git # Cisco Phone CredHarvest git clone -q https://github.com/trustedsec/SeeYouCM-Thief.git # AzureCLI via PIP # https://github.com/Azure/azure-cli/issues/19369 pip install azure-cli # RoadTools for AzureAAD pip install roadrecon echo ${green}'###' echo ${green}SUCCESS: Git cloning complete. echo ${green}'###'${reset} echo ${blue}'###' echo ${blue}INFO: Beginning config of tools that have post-clone steps. echo ${blue}'###' # *** THINGS THAT NEED BUILDING *** echo ${blue}'###' echo ${blue}'INFO: Installing any dependencies' echo ${yellow}'Check HOW_TO_USE.txt / README.md in a tool repo if it requires additional config steps or to get up and running eg Impacket / PoshC2' echo ${blue}'###'${reset} # CloudSploit git clone -q https://github.com/aquasecurity/cloudsploit.git echo 'cd cloudsploit && npm install' >> ./cloudsploit/HOW_TO_USE.txt cd cloudsploit && npm install npm audit fix cd $BUILD_DIR # Routersploit git clone -q https://github.com/threat9/routersploit.git echo 'cd routersploit && python3 -m pip install -r requirements.txt' > ./routersploit/HOW_TO_USE.txt cd routersploit && python3 -m pip install -r requirements.txt cd $BUILD_DIR # Scoutsuite git clone -q https://github.com/nccgroup/ScoutSuite.git echo 'virtualenv -p python3 venv source venv/bin/activate pip install scoutsuite scout --help' >> ./ScoutSuite/HOW_TO_USE.txt # SecLists git clone -q https://github.com/danielmiessler/SecLists.git # CloudSplaining git clone -q https://github.com/salesforce/cloudsplaining.git cd cloudsplaining && pip3 install --user cloudsplaining echo 'cd cloudsplaining && pip3 install --user cloudsplaining' >> ./cloudsplaining/HOW_TO_USE.txt cd $BUILD_DIR # PACU git clone -q https://github.com/RhinoSecurityLabs/pacu.git cd pacu && pip3 install -U pip && pip3 install -U pacu echo 'cd pacu && pip3 install -U pip && pip3 install -U pacu' >> ./pacu/HOW_TO_USE.txt cd $BUILD_DIR # CarbonCopy git clone -q https://github.com/paranoidninja/CarbonCopy.git sudo sh -c "DEBIAN_FRONTEND=noninteractive apt install --yes osslsigncode" pip3 install pyopenssl # AADInternals git clone -q https://github.com/Gerenios/AADInternals.git # Azure Token Tactics git clone -q https://github.com/rvrsh3ll/TokenTactics.git # CredNinja git clone -q https://github.com/Raikia/CredNinja.git # DInjector git clone -q https://github.com/snovvcrash/DInjector.git # Donut # Req’s msbuild for Windows git clone -q https://github.com/TheWover/donut.git # Hashcat curl -O https://hashcat.net/files/hashcat-6.2.5.7z # Hashcat / Corporate-Masks git clone -q https://github.com/golem445/Corporate_Masks.git # Hashcat / NSA Dive2 git clone -q https://github.com/NSAKEY/nsa-rules.git # Password Wordlists git clone -q https://github.com/berzerk0/Probable-Wordlists.git # WinPwnage git clone -q https://github.com/rootm0s/WinPwnage.git # WinPwn git clone -q https://github.com/S3cur3Th1sSh1t/WinPwn.git # Impacket [ERRORS] # TODO: This appears to hang after creating virtual environment [SE9875] git clone -q https://github.com/SecureAuthCorp/impacket.git echo 'cd impacket && python3 -m pip install .' ./impacket/HOW_TO_USE.txt # Poshc2 # Mainly for resources dir git clone -q https://github.com/nettitude/PoshC2.git #cd PoshC2 && sudo ./Install.sh echo 'cd PoshC2 && sudo ./Install.sh' >> ./PoshC2/HOW_TO_USE.txt echo echo ${green}'###' echo echo ${green}'SUCCESS: Linux tooling installed into your home directory' echo echo ${green}'###'${reset} exit # exiting here because rest is Windows and shared directory isn't configured yet. ############ Needs shared folder configuring ############ echo ${blue}'###' echo ${blue}'INFO: Changing to a shared directory with the Host OS now to clone Windows tooling' echo ${blue}'INFO: Powershell on Linux is also installed and the Windows tools are also installed into your Linux home directory (intentionally duplicated)' echo ${blue}'###'${reset} cd /mnt/hgfs/Shared # AADInternals git clone -q https://github.com/Gerenios/AADInternals.git # Azure Token Tactics git clone -q https://github.com/rvrsh3ll/TokenTactics.git # CredNinja git clone -q https://github.com/Raikia/CredNinja.git # DInjector git clone -q https://github.com/snovvcrash/DInjector.git # Donut # Req’s msbuild for Windows git clone -q https://github.com/TheWover/donut.git # Hashcat curl -O https://hashcat.net/files/hashcat-6.2.5.7z # Hashcat / Corporate-Masks git clone -q https://github.com/golem445/Corporate_Masks.git # Hashcat / NSA Dive2 git clone -q https://github.com/NSAKEY/nsa-rules.git # Password Wordlists git clone -q https://github.com/berzerk0/Probable-Wordlists.git # WinPwnage git clone -q https://github.com/rootm0s/WinPwnage.git # WinPwn git clone -q https://github.com/S3cur3Th1sSh1t/WinPwn.git echo ${green}'###' echo ${green}'SUCCESS: Tooling cloned to a shared directory C:\Shared in your Host OS' echo ${green}'###'${reset}