Monitor for linux processes without root permissions.
Tools installed to discovery services running.
Proxy service to send traffic from any browsers and burp suite installed in your local directory.
Popular wordlists installed: SecLists, dirb, dirbuster, fuzzdb, wfuzz and rockyou.
Connection to HTB (Hack the Box) vpn to access HTB machines.
OS, networking, developing and pentesting tools installed.
It would be much easier to use a virtual machine setup like VMWare or VirtualBox or Kali on Windows via WSL2.Īnd, since this is TryHackMe, it's also super easy to just pay the $10/mo and use the cloud-based AttackBox machine through your browser.Docker for Pentest is an image with the more used tools to create an pentest environment easily and quickly. This document seems to describe how to install/use the official Kali docker image - but it doesn't address getting the GUI working. (e.g., you get whatever running in docker, make sure the machine inside docker is running sshd and port 22 is open, then ssh into the docker and use that connection to tunnel X-windows.) Or perhaps it's possible to make X-window connections without SSH by opening the correct ports, I am not an X-windows wizard and this is essentially the edge of what I personally know how to do. It's probably possible with X-windows + SSH, so if you want to do that I'd start with learning how to pass X-windows connections across an SSH link. (It also collects a lot of tools that would be annoying to find one-by-one). Kali is mostly interesting because it provides a GUI to access a lot of tools that would otherwise be command-line only.
0 kommentar(er)
