├── LICENSE
├── README.md
└── install_playbook.sh


/LICENSE:
--------------------------------------------------------------------------------
 1 | The MIT License (MIT)
 2 | 
 3 | Copyright (c) 2015 Decommutate
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 
23 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # HackerPlaybookInstall
2 | An installation script to help with the setup of a Kali VM for The Hacker Playbook: Practical Guide To Penetration Testing by Peter Kim
3 | 
4 | This script assumes you already have a copy of Kali installed into a virtual machine. This script should be executed within the virtual machine. It will pause between each step of the process and it is recommended that you follow along with the steps outlined in the book in the event something goes wrong. Note that this script does *not* handle prompts within a few of the setup and install scripts that are called. Consult the Hacker's Playerbook for which options that should be selected. 
5 | 


--------------------------------------------------------------------------------
/install_playbook.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | 
  3 | function pause()
  4 | {
  5 |    read -p "$*"
  6 | }
  7 | 
  8 | #Updating OS
  9 | pause "Press Enter to update O/S"
 10 | apt-get update
 11 | apt-get dist-upgrade
 12 | 
 13 | #Setting up Metasploit database
 14 | pause "Press Enter to setup Metasploit database (note this does NOT enable Metasploit Logging)"
 15 | service postgresql start
 16 | service metasploit start
 17 | 
 18 | #Setting up Discover Scripts
 19 | pause "Press Enter to setup Discover Scripts"
 20 | cd /opt
 21 | git clone https://github.com/leebaird/discover.git
 22 | cd discover
 23 | ./setup.sh
 24 | 
 25 | #Install Smbexec
 26 | pause "Press Enter to install Smbexec"
 27 | cd /opt
 28 | git clone https://github.com/brav0hax/smbexec.git
 29 | cd smbexec
 30 | pause "Press Enter to open up Smbexec script. Select 1 when prompted
 31 | and indicate you wish to install to /opt"
 32 | ./install.sh
 33 | pause "Press Enter to open up Smbexec script again. Select 4 when prompted."
 34 | ./install.sh
 35 | 
 36 | #Download Veil
 37 | pause "Press Enter to install Veil"
 38 | #Veil eventually wants to chown /root/veil-output, but it doesn't exist.
 39 | #I create it here as a directory so the error won't show up but it hope it won't
 40 | #cause problems in the future
 41 | mkdir /root/veil-output
 42 | cd /opt
 43 | git clone https://github.com/veil-evasion/Veil.git
 44 | cd ./Veil/setup
 45 | ./setup.sh
 46 | 
 47 | #Download WCE
 48 | pause "Press Enter to install WCE"
 49 | cd ~/Desktop
 50 | wget http://www.ampliasecurity.com/research/wce_v1_41beta_universal.zip
 51 | unzip -d ./wce wce_v1_41beta_universal.zip
 52 | 
 53 | #Downloading Mimikatz
 54 | pause "Press Enter to install Mimikatz"
 55 | cd ~/Desktop
 56 | wget http://blog.gentilkiwi.com/downloads/mimikatz_trunk.zip
 57 | unzip -d ./mimikatz mimikatz_trunk.zip
 58 | 
 59 | #Getting big password lists
 60 | pause "Press Enter to open a browser with a password list to download.
 61 | This is different from the URL in the book (which is dead!!)"
 62 | firefox https://www.dropbox.com/s/ucreldsa3qt1rms/crackstation-human-only.txt.gz
 63 | pause "Press Enter once the previous password list has been downloaded
 64 | into ~/Downloads"
 65 | cd ~/Desktop
 66 | mkdir ./password_list && cd ./password_list
 67 | gzip -d ~/Downloads/crackstation-human-only.txt.gz
 68 | #wget errors on this sites expired certificate for me, so ignore the warning
 69 | wget http://downloads.skullsecurity.org/passwords/rockyou.txt.bz2
 70 | bzip2 -d rockyou.txt.bz2
 71 | 
 72 | #Install Burp Proxy manually
 73 | pause "Press Enter to open a web browser to download Burp Suite"
 74 | firefox http://portswigger.net/burp/downloadfree.html
 75 | pause "Press Enter once Burp Suite has been downloaded"
 76 | 
 77 | #Setting up Peepingtom
 78 | pause "Press Enter to install Peepingtom"
 79 | cd /opt
 80 | git clone https://bitbucket.org/LaNMaSteR53/peepingtom.git
 81 | cd ./peepingtom
 82 | wget https://gist.github.com/nopslider/5984316/raw/423b02c53d225fe8dfb4e2df9a20bc800cc78e2c/gnmap.pl
 83 | wget https://phantomjs.googlecode.com/files/phantomjs-1.9.2-linux-i686.tar.bz2
 84 | tar xvjf phantomjs-1.9.2-linux-i686.tar.bz2
 85 | cp ./phantomjs-1.9.2-linux-i686/bin/phantomjs .
 86 | 
 87 | #Installing Nmap script
 88 | pause "Press Enter to install Nmap script"
 89 | cd /usr/share/nmap/scripts
 90 | wget https://raw.github.com/hdm/scan-tools/master/nse/banner-plus.nse
 91 | 
 92 | #Installing PowerSploit
 93 | pause "Press Enter to install PowerSploit"
 94 | cd /opt
 95 | git clone https://github.com/mattifestation/PowerSploit.git
 96 | cd PowerSploit
 97 | wget https://raw.github.com/obscuresec/random/master/StartListener.py
 98 | wget https://raw.github.com/darkoperator/powershell_scripts/master/ps_encoder.py
 99 | 
100 | #Installing Responder
101 | pause "Press Enter to install Responder"
102 | cd /opt
103 | git clone https://github.com/SpiderLabs/Responder.git
104 | 
105 | #Installing SET
106 | pause "Press Enter to install SET"
107 | cd /opt
108 | git clone https://github.com/trustedsec/social-engineer-tool-kit/set/
109 | cd set
110 | ./setup.py install
111 | 
112 | #Installing bypassuac
113 | pause "Press Enter to install bypassuac"
114 | cd /opt
115 | wget http://www.secmaniac.com/files/bypassuac.zip
116 | unzip bypassuac.zip
117 | cp bypassuac/bypassuac.rb /opt/metasploit/apps/pro/msf3/scripts/meterpreter
118 | mv bypassuac/uac /opt/metasploit/apps/pro/msf3/data/exploits
119 | 
120 | #Installing BeEF
121 | pause "Press Enter to install BeEF"
122 | apt-get install beef-xss
123 | 
124 | #Installing Fuzzing Lists
125 | pause "Press Enter to install Fuzzing Lists"
126 | cd /opt
127 | git clone https://github.com/danielmiessler/SecLists.git
128 | 
129 | #Installing Firefox Extensions
130 | pause "Press Enter to open pages to each Firefox web browser
131 | extension. Install each one."
132 | firefox https://addons.mozilla.org/en-US/firefox/addon/web-developer
133 | firefox https://addons.mozilla.org/en-US/firefox/addon/tamper-data
134 | firefox https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard
135 | firefox https://addons.mozilla.org/en-US/firefox/addon/user-agent-switcher
136 | 
137 | #We're done!
138 | pause "Thats it! Press Enter to exit this script"
139 | 


--------------------------------------------------------------------------------