Windows SandBox environment for cybersecurity enthusiasts
2 |
3 | [Releases](https://github.com/redcode-labs/RedSand/releases) | [Wiki](https://github.com/redcode-labs/RedSand/wiki)
4 |
5 |
6 |
--------------------------------------------------------------------------------
/Utils/Scripts/AdditionalScripts/OnHost/downloadSysinternalsSuite.ps1:
--------------------------------------------------------------------------------
1 | $url = "https://download.sysinternals.com/files/SysinternalsSuite.zip"
2 |
3 | $dest = "..\..\..\Toolkits\SysinternalsSuite.zip"
4 |
5 | # TIL: Invoke-WebRequest is slower because it has to buffer the file in memory first before writing it to a disk
6 | Start-BitsTransfer -Source $url -Destination $dest
7 |
8 | Expand-Archive -Path "..\..\..\Toolkits\SysinternalsSuite.zip" -DestinationPath "..\..\..\Toolkits\SysinternalsSuite"
--------------------------------------------------------------------------------
/Utils/Scripts/AdditionalScripts/OnHost/downloadZimmermanTools.ps1:
--------------------------------------------------------------------------------
1 | New-Item -Path "..\..\..\Toolkits" -Name "Zimmerman" -ItemType "directory"
2 | Set-Location -Path "..\..\..\Toolkits\Zimmerman"
3 |
4 | $url = "https://f001.backblazeb2.com/file/EricZimmermanTools/Get-ZimmermanTools.zip"
5 |
6 | $dest = ".\Get-ZimmermanTools.zip"
7 |
8 | # TIL: Invoke-WebRequest is slower because it has to buffer the file in memory first before writing it to a disk
9 | Start-BitsTransfer -Source $url -Destination $dest
10 |
11 | Expand-Archive -Path ".\Get-ZimmermanTools.zip" -DestinationPath ".\Get-ZimmermanTools"
12 |
13 | .\Get-ZimmermanTools\Get-ZimmermanTools.ps1
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | ISC License
2 |
3 | Copyright 2022 Red Code Labs
4 |
5 | Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
6 |
7 | THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
8 |
--------------------------------------------------------------------------------
/Utils/Scripts/AdditionalScripts/InSandbox/installChocoAndScoop.ps1:
--------------------------------------------------------------------------------
1 | # Scoop
2 | try {
3 | Invoke-Expression (New-Object System.Net.WebClient).DownloadString('https://get.scoop.sh')
4 | # add Scoop to PATH
5 | $env:PATH += ";$($HOME)\scoop\shims"
6 | } catch {
7 | Write-Error "Error occured during installation of Scoop $($_.Exception.Message)"
8 | return
9 | }
10 | # Chocolatey
11 | try {
12 | Set-ExecutionPolicy Bypass -Scope Process -Force
13 | [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
14 | iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
15 | } catch {
16 | Write-Error "Error occured during installation of Chocolatey: $($_.Exception.Message)"
17 | }
--------------------------------------------------------------------------------
/Utils/Scripts/AdditionalScripts/InSandbox/installREToolkit.ps1:
--------------------------------------------------------------------------------
1 | # if you're wondering why this is in 'InSandbox' directory, lemme explain real quick
2 | # REtoolkit will add some options to Context Menu, hence I think it makes more sense to download it within the Sandbox and then install it
3 | # + also this is a nice example of what you can add in customScript.ps1 ))
4 |
5 | $url = "https://github.com/mentebinaria/retoolkit/releases/download/2022.04/retoolkit_2022.04_setup.exe"
6 |
7 | $dest = "C:\users\WDAGUtilityAccount\Desktop\setup.exe"
8 |
9 | # TIL: Invoke-WebRequest is slower because it has to buffer the file in memory first before writing it to a disk
10 | Start-BitsTransfer -Source $url -Destination $dest
11 |
12 | C:\users\WDAGUtilityAccount\Desktop\setup.exe /verysilent /suppressmsgboxes
--------------------------------------------------------------------------------
/Utils/Scripts/DefaultScripts/setup.ps1:
--------------------------------------------------------------------------------
1 | Set-ExecutionPolicy Unrestricted -Scope LocalMachine -Force
2 |
3 | Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" -Name "AllowDevelopmentWithoutDevLicense" -Value 1
4 |
5 | $Theme = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize"
6 | Set-ItemProperty $Theme AppsUseLightTheme -Value 0
7 | Set-ItemProperty $Theme SystemUsesLightTheme -Value 0
8 | Start-Sleep 1
9 |
10 | $Wallpaper="C:\users\WDAGUtilityAccount\Desktop\Utils\Scripts\DefaultScripts\RedSandWallpaper.png"
11 | $code = @'
12 | using System.Runtime.InteropServices;
13 | namespace Win32{
14 |
15 | public class Wallpaper{
16 | [DllImport("user32.dll", CharSet=CharSet.Auto)]
17 | static extern int SystemParametersInfo (int uAction , int uParam , string lpvParam , int fuWinIni) ;
18 |
19 | public static void SetWallpaper(string thePath){
20 | SystemParametersInfo(20,0,thePath,3);
21 | }
22 | }
23 | }
24 | '@
25 |
26 | add-type $code
27 | [Win32.Wallpaper]::SetWallpaper($Wallpaper)
--------------------------------------------------------------------------------
/RedSand.wsb:
--------------------------------------------------------------------------------
1 |