A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources to make Ubuntu 20.04 capable of both offensive and defensive security work.

Related tags

Security related resourcesinfosec-fortress
Overview

infosec-fortress

A python script to turn Ubuntu Desktop into a strong DFIR/RE System with some teeth (Purple Team Ops)! This is intended to create a single linux VM (or bare metal) very capable in Digital Forensics, Incident Response, Reverse Engineering and Penetration Testing. Daily drivers can be InfoSec War Machines as well! At a minimum it is working towards reducing the number of VM's needed for folks doing Forensics, Threat Hunting, Web App Assessments and Penetration testing along the way.

Requirements:

  • Written for Ubuntu 20.04. It should be easily modifiable for other versions and distributions.
  • python3
  • git
  • root privileges
  • Approx. 22 Gigs of free space

sudo apt install python3 git

Steps to run

  1. Review the script. No changes needed to get started.
  2. (optional) Check list of packages, add, or take away etc.
  3. Clone this repository git clone https://github.com/ED-209-MK7/infosec-fortress.git
  4. Run the script as sudo/root. sudo python3 ./infosec-fortress/build-fortress.py
  5. (semi-optional) Go make a sandwhich. It takes a long time.
  6. Be Prepared to answer some prompts along the way (not many)

This script will make /opt/infosec-fortress. This directory will contain build logs and an update script.

What Goes into the Fortress?

  1. REMnux Reverse Engineering platform
  2. SIFT Incident Response Platform
  3. Metasploit Framework
  4. Kali's Wordlists plus more
  5. Kali's Collection of Webshells
  6. Kali's Windows Binaries/Resources
  7. The latest bloodhound
  8. Enum4Linux and Enum4linux-ng

Notable tools

DFIR Tools

  • Log2Timeline (Plaso)
  • RegRipper
  • msg converter

RE Tools

  • Ghidra (Pronounced Ghee-druh (like geek wihtout the k + druh))
  • radare2
  • binwalk
  • look and feel of REMnux (CLI Color Highlighting for filetype)

Network tools

  • snort
  • tcpdump
  • wireshark
  • tshark
  • ngrep

Security Assessment (PenTest Tools)

  • Metasploit Framework
  • Burp Suite
  • Zap
  • nmap
  • masscan
  • Hashcat
  • John
  • Hydra
  • Medusa
  • smbclient /rpcclient
  • sqlmap
  • netcat-traditional
  • air-crack-ng
  • kismet

Other

  • VS Code
  • Powershell Core

And more...

To-Do's

  • add Zeek
  • add RITA
  • add SiLK
  • add a dir containing pre-made host enumeration scripts
  • add DPAT (domain password auditing tool)?
  • SRUM Dump.py (does it work on Ubuntu?)
  • Responder symlink
  • add secretsdump.py (might be there already)
  • add bettercap
  • add Empyre? or similar
  • add spider foot community edition
  • add Recon-NG
  • add Maltego
  • test Erik Zimmermans tools in wine
  • add a folder in /usr/share/? packed with SANS Posters
Owner
James
Information Security Professional. Twitter Handle: @DFIRmadness
James
GitHub Repository
Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more.

Log4jHorizon Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. BLOG COMING SOON Code and README.md this time around are

96 Dec 14, 2022
Simplify getting and using cookies from the browser to use in Python.

CookieCache Simplify getting and using cookies from the browser to use in Python. NOTE: All the logic to interface with the browsers is done by the Br

pat_h/to/file 2 May 06, 2022
Receive notifications/alerts on the most recent disclosed CVE's.

Receive notifications on the most recent disclosed CVE's.

Ameliorate 7 Nov 24, 2022
Spring-0day/CVE-2022-22965

CVE-2022-22965 Spring Framework/CVE-2022-22965 Vulnerability ID: CVE-2022-22965/CNVD-2022-23942/QVD-2022-1691 Reproduce the vulnerability docker pull

iak 4 Apr 05, 2022
the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability

CVE-2021-22005-metasploit the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability pr

Taroballz 25 Nov 15, 2022
wsvuls - website vulnerability scanner detect issues [ outdated server software and insecure HTTP headers.]

WSVuls Website vulnerability scanner detect issues [ outdated server software and insecure HTTP headers.] What's WSVuls? WSVuls is a simple and powerf

Anouar Ben Saad 47 Sep 22, 2022
Official repository for Pyew.

pyew Pyew is a (command line) python tool to analyse malware. It does have support for hexadecimal viewing, disassembly (Intel 16, 32 and 64 bits), PE

Joxean 362 Nov 28, 2022
Safe Policy Optimization with Local Features

Safe Policy Optimization with Local Feature (SPO-LF) This is the source-code for implementing the algorithms in the paper "Safe Policy Optimization wi

Akifumi Wachi 6 Jun 05, 2022
A knockoff social-engineer toolkit

The Python SE Dopp Kit is a social engineering toolkit with many purposes. It contains 5 different modules designed to be of assistance in different s

48 Nov 26, 2022
将hw时信息收集以及简单的漏洞操作步骤简单化

Braised-vegetables 将hw时信息收集以及简单的漏洞扫描操作步骤简单化 使用subfinder(被动子域名爆破收集) subdomain(主动域名爆破) nabbu(端口扫描) httpx(探测目录浏览) crawlergo(360深度爬虫) chorme(谷歌浏览器) xray(漏

19 Nov 15, 2022
CVE-2021-43936 is a critical vulnerability (CVSS3 10.0) leading to Remote Code Execution (RCE) in WebHMI Firmware.

CVE-2021-43936 CVE-2021-43936 is a critical vulnerability (CVSS3 10.0) leading to Remote Code Execution (RCE) in WebHMI Firmware. This vulnerability w

Jeremiasz Pluta 8 Jul 05, 2022
This is a simple tool to create ZIP payloads using a provided wordlist for the symlink attack (present in some file upload vulnerabilities)

zip-symlink-payload-creator This is a simple tool to create ZIP payloads using a provided wordlist for the symlink attack (present in some file upload

stark0de 6 Aug 18, 2022
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

RedTeam Toolkit Note: Only legal activities should be conducted with this project. Red Team Toolkit is an Open-Source Django Offensive Web-App contain

Mohammadreza Sarayloo 382 Jan 01, 2023
Internationalized Domain Names for Python (IDNA 2008 and UTS #46)

Internationalized Domain Names in Applications (IDNA) Support for the Internationalised Domain Names in Applications (IDNA) protocol as specified in R

Kim Davies 204 Dec 13, 2022
Python tool for enumerating directories and for fuzzing

Python tool for enumerating directories and for fuzzing

Gourab Roy 5 Feb 21, 2022
hackinsta: a program to hack instagram

hackinsta a program to hack instagram Yokoback_(instahack) is the file to open, you need libraries write on import. You run that file in the same fold

1 Dec 04, 2021
PrivateRoom - Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin

privateRoom Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin STEPS: Uploa

Divyanshu Kumar 3 Nov 08, 2022
CVE-2021-26084 Remote Code Execution on Confluence Servers

CVE-2021-26084 CVE-2021-26084 Remote Code Execution on Confluence Servers. Dork Fofa: app="ATLASSIAN-Confluence" Usage Show help information. python P

FQ Hsu 63 Dec 30, 2022
log4j-tools: CVE-2021-44228 poses a serious threat to a wide range of Java-based applications

log4j-tools Quick links Click to find: Inclusions of log4j2 in compiled code Calls to log4j2 in compiled code Calls to log4j2 in source code Overview

JFrog Ltd. 171 Dec 25, 2022
Proof of Concept Exploit for vCenter CVE-2021-21972

CVE-2021-21972 Proof of Concept Exploit for vCenter CVE-2021-21972

Horizon 3 AI Inc 210 Dec 31, 2022