Locked ThreatBox - A Standard And Controlled Linux Based Attack Platform

[itsMe]

This is the hidden content, please

• Sign In
• or
• Sign Up

ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code to build a Linux ISO, and has now been converted to a set of ansible playbooks. Why Ansible? Why not? This seemed a natural evolution.

Features

    Standard tools defined as ansible roles
    Customizations designed to make security testing easier
    Variable list to add or remove git repositories, OS packages, or python modules. (threatbox.yml)
    Version tracking of the deployed instance version and the deploy tool version. This is helpful it meeting compliance rules and can help minimize fear by actively tracking all tools.
        Threatbox version created at deployment and displayed in desktop wallpaper
        Deployed software tracked in ~/Desktop/readme
    SSH port auto-switching. The deployment starts on port 22, but reconfigures the target system to the desired SSH port using the ansible_port variable in threatbox.yml
    Download and compile several .net toolkits (i.e. SeatBelt.exe from Ghostpack https://github.com/GhostPack/Seatbelt)
    Most python projects installed using pipenv. Use pipenv shell in the project directory to access. See https://realpython.com/pipenv-guide/ for pipenv usage guidance

This is the hidden content, please

• Sign In
• or
• Sign Up