Threat Pursuit Virtual Machine (VM): A fully customizable, open source Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as bug hunters to operate quickly.
System requirements
- Windows 10 1903
- 120+ GB Hard Drive
- 8+ GB of RAM
- 1 network adapter
- 1024mb Graphics Card Memory
- Enable Virtualization support for VMs (Required for Docker)
Installation Guide
-
Create and configure a new Windows virtual machine
-
Make sure the VM is fully updated. You may need to check for updates, restart and check again
-
Take a snapshot of your machine!
-
Download and copy install.ps1 to your recently configured machine.
-
Open it PowerShell as an administrator
-
Uninstall the installation file by running Unblock-File. \\ Install.ps1
-
Enable implementation script by running Set-ExecutionPolicy Unrestricted -f
-
Finally, run the installer script as follows :. \\ Install.ps1
Installed programs
Development, Analytics and Machine Learning
- Shogun
- Tensorflow
- Pytorch
- Rstudio
- RTools
- Darwin
- Hard
- Apache Spark
- Elasticsearch
- kibana
- Apache Zeppelin
- Jupyter Notebook
- MITER Caret
- Python (x64)
visualization
- Constellation
- Neo4J
- CMAP
Triage, Modeling & Hunting
- MISP
- OpenCTI
- Maltego
- Splunk
- Microsoft MSTIC Jupyter and Python Security Tools
- MITRE ATT & CK Navigator
- Cortex Analyzer
- Greynoise API and GNQL
- threatcrowd API
- threatcmd
- ViperMonkey
- Threat Hunters Playbook
- MITER TRAM
- SIGMA
- YETI
- Azure Sentinel
- AMITT Framework
Adversarial Emulation
- MITER Calderra
- Red Canary ATOMIC Red Team
- Mordor Re-play Adversarial Techniques
- MITER Caltack Plugin
- APTSimulator
- FlightSim
Information Gathering
- Maltego
- Nmap
- intelmq
- dnsrecon
- orbit
- SEAL
Utilities and Links
- Cyber Chef
- KeepPass
- FLOSS
- peview
- VLC
- AutoIt3
- Chrome
- openvpn
- Gorgeous
- Notepad + +
- DockerDesktop
- HxD
- Sysinternals
- Putty
You can download the program from here.