ThreatBox is a standard and controlled attack platform based on the Linux operating system.
It started as a collection of scripts, was established as a virtual machine, existed as code to build a Linux ISO, and has now been turned into a series of playbooks.
The project is designed to be used as a start-up process for creating, managing and using a standard attack platform for penetration testing.
Details on the idea of a Standard Attack platform can be found in the book Red Team Development and Operations - A Practical Guide, written by Joe Vest and James Tubberville.
Specifications
- Basic tools ansible roles
- Customizations designed to make control easier security
- Variable list to add or remove git repositories, OS packages or modules python. (ancbox.yml)
- Automatic switching of SSH port. Development starts at port 22, but resets the destination system to the desired SSH port using the ansible_port variable in yml
- Download and collect many .net tools (eg SeatBelt.exe from Ghostpack https://github.com/GhostPack/Seatbelt)
- Most pythonprojects were installed using pipenv. Use the pipenv shell in the directory for access. See address https://realpython.com/pipenv-guide/ for instructions for use of pipenv
Snapshots applicationς
Information on installing and using the program, you will find here.