ThreatBox is a standard and controlled attack platform based on the Linux operating system.
It started as a collection of scripts, established itself as a virtual machine, existed as codes for building a Linux ISO, and has now turned into a series of playbooks.
The project is designed to be used as a starter process for creating, management and using a standard attack platform for penetration testing.
Details for the idea of a Standard platform Attack can be found in the book Red Team Development and Operations – A Practical Guide, written by Joe Vest and James Tubberville.
Specifications
- Basic tools ansible roles
- Adjustments designed to facilitate security screening
- Variable list for adding or removing git repositories, operating system packages, or python drives. (ancbox.yml)
- Automatic switching of SSH port. Development starts at port 22, but resets the destination system to the desired SSH port using the ansible_port variable in yml
- Download and collect many .net tools (eg SeatBelt.exe from Ghostpack https://github.com/GhostPack/Seatbelt)
- Most pythonprojects were installed using pipenv. Use the pipenv shell in the directory to access. See address https://realpython.com/pipenv-guide/ for instructions for use of pipenv
Application snapshots
Information about the installation and use of the prelettertos, you will find here.