{"id":13701852,"url":"https://github.com/r3dy/capsulecorp-pentest","last_synced_at":"2025-04-12T15:34:46.264Z","repository":{"id":45462759,"uuid":"248063695","full_name":"R3dy/capsulecorp-pentest","owner":"R3dy","description":"Vagrant VirtualBox environment for conducting an internal network penetration test","archived":false,"fork":false,"pushed_at":"2023-06-05T15:18:47.000Z","size":2758,"stargazers_count":878,"open_issues_count":5,"forks_count":164,"subscribers_count":27,"default_branch":"master","last_synced_at":"2025-04-03T15:09:57.190Z","etag":null,"topics":["ansible","ethical-hacking","hacking","penetration-testing","pentest","pentesting","vagrant"],"latest_commit_sha":null,"homepage":"https://www.manning.com/books/the-art-of-network-penetration-testing?a_aid=royce","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/R3dy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2020-03-17T20:10:25.000Z","updated_at":"2025-03-27T10:08:20.000Z","dependencies_parsed_at":"2024-01-06T22:42:59.288Z","dependency_job_id":null,"html_url":"https://github.com/R3dy/capsulecorp-pentest","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/R3dy%2Fcapsulecorp-pentest","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/R3dy%2Fcapsulecorp-pentest/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/R3dy%2Fcapsulecorp-pentest/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/R3dy%2Fcapsulecorp-pentest/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/R3dy","download_url":"https://codeload.github.com/R3dy/capsulecorp-pentest/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248590014,"owners_count":21129730,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","ethical-hacking","hacking","penetration-testing","pentest","pentesting","vagrant"],"created_at":"2024-08-02T21:00:24.926Z","updated_at":"2025-04-12T15:34:46.242Z","avatar_url":"https://github.com/R3dy.png","language":"Ruby","funding_links":[],"categories":["Awesome Repositories","📘 Valuable Repositories","Other Useful Repositories","Here is a collection of hackers, pentesters, security researchers, scripts and more:"],"sub_categories":[],"readme":"**Blog**\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;[![](https://img.shields.io/badge/Read%20My-Blog-ff69b4?logo=Hugo\u0026style=for-the-badge)](https://blog.roycedavis.net/)\n\n**Twitter:**\u0026nbsp;\u0026nbsp;[![](https://img.shields.io/twitter/follow/r3dy__?logo=Twitter\u0026style=for-the-badge)](https://twitter.com/@r3dy__)\n\n**Discord:**  [![](https://dcbadge.vercel.app/api/server/D5QTtWEwxZ)](https://discord.gg/D5QTtWEwxZ) \n\n**Book:**\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;[![](https://img.shields.io/badge/Art%20of%20Network-Penetration%20Testing-orange?style=for-the-badge\u0026logo=Amazon)](https://amzn.to/43wQOYk)\n\n\n# 1. Capsulecorp Pentest\n\nThe Capsulecorp Pentest is a small virtual network managed by Vagrant and Ansible. It contains five virtual machines, including one Linux attacking system running Xubuntu and 4 Windows 2019 servers configured with various vulnerable services. This project can be used to learn network penetration testing as a stand-alone environment but is ultimatly designed to complement my book [The Art of Network Penetration Testing](https://bit.ly/38N9S9e).\n\n![](https://raw.githubusercontent.com/R3dy/capsulecorp-pentest/assets/windows%20environment.png)\n\n## Why is this cool?\nSetting up a virtual network to learn penetration testing can be tedious as well as time/resource consuming. Everything in the capsulecorp environment is pretty much done for you already. Once you get Vagrant, Ansible and VirtualBox installed on your machine you only need to run a couple of `vagrant` commands to have a fully functioning Active Directory domain that you can use for hacking/learning/pentesting etc.\n\n## 1.1. Requirements\nIn order to use the Capsulecorp Pentest network you must have the following:\n\n* VirtualBox\n  * [https://www.virtualbox.org/wiki/Downloads](https://www.virtualbox.org/wiki/Downloads)\n* Vagrant\n  * [https://www.vagrantup.com/downloads.html](https://www.vagrantup.com/downloads.html)\n* Ansible\n  * [https://docs.ansible.com/ansible/latest/installation_guide/index.html](https://docs.ansible.com/ansible/latest/installation_guide/index.html)\n\n* Quad-core CPU with 16GB RAM is recommended.  \n  * With 8GB or less you could still use the project but ***only run 2 or 3 VMs at a time***.  \n  * For All VMs running at once 16GB is required.\n\n## 1.2. Current Functionality\n* Active directory domain with one DC and 3 server members. All windows server have evaluation licenses, which are activated on installation (for 180 days)\n  * Domain Controler: `goku.capsulecorp.local`\n  * Server 01: `vegeta.capsulecorp.local`\n  * Server 02: `gohan.capsulecorp.local`\n  * Server 03: `trunks.capsulecorp.local`\n  * Wrkstn 01: `tien.capsulecorp.local`\n* Vulnerable Jenkins server on `vegeta`\n* Vulnerable Apache Tomcat server on `trunks`\n* Vulnerable MSSQL server on `gohan`\n* Vulnerable MS17-010 on `tien`\n* Xubuntu pentest system running XRDP.\n  * Metasploit\n  * CrackMapExec\n  * Nmap\n  * Remmina RDP client\n  * RVM\n  * Python/Pip/Pipenv\n  * Impacket\n\n## 1.3. OSX Configuration\nIn order to manage Windows hosts you'll have to install `pywinrm` with pip inside the ansible virtual environment\n\n```bash\nsource ~/ansible/bin/activate\npip install pywinrm\ndeactivate\n```\n\n# 2. Installation\n**YouTube Setup Tutorial**\n\n[![](https://img.shields.io/youtube/channel/views/UCi0_EWBSYdNomzAtV0nYOPA?logo=Youtube\u0026style=for-the-badge)](https://m.youtube.com/watch?v=An4QvztvDaE\u0026t=0s)\n\nFor a detailed installation walkthrough check out\n\n* [MacOS Setup Guide](https://github.com/R3dy/capsulecorp-pentest/wiki/MacOS-Setup-Guide)\n\n* [Windows Setup Guide](https://github.com/R3dy/capsulecorp-pentest/wiki/Windows-Setup-Guide)\n\n## 2.1. Configure the windows hosts\nThe first thing you should do is bring up and provision Goku the domain controller. This system will likely take the longest to bring up because the dcpromo stuff just takes a while.\n\n***Note***: if you are running vagrant with sudo. use ```sudo -E vagrant``` option to run vagrant\n\nBring up the VM\n\n\tvagrant up goku\n\nProvision the VM\n\n\tvagrant provision goku\n\nRepeat the above two commands for gohan, vegeta and trunks.\n\n***...WARNING...***\n\nThis section of the provision is expected to take a while because after a dcpromo it takes a long time for the system to reboot.\n\n```bash\nTASK [promotedc : Set a static address to 172.28.128.100] **********************\nchanged: [goku]\n\nTASK [promotedc : Change hostname to goku] *************************************\nok: [goku]\n\nTASK [promotedc : Install Active Directory Services] ***************************\nok: [goku]\n\nTASK [promotedc : Promote goku to domain controller] ***************************\nchanged: [goku]\n\nTASK [promotedc : Reboot after promotion] **************************************\n```\n\n## 2.2. Configure your pentest platform\n\nBring up the virtual machines using Vagrant. First cd into the project directory, for example: `cd ~/capsulecorp-pentest`.  Take note of the RDP port that gets forwarded to your localhost.\n\n    vagrant up pentest\n\nProvision the pentest machine.\n\n    vagrant provision pentest\n\nYou can access your pentest machine either using your preferred RDP client to connect to the xrdp listener or via SSH with.\n\n\tvagrant ssh pentest\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fr3dy%2Fcapsulecorp-pentest","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fr3dy%2Fcapsulecorp-pentest","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fr3dy%2Fcapsulecorp-pentest/lists"}