├── CODEOWNERS
├── .github
    └── CODEOWNERS
├── README.md
└── AttackDeploy.sh


/CODEOWNERS:
--------------------------------------------------------------------------------
1 | * @zephrfish
2 | 


--------------------------------------------------------------------------------
/.github/CODEOWNERS:
--------------------------------------------------------------------------------
1 | * @zephrfish
2 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # AttackDeploy
 2 | ## Work In Progress
 3 | Scripts for deploying new pentesting VPS, makes all folders, adds repos, tooling, users, wordlists & updates system ready to run whatever you want.
 4 | 
 5 | #### Note
 6 | This requuires that you run the scripting as root, also if you want to install docker this also requires root. Enjoy! 
 7 | 
 8 | ## Plans
 9 | 
10 | - Include Fully Automated SSL Setup
11 | - Add OS Hardening
12 | - Setup all tools that have been git cloned
13 | 
14 | ## Usage
15 | Assuming you have git already installed the following line will install things:
16 | ```
17 | git clone https://github.com/ZephrFish/AttackDeploy.git && cd AttackDeploy && chmod +x AttackDeploy.sh && ./AttackDeploy.sh
18 | ```
19 | 
20 | If however you do not have git, you can also either copy paste it OR use wget:
21 | ```
22 | wget https://raw.githubusercontent.com/ZephrFish/AttackDeploy/master/AttackDeploy.sh -O AttackDeploy.sh && chmod +x AttackDeploy.sh && ./AttackDeploy.sh
23 | ```
24 | 
25 | ### Currently Includes
26 | 
27 | - Recon 
28 |   - DNS
29 |   - Enumeration
30 |   - Mobile
31 |   - Fingerprinting/Profiling
32 |   
33 |   - A bunch of wordlists
34 |   - some other things
35 |   
36 |   
37 |   If you've got tool suggestions, make a pull request
38 |   ----
39 | 
40 | # AttackDeploy Docker Deployment Kit
41 | Includes Basic tooling for an attack server deployment
42 | Inspiration taken from https://www.pentestpartners.com/security-blog/docker-for-hackers-a-pen-testers-guide/
43 | 
44 | You'll want to install docker first:
45 | 
46 | ```
47 | wget https://raw.githubusercontent.com/ZephrFish/DockerAttack/master/InstallDocker.sh && chmod +x InstallDocker.sh && ./InstallDocker.sh
48 | ```
49 | 
50 | # How to Build
51 | 
52 | ```
53 | docker build -t dockerattack/attackdeploy $(pwd)/
54 | ```
55 | 
56 | # How to Run
57 | 
58 | ```
59 | docker run -ti -p 80:80 -p 443:443 -p 8080:8080 -v /tmp/AttackDeploy:/home/AttackDeploy dockerattack/attackdeploy
60 | ```
61 | 
62 | 


--------------------------------------------------------------------------------
/AttackDeploy.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # AttackDeployAttackTools Only - 0.1
  3 | # ZephrFish
  4 | # Script for deploying new VPS & downloading all required tools
  5 | # This version takes away the SSL setup & OS hardening 
  6 | # Note: This is a work in progress :-)
  7 | 
  8 | # Root Check
  9 | if [ `whoami` != root ]; then
 10 |     echo "This script must be run as root"
 11 |     exit 1
 12 | fi
 13 | 
 14 | # Install Basic Repos
 15 | rm -rf /etc/apt/sources.list
 16 | touch /etc/apt/sources.list
 17 | echo "# Debian 9" >> /etc/apt/sources.list
 18 | echo "deb http://ftp.debian.org/debian testing main contrib non-free" >> /etc/apt/sources.list
 19 | echo "deb-src http://ftp.debian.org/debian testing main contrib non-free" >> /etc/apt/sources.list
 20 | echo "deb http://ftp.debian.org/debian/ stretch-updates main contrib non-free" >> /etc/apt/sources.list
 21 | echo "deb-src http://ftp.debian.org/debian/ stretch-updates main contrib non-free" >> /etc/apt/sources.list
 22 | echo "deb http://security.debian.org/ stretch/updates main contrib non-free" >> /etc/apt/sources.list
 23 | echo "deb-src http://security.debian.org/ stretch/updates main contrib non-free" >> /etc/apt/sources.list
 24 | 
 25 | # Install Kali Repos
 26 | apt-key adv --keyserver pgp.mit.edu --recv-keys ED444FF07D8D0BF6
 27 | echo "# Kali linux repos" >> /etc/apt/sources.list
 28 | echo "deb http://http.kali.org/kali kali-rolling main contrib non-free" >> /etc/apt/sources.list
 29 | 
 30 | # Update & Upgrade Repo
 31 | apt update
 32 | apt-get upgrade -y
 33 | apt-get dist-upgrade -y
 34 | 
 35 | # Install Basics
 36 | apt install sudo git wget curl git zip ccze byobu zsh golang  ufw python-pip -y
 37 | 
 38 | # Install Basic Attack Tools
 39 | apt-get install -y nikto dotdotpwn jsql nmap sqlmap sqlninja thc-ipv6 hydra metasploit-framework dirb
 40 | 
 41 | # Make Tools & Wordlists Directory
 42 | mkdir /usr/share/wordlists
 43 | mkdir /usr/share/tools
 44 | mkdir /usr/share/tools/scripts/
 45 | 
 46 | # Pull Wordlists
 47 | cd /usr/share/wordlists
 48 | git clone https://github.com/danielmiessler/SecLists
 49 | git clone https://github.com/danielmiessler/RobotsDisallowed
 50 | cd SecLists
 51 | tar xvzf rockyou.tar.gz
 52 | 
 53 | # DNS Tooling
 54 | cd /usr/share/tools
 55 | mkdir DNS
 56 | cd DNS
 57 | git clone https://github.com/lorenzog/dns-parallel-prober
 58 | git clone https://github.com/aboul3la/Sublist3r
 59 | git clone https://github.com/michenriksen/aquatone
 60 | git clone https://github.com/guelfoweb/knock
 61 | git clone https://github.com/anshumanbh/brutesubs
 62 | git clone https://github.com/jhaddix/domain
 63 | apt -f install fierce
 64 | 
 65 | # CMS Tooling
 66 | cd /usr/share/tools
 67 | mkdir CMS && cd CMS
 68 | git clone https://github.com/droope/droopescan
 69 | apt install -y wpscan
 70 | git clone https://github.com/Dionach/CMSmap
 71 | 
 72 | # Directory Busting
 73 | cd /usr/share/tools
 74 | apt install dirb -y
 75 | git clone https://github.com/OJ/gobuster
 76 | git clone https://github.com/henshin/filebuster
 77 | 
 78 | # Git Recon
 79 | mkdir /usr/share/tools/git
 80 | cd /usr/share/tools/git
 81 | git clone https://github.com/libcrack/gitrecon
 82 | git clone https://github.com/dxa4481/truffleHog
 83 | git clone https://github.com/michenriksen/gitrob
 84 | 
 85 | # OSINT Tooling 
 86 | mkdir /usr/share/tools/OSINT
 87 | cd /usr/share/tools/OSINT
 88 | apt install -y recon-ng
 89 | git clone https://github.com/smicallef/spiderfoot
 90 | git clone https://github.com/ZephrFish/GoogD0rker
 91 | git clone https://github.com/GerbenJavado/LinkFinder 
 92 | 
 93 | # HTTP Analysis
 94 | cd /usr/share/tools
 95 | git clone https://github.com/ChrisTruncer/EyeWitness 
 96 | git clone https://github.com/robertdavidgraham/masscan
 97 | 
 98 | # BBF Tooling
 99 | mkdir /usr/share/tools/BBF
100 | cd /usr/share/tools/BBF
101 | for y in $(wget https://bugbountyforum.com/tools/ &&  grep "/tools/" index.html | cut -d "=" -f 2 | cut -d "/" -f 2,3 | grep -v ">"); do wget https://bugbountyforum.com/$y; done && for x in $(ls); do grep "href=" $x | cut -d "=" -f 2 | grep github.com | cut -d "/" -f 3,4,5 | cut -d " " -f 1 |sed -e 's/^"//' -e 's/"$//' | grep -v "gist" >> Repos.txt; done && for a in $(cat Repos.txt);do git clone https://$a; done && find . -maxdepth 1 -type f -delete
102 | 
103 | echo "That's all folks! You're good to go hack the planet!"
104 | 


--------------------------------------------------------------------------------