A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources to make Ubuntu 20.04 capable of both offensive and defensive security work.

Related tags

Security related resourcesinfosec-fortress
Overview

infosec-fortress

A python script to turn Ubuntu Desktop into a strong DFIR/RE System with some teeth (Purple Team Ops)! This is intended to create a single linux VM (or bare metal) very capable in Digital Forensics, Incident Response, Reverse Engineering and Penetration Testing. Daily drivers can be InfoSec War Machines as well! At a minimum it is working towards reducing the number of VM's needed for folks doing Forensics, Threat Hunting, Web App Assessments and Penetration testing along the way.

Requirements:

  • Written for Ubuntu 20.04. It should be easily modifiable for other versions and distributions.
  • python3
  • git
  • root privileges
  • Approx. 22 Gigs of free space

sudo apt install python3 git

Steps to run

  1. Review the script. No changes needed to get started.
  2. (optional) Check list of packages, add, or take away etc.
  3. Clone this repository git clone https://github.com/ED-209-MK7/infosec-fortress.git
  4. Run the script as sudo/root. sudo python3 ./infosec-fortress/build-fortress.py
  5. (semi-optional) Go make a sandwhich. It takes a long time.
  6. Be Prepared to answer some prompts along the way (not many)

This script will make /opt/infosec-fortress. This directory will contain build logs and an update script.

What Goes into the Fortress?

  1. REMnux Reverse Engineering platform
  2. SIFT Incident Response Platform
  3. Metasploit Framework
  4. Kali's Wordlists plus more
  5. Kali's Collection of Webshells
  6. Kali's Windows Binaries/Resources
  7. The latest bloodhound
  8. Enum4Linux and Enum4linux-ng

Notable tools

DFIR Tools

  • Log2Timeline (Plaso)
  • RegRipper
  • msg converter

RE Tools

  • Ghidra (Pronounced Ghee-druh (like geek wihtout the k + druh))
  • radare2
  • binwalk
  • look and feel of REMnux (CLI Color Highlighting for filetype)

Network tools

  • snort
  • tcpdump
  • wireshark
  • tshark
  • ngrep

Security Assessment (PenTest Tools)

  • Metasploit Framework
  • Burp Suite
  • Zap
  • nmap
  • masscan
  • Hashcat
  • John
  • Hydra
  • Medusa
  • smbclient /rpcclient
  • sqlmap
  • netcat-traditional
  • air-crack-ng
  • kismet

Other

  • VS Code
  • Powershell Core

And more...

To-Do's

  • add Zeek
  • add RITA
  • add SiLK
  • add a dir containing pre-made host enumeration scripts
  • add DPAT (domain password auditing tool)?
  • SRUM Dump.py (does it work on Ubuntu?)
  • Responder symlink
  • add secretsdump.py (might be there already)
  • add bettercap
  • add Empyre? or similar
  • add spider foot community edition
  • add Recon-NG
  • add Maltego
  • test Erik Zimmermans tools in wine
  • add a folder in /usr/share/? packed with SANS Posters
Owner
James
Information Security Professional. Twitter Handle: @DFIRmadness
James
GitHub Repository
DNS hijacking via dead records automation tool

DeadDNS Multi-threaded DNS hijacking via dead records automation tool How it works 1) Dig provided subdomains file for dead DNS records. 2) Dig the fo

45 Dec 20, 2022
Tools for investigating Log4j CVE-2021-44228

Log4jTools Tools for investigating Log4j CVE-2021-44228 FetchPayload.py (Get java payload from ldap path provided in JNDI lookup). Example command: Re

MalwareTech 91 Dec 29, 2022
Malware for Discord, designed to steal passwords, tokens, and inject discord folders for long-term use.

Vital What is Vital? Vital is malware primarily used to collect and extract information from the Discord desktop client. While it has other features (

HellSec 59 Dec 01, 2022
Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT.

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT. This repository includes tools and documentation for the Cryptick device.

1 Dec 31, 2021
Spring4Shell - Spring Core RCE - CVE-2022-22965

Spring Core RCE - CVE-2022-22965 After Spring Cloud, on March 29, another heavyweight vulnerability of Spring broke out on the Internet: Spring Core R

Malte Gejr 118 Dec 31, 2022
Python tool for enumerating directories and for fuzzing

Python tool for enumerating directories and for fuzzing

Gourab Roy 5 Feb 21, 2022
the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability

CVE-2021-22005-metasploit the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability pr

Taroballz 25 Nov 15, 2022
edgedressing leverages a Windows "feature" in order to force a target's Edge browser to open. This browser is then directed to a URL of choice.

edgedressing One day while experimenting with airpwn-ng, I noticed unexpected GET requests on the target node. The node in question happened to be a W

stryngs 43 Dec 23, 2022
PyPasser is a Python library for bypassing reCaptchaV3 only by sending 2 requests.

PyPasser is a Python library for bypassing reCaptchaV3 only by sending 2 requests. In 1st request, gets token of captcha and in 2nd request,

253 Jan 05, 2023
Phishing-Crack tools to punish friends

Phishing-Crack Phishing Tool Version 1.0.0 Created By temirovazat A Phishing Tool With PHP and Python3 Features Fake Instagram Phishing Page Fake Face

3 Oct 04, 2022
This enforces signatures for CVE-2021-44228 across all policies on a BIG-IP ASM device

f5-waf-enforce-sigs-CVE-2021-44228 This enforces signatures for CVE-2021-44228 across all policies on a BIG-IP ASM device Overview This script enforce

Ismael Gonçalves 5 Mar 31, 2022
A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more

Duc Linh Nguyen 4 Aug 08, 2022
A Modified version of TCC's Osprey poc framework......

fierce-fish fierce-fish是由TCC(斗象能力中心)出品并维护的开源漏洞检测框架osprey的改写,去掉臃肿功能的精简版本poc框架 PS:真的用不惯其它臃肿的功能,不过作为一个收集漏洞poc && exp的框架还是非常不错的!!! osprey For beginners fr

lUc1f3r11 10 Dec 30, 2022
BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.

Follow us on Twitter! BoobSnail BoobSnail allows generating XLM (Excel 4.0) macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro gen

STM Cyber 232 Nov 21, 2022
MVT is a forensic tool to look for signs of infection in smartphone devices

Mobile Verification Toolkit Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic

8.3k Jan 08, 2023
MS-FSRVP coercion abuse PoC

ShadowCoerce MS-FSRVP coercion abuse PoC Credits: Gilles LIONEL (a.k.a. Topotam)

Shutdown 219 Dec 28, 2022
CloudFlare reconnaissance, tries to uncover the IP behind CF.

CloudFlare reconnaissance, tries to uncover the IP behind CF.

Neospace 8 Dec 03, 2021
Metasploit Multi Purpose Exploiting Toolkit For Termux

MSF-EXPLOIT MSF-ANDRO is a Metasploit Multi Purpose Exploiting Toolkit For Termux . Only a Basic Script , Still in Development . FEATURES : Install Me

Mr.X 22 Dec 29, 2022
A GitHub action for organizations that enables advanced security code scanning on all new repos

Advanced-Security-Enforcer What this repository does This code is for an active GitHub Action written in Python to check (on a schedule) for new repos

Zack Koppert 30 May 17, 2022
Files related to PoC||GTFO 21:21 - NSA’s Backdoor of the PX1000-Cr

Files related to PoC||GTFO 21:21 - NSA’s Backdoor of the PX1000-Cr 64bit2key.py

Stefan Marsiske 15 Nov 26, 2022