FireEye released Commando VM, the Windows-based security distribution designed for penetration testing and red teaming.
FireEye today released an automated installer called Commando VM (Complete Mandiant Offensive VM), it is an automated installation script that turns a Windows operating system into a hacking system. The installation script works on systems running on a virtual machine (VM) or even on the base system.
“Penetration testers commonly use their own
Commando VM uses Boxstarter, Chocolatey, and MyGet packages to install all software packages, users need at least 60 GB of free hard drive space and 2GB of RAM to use it.
Commando VM automatically installs more than 140 hacking tools, including Nmap, Wireshark, Remote Server Administration Tools, Mimikatz, Burp-Suite, x64db, Metasploit, PowerSploit, Hashcat, and Owasp ZAP.
Experts that want to use Windows OS in penetration testing activities have to manually install hacking tools on Windows, a task that could hide many difficulties for most users.
Commando VM allows downloading additional offensive and red team tools on Windows bypassing security features implemented by Microsoft that flag them as malicious. The installer disables many Windows security features, its execution will leave a system vulnerable for this reason FireEye strongly encourage installing it on a virtual machine.
Commando VM could be installed on Windows 7 Service Pack 1, or Windows 10, in the latter OS it allows to install more features.
One of the authors of the Commando VM explained on Reddit that it top three features are:
“With such versatility, Commando VM aims to be the de facto Windows machine for every penetration tester and
“The versatile tool sets included in Commando VM provide blue teams with the tools necessary to audit their networks and improve their detection capabilities. With a library of offensive tools, it makes it easy for blue teams to keep up with offensive tooling and attack trends.”
Commando VM is available for download on Github, below step by step guide to install it:
“We believe this distribution will become the standard tool for penetration testers and look forward to continued improvement and development of the Windows attack platform.” concluded FireEye.
(SecurityAffairs – Commando VM, hacking)