Hotwax is a script to provision a set of extra pentesting tools onto a Kali Linux machine in a consistent manner.
These instructions will get you a copy of the project up and running on your local machine for deployment AND development purposes.
-
Kali Linux 2019.4 or older. (Presently, will not work on Kali LInux 2020.1 or newer, due to change from default root account configuration to non-root user account configuration. To be fixed in near future.)
-
Git
-
Ansible
apt update -y
apt install -y git ansible
Clone the HOTWAX repository.
cd ~
git clone https://github.com/BrashEndeavours/hotwax
Run the playbook
cd hotwax
ansible-playbook playbook.yml
- Samba 4.10.8 (smbclient,rpcclient,nmblookup - Patched to fix issues with polenum, enum4linux, and restoring smbclient connection output.
- enum4linux - Fix minor parsing issues. Updates temporarily included by BrashEndeavours fork, until PR is merged.
- Arjun - Arjun is an HTTP parameter discovery suite.
- AutoRecon - AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
- BloodHound - Six Degrees of Domain Admin.
- chisel - A fast TCP tunnel over HTTP
- evil-winrm - The ultimate WinRM shell for hacking/pentesting.
- gobuster - Directory/File, DNS and VHost busting tool written in Go
- LinEnum - Local Linux Enumeration & Privilege Escalation Script
- nishang - Framework and collection of scripts and payloads which enables usage of PowerShell for penetration testing.
- One-Lin3r - On demand one-liners that aid in penetration testing operations, privilege escalation and more
- OSCP Exam Report Template - Modified template for the OSCP Exam
- Powerless - A Windows privilege escalation (enumeration) script designed with OSCP labs (i.e. legacy Windows machines without Powershell) in mind.
- PowerSploit - Collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment.
- proxychains-ng - proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained proxychains project.
- pspy - Monitor linux processes without root permissions.
- SecLists - Collection of usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and more.
- sherlock - Find usernames across social networks.
- sshuttle - Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
- webshell - This is a webshell open source project.
- Windows PHP Reverse Shell - Simple php reverse shell implemented using bina- https://github.com/ucki/zauberfeder, based on an webshell.
- XSStrike - Advanced XSS scanner
- zauberfeder - A LaTex reporting template.
- crackmapexec - A swiss army knife for pentesting networks.
- windows-kernel-exploits - Precompiled Windows Exploits.
- exiftool - ExifTool meta information reader/writer. Great for viewing and manipulating exif-data.
- html2text - Convert HTML to clean, easy-to-read plain ASCII text.
- mingw-w64 - GCC for Windows 64 & 32 bits.
- msfpc - MSFvenom Payload Creator (MSFPC)
- wce - A security tool to list logon sessions and add, change, list and delete associated credentials.
- Windows-Exploit-Suggester - This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target.
- pyftpdlib - Extremely fast and scalable Python FTP server library. Spin up FTP Server with a one-liner.
- ssh-os - Nmap Script that identifies Debian, Ubuntu, FreeBSD version based on default SSH banner response.
- empire - Empire is a post-exploitation framework that includes a pure-PowerShell2.0 Windows agent, and a pure Python 2.6/2.7 Linux/OS X agent.
- medusa - Medusa is a speedy, parallel, modular login brute-forcer. Similar to ncrack and Hydra.
Please read CONTRIBUTING.md for details on the code of conduct, and the process for submitting pull requests.
- Blake Mackey (@BrashEndeavours) - Initial work - BrashEndeavours
-
Want your name here? See CONTRIBUTING.md for details.
-
Alec Mather-Shapiro (whoisflynn) - Added AutoRecon, Windows PHP Reverse Shell, and OSCP Exam Template - whoisflynn
-
Richard Lam (richlamdev) - Added crackmapexec, windows-kernel-exploits, exiftool, html2text, mingw-w64, msfpc, wce, windows-exploit-suggester, pyftpdlib, ssh-os.nse, medusa - richhlamdev
- Rebootuser (@rebootuser) - LinEnum
- D4Vinci (@Seekurity) - One-Lin3r
- PowerShellMafia - PowerSploit
- Daniel Miessler - SecLists
- Nikhil "SamratAshok" Mittal - nishang
- Dominic Breuker - pspy
- sherlock-project - sherlock
- Tib3rius - AutoRecon
- Dhayalanb - Windows PHP Reverse Shell
- whoisflynn - OSCP Exam Report Template
- jpillora - chisel
- OJ Reeves - gobuster
- rofl0r - proxychains-ng
- Brian May - sshuttle
- tennc - webshell
- PortcullisLabs - enum4linux
- M4ximuss - Powerless
- Somdev Sangwan - Arjun
- ucki - zauberfeder
- BloodHoundAD - BloodHound
- byt3bl33d3r - crackmapexec
- abatchy17 - WindowsExploits
- exiftol - exiftool
- Alir3z4 - html2text
- mingw-w64 - mingw-w64
- g0tmi1k - msfpc
- ampliasecurity.com - wce
- AonCyberLabs - Windows-Exploit-Suggester
- giampaolo - pyftpdlib
- richlamdev - ssh-os
- harmj0y - empire
- foofus - foofus.net
This project is licensed under the MIT License - see the LICENSE.md file for details