{"id":13510655,"url":"https://github.com/mandiant/commando-vm","last_synced_at":"2025-04-09T00:29:10.856Z","repository":{"id":37674662,"uuid":"177878919","full_name":"mandiant/commando-vm","owner":"mandiant","description":"Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com","archived":false,"fork":false,"pushed_at":"2024-09-24T19:14:18.000Z","size":16798,"stargazers_count":7149,"open_issues_count":9,"forks_count":1308,"subscribers_count":283,"default_branch":"main","last_synced_at":"2025-04-01T20:44:51.298Z","etag":null,"topics":["fireeye-flare","penetration-testing","red-teaming","windows"],"latest_commit_sha":null,"homepage":"https://www.mandiant.com/resources/blog/commando-vm-windows-offensive-distribution","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mandiant.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"License.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-03-26T22:36:32.000Z","updated_at":"2025-04-01T18:26:06.000Z","dependencies_parsed_at":"2023-02-12T20:45:53.821Z","dependency_job_id":"2a9bab7d-189c-4b11-bc4f-e4f3bcc5f34e","html_url":"https://github.com/mandiant/commando-vm","commit_stats":null,"previous_names":["fireeye/commando-vm"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mandiant%2Fcommando-vm","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mandiant%2Fcommando-vm/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mandiant%2Fcommando-vm/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mandiant%2Fcommando-vm/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mandiant","download_url":"https://codeload.github.com/mandiant/commando-vm/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247949054,"owners_count":21023267,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["fireeye-flare","penetration-testing","red-teaming","windows"],"created_at":"2024-08-01T02:01:48.671Z","updated_at":"2025-04-09T00:29:10.832Z","avatar_url":"https://github.com/mandiant.png","language":"PowerShell","readme":"![CommandoLogo](Images/commando-readme.png)\n\n## What is CommandoVM?\n\n**Complete Mandiant Offensive VM (\"CommandoVM\")** is a comprehensive and customizable, Windows-based security distribution for penetration testing and red teaming. CommandoVM comes packaged with a variety of offensive tools not included in [Kali Linux](https://www.kali.org/) which highlight the effectiveness of Windows as an attack platform.\n\n## Requirements\n* Windows 10\n\u003e Insider Preview editions of Windows are not supported\n* 60 GB Hard Drive\n* 2 GB RAM\n\n## Recommended\n* Windows 10 22H2\n* 80+ GB Hard Drive\n* 4+ GB RAM\n* 2 network adapters\n\n# Install Instructions\nDeploy a Windows Virtual Machine\n   \u003e [Where can I find a Windows 10 Virtual Machine?](https://www.microsoft.com/en-us/software-download/windows10ISO)\n\n## Pre-Install Procedures\n**You MUST disable Windows Defender for a smooth install**. The best way to accomplish this is through Group Policy.\n\nIn Windows versions 1909 and higher, Tamper Protection was added.\n**Tamper Protection must be disabled first, otherwise Group Policy settings are ignored.**\n\n1. Open Windows Security (type `Windows Security` in the search box)\n1. Virus \u0026 threat protection \u003e Virus \u0026 threat protection settings \u003e Manage settings\n1. Switch `Tamper Protection` to `Off` \n\u003e It is not necessary to change any other setting (`Real Time Protection`, etc.)\n\n\u003e **Important!** Tamper Protection must be disabled before changing Group Policy settings.\n\nTo permanently disable Real Time Protection:\n\n1. Make sure you disabled Tamper Protection\n1. Open Local Group Policy Editor (type `gpedit` in the search box)\n1. Computer Configuration \u003e Administrative Templates \u003e Windows Components \u003e Microsoft Defender Antivirus \u003e Real-time Protection\n1. Enable `Turn off real-time protection`\n1. **Reboot**\n\u003e Make sure to **reboot** before making the next change\n\nTo permanently disable Microsoft Defender:\n\n1. Make sure you rebooted your machine\n1. Open Local Group Policy Editor (type `gpedit` in the search box)\n1. Computer Configuration \u003e Administrative Templates \u003e Windows Components \u003e Microsoft Defender Antivirus\n1. Enable `Turn off Microsoft Defender Antivirus`\n1. **Reboot**\n\n  [1]: https://stackoverflow.com/questions/62174426/how-to-permanently-disable-windows-defender-real-time-protection-with-gpo\n\n## Installation \n1. Complete the pre-install procedures by disabling Defender\n1. Download and extract the zip of the Commando-VM repo\n1. Run PowerShell as Administrator\n1. `Set-ExecutionPolicy Unrestricted -force`\n1. `cd ~/Downloads/commando-vm`\n1. `Get-ChildItem .\\ -Recurse | Unblock-File`\n1. `.\\install.ps1` for a GUI install or `.\\install.ps1 -cli` for command-line\n\n\n## Contributing\nLooking to contribute? Check the links below to learn how!\n\n### Commando-VM (this repository)\n- See our quick start guide to go from zero to Commando ASAP! [https://github.com/mandiant/commando-vm/blob/main/Docs/Commando_Quickstart_Guide.md](https://github.com/mandiant/commando-vm/blob/main/Docs/Commando_Quickstart_Guide.md)\n\n### VM-Packages (where all the packages live)\n* [Repository of all tool packages (VM-packages)](https://github.com/mandiant/VM-Packages)\n* [Documentation and contribution guides for tool packages](https://github.com/mandiant/VM-Packages/wiki)\n* [Submit new tool packages or report package related issues](https://github.com/mandiant/VM-Packages/issues)\n\n## Troubleshooting\nSee the ![troubleshooting documentation](https://github.com/mandiant/commando-vm/blob/main/Docs/Troubleshooting.md) for more information.\n\n## Credits\n\n- Jake Barteaux         @day1player\n- Blaine Stancill       @MalwareMechanic\n- Nhan Huynh            @htnhan\n- Drew Farber           @0xFarbs\n- Alex Tselevich        @nos3curity\n- George Litvinov       @geo-lit\n- Dennis Tran           @Menn1s\n- Joseph Clay           @skollr34p3r\n- Ana Martinez Gomez    @anamma_06\n- Moritz Raabe\n- Derrick Tran          @dumosuku\n- Mandiant Red Team\n- Mandiant FLARE\n\n## Legal Notice\n\n```\nThis download configuration script is provided to assist penetration testers\nin creating handy and versatile toolboxes for offensive engagements. It provides \na convenient interface for them to obtain a useful set of pentesting Tools directly \nfrom their original sources. Installation and use of this script is subject to the \nApache 2.0 License.\n \nYou as a user of this script must review, accept and comply with the license\nterms of each downloaded/installed package listed below. By proceeding with the\ninstallation, you are accepting the license terms of each package, and\nacknowledging that your use of each package will be subject to its respective\nlicense terms.\n```\n","funding_links":[],"categories":["PowerShell","漏洞库_漏洞靶场","windows"],"sub_categories":["资源传输下载"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmandiant%2Fcommando-vm","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmandiant%2Fcommando-vm","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmandiant%2Fcommando-vm/lists"}