Skip to content

Sean-Brown/pentest-env

BranchesTags
 
 

Repository files navigation

Pentest Environment Deployer | Build Status

This repo provides an easy way to deploy a clean pentesting environment with Kali linux using vagrant and virtualbox.

Requirements

I assume you are familiar with virtualbox and vagrant.

Latest pentest-env release is tested with:

  • Virtualbox (5.0.24)
  • Vagrant (1.8.5)

Current box

Kali 2016.2

Box SHA256
Kali 2016.2 4c04e28c4fb7b6601cb838fba753af4cffb3ea2f0a9aa4c13f834cabd7e353cb
Kali 2016.2-light 5d455bf1cf8d7b2b4f3be7c4b3cc43152ae5cfe09eaf4aaf30ac112aa6bd3b40
Kali 2016.2-lxde d7d534c329d43b6df9b294eeb558f8346b20d9334ef037f4c0360ed2acfeaab6
Kali 2016.2-xfce 4b597aa7ad31179ecad882e80074945155e0017fb465db6474e553f58728486e
Kali 2016.2-mate 5f1e06f18714d78dc0310f188bb0a10283c5d257e3d640c1399fa556fe681355
Kali 2016.2-e17 980c7402bbb8f7c3adafb0544db8430addda4c68918c1756ac031ab333faf66b

See the documentation page about boxes for more details.

Getting started

To get started with pentest-env, clone this repository and run vagrant up inside the directory. This will download and run the Kali instance.

You can customize, add targets, create new targets etc.. inside pentest-env. Some examples are available in the examples/ directory, to use one simply set the PENTESTRC environment variable:

> PENTESTRC=examples/ctf.pentestrc vagrant status
Current machine states:

kali                      running (virtualbox)
metasploitable2           not created (virtualbox)
primer                    not created (virtualbox)

This environment represents multiple VMs. The VMs are all listed
above with their current state. For more information about a specific
VM, run `vagrant status NAME`.

For more details, visit the documentation pages:

  1. Installation
  2. Usage
  3. Docker
  4. Openstack
  5. Customizations
  6. Instances
  7. Targets
  8. Write custom instances and targets
  9. Debugging
  10. About boxes
  11. Known issues

About Security

verify checksums

It's recommended to check downloaded box files with provided checksums (SHA256): http://box.hackbbs.org/checksums.txt

sshd is running

Provided boxes run the sshd service. So if you plan to run the Kali linux with a Bridged interface, default setup can be dangerous!

  • root password of kali is toor.
  • SSH private key is not private! Anyone can use this key to connect to your instance.
  • The Kali linux 1.0 box added a vagrant user with password tnargav and is in sudoers with no password required.

License

See COPYING file

About

Pentest environment (kali linux) deployer using vagrant and chef.

sliim.github.io/pentest-env/

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

15 tags

Packages

 
 
 

Contributors

Languages

  • Ruby 95.2%
  • Shell 4.8%