FireEye today released Commando VM, which according to the company, is a “first of its kind Windows-based security distribution for penetration testing and red teaming.”
When it comes to the best-operating systems for hackers, Kali Linux is always the first choice for penetration testers and ethical hackers.
However, Kali is a Linux-based distribution, and using Linux without learning some basics is not everyone’s cup of tea as like Windows or macOS operating systems.
Moreover, if you are wondering why there is no popular Windows-based operating system for hackers? First, because Windows is not open-source and second, manually installing penetration testing tools on Windows is pretty problematic for most users.
To help researchers and cyber security enthusiasts, cybersecurity firm FireEye today released an automated installer called Commando VM.
But don’t get confused with its name. Commando VM is not a pre-configured snapshot of a virtual machine image with many tools installed on a Windows system. It’s not even a complete distribution.
Instead, Commando VM is an automated installation script that turns your Windows operating system, running on a virtual machine (VM) or even on the base system, into a hacking machine.
“It is possible to archive the same result if you run the install script on the base machine. However, we strongly discourage this behavior. Commando VM downloads additional offensive and red team tools on Windows. Many of these tools are flagged by windows defenders as malicious. Therefore, we disable many Windows security features. Running Commando VM on the host will leave it vulnerable, and therefore strongly discouraged,” FireEye researcher confirmed The Hacker News via an email conversation.
But, I have to mention that Commando VM is not the first of its kind.
Available since 2015, PentestBox is a similar open-source tool, running which automatically installs all the security tools as a software package directly on your Windows computer.
Developed by Indian security researcher Aditya Agrawal, PentestBox has been designed to eliminate the requirement of virtual machines or dual boot environments on Windows.
Commando VM release 1.0 includes two different set-ups, one works on Windows 7 Service Pack 1 and another for users running Windows 10 operating system.
Commando VM offers a smooth working environment by automatically installing more than 140 tools, including Nmap, Wireshark, Remote Server Administration Tools, Mimikatz, Burp-Suite, x64db, Metasploit, PowerSploit, Hashcat, and Owasp ZAP, on your Windows machine.
images from Hacker News