Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/redhuntlabs/RedHunt-OS
Virtual Machine for Adversary Emulation and Threat Hunting
https://github.com/redhuntlabs/RedHunt-OS
Last synced: 2 months ago
JSON representation
Virtual Machine for Adversary Emulation and Threat Hunting
- Host: GitHub
- URL: https://github.com/redhuntlabs/RedHunt-OS
- Owner: redhuntlabs
- License: bsd-3-clause
- Created: 2018-03-14T19:31:16.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2020-07-13T04:54:49.000Z (almost 4 years ago)
- Last Synced: 2024-01-24T20:04:44.728Z (5 months ago)
- Size: 1.12 MB
- Stars: 1,183
- Watchers: 85
- Forks: 189
- Open Issues: 6
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Lists
- awesome-incident-response - RedHunt-OS - Virtual machine for adversary emulation and threat hunting. (IR Tools Collection / Adversary Emulation)
- awesome-cybersecurity-blueteam - RedHunt OS - Ubuntu-based Open Virtual Appliance (`.ova`) preconfigured with several threat emulation tools as well as a defender's toolkit. (Preparedness training and wargaming / Firewall appliances or distributions)
- awesome-threat-detection - RedHunt-OS - A Virtual Machine for Adversary Emulation and Threat Hunting. RedHunt aims to be a one stop shop for all your threat emulation and threat hunting needs by integrating attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment. (Threat Simulation Tools / Related Awesome Lists)
- awesome-hacking-lists - RedHunt-OS - Virtual Machine for Adversary Emulation and Threat Hunting (Others (1002))
- awesome-incident-response - RedHunt-OS - Virtual machine for adversary emulation and threat hunting. (IR Tools Collection / Adversary Emulation)
- awesome-cybersecurity-blueteam - RedHunt OS - Ubuntu-based Open Virtual Appliance (`.ova`) preconfigured with several threat emulation tools as well as a defender's toolkit. (Preparedness training and wargaming / Firewall appliances or distributions)
- awesome-incident-response - RedHunt-OS - Virtual machine for adversary emulation and threat hunting. (IR tools Collection / Adversary Emulation)
- awesome-stars - redhuntlabs/RedHunt-OS - Virtual Machine for Adversary Emulation and Threat Hunting (Others)
- awesome-blueteam - RedHunt OS - Ubuntu-based Open Virtual Appliance (`.ova`) preconfigured with several threat emulation tools as well as a defender's toolkit. (Preparedness training and wargaming / Firewall appliances or distributions)
- awesome-stars - redhuntlabs/RedHunt-OS - Virtual Machine for Adversary Emulation and Threat Hunting (Others)
- awesome-incident-response - RedHunt-OS - Virtual machine for adversary emulation and threat hunting. (IR tools Collection / Adversary Emulation)
- repo-2430-awesome-threat-detection - RedHunt-OS - A Virtual Machine for Adversary Emulation and Threat Hunting. RedHunt aims to be a one stop shop for all your threat emulation and threat hunting needs by integrating attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment. (Threat Detection and Hunting / Tools)
- repo-2396-awesome-threat-detection - RedHunt-OS - A Virtual Machine for Adversary Emulation and Threat Hunting. RedHunt aims to be a one stop shop for all your threat emulation and threat hunting needs by integrating attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment. (Threat Simulation / Tools)
- awesome-incident-response - RedHunt-OS - Virtual machine for adversary emulation and threat hunting. (IR Tools Collection / Adversary Emulation)
- awesome-hacking-lists - redhuntlabs/RedHunt-OS - Virtual Machine for Adversary Emulation and Threat Hunting (Others)
- awesome-hacking-lists - RedHunt-OS - Virtual Machine for Adversary Emulation and Threat Hunting (Others)
- Awesome-Threat-Detection - RedHunt-OS - A Virtual Machine for Adversary Emulation and Threat Hunting. RedHunt aims to be a one stop shop for all your threat emulation and threat hunting needs by integrating attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment. (Threat Simulation / Tools)
- awesome-cybersecurity-blueteam-cn - RedHunt OS - 基于Ubuntu的开放式虚拟设备(`.ova`),预配置了多个威胁仿真工具以及防守方的工具包 (攻防演练 / 网络钓鱼意识和报告)
- fucking-awesome-incident-response - RedHunt-OS - Virtual machine for adversary emulation and threat hunting. (IR Tools Collection / Adversary Emulation)
README
# RedHunt Linux Distribution (VM) v2
[
](https://redhuntlabs.com/)
Virtual Machine for Adversary Emulation and Threat Hunting by [RedHunt Labs](https://redhuntlabs.com/)
RedHunt OS aims to be a one stop shop for all your threat emulation and threat hunting needs by integrating attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment.
**[`To know more about our Attack Surface Management platform, check out NVADR.`](https://redhuntlabs.com/nvadr)**
## Base Machine:
* Lubuntu-18.04 x64
## Tool Setup
#### Attack Emulation:
* [Caldera](https://github.com/mitre/caldera)
* [Atomic Red Team](https://github.com/redcanaryco/atomic-red-team)
* [Nmap](https://nmap.org/download.html)
* [CrackMapExec](https://github.com/byt3bl33d3r/CrackMapExec)
* [Metasploit](https://github.com/rapid7/metasploit-framework)
* [Responder](https://github.com/lgandx/Responder)
* [Zap](https://www.zaproxy.org/)
* [ADRecon](https://github.com/adrecon/ADRecon)
#### Threat HUNTing:
* [Kolide Fleet](https://github.com/kolide/fleet)
* [ELK (Elasticsearch, Logstash, and Kibana) Stack](https://www.elastic.co/elk-stack)
#### Open Source Intelligence (OSINT):
* [Maltego](https://www.paterva.com/web7/buy/maltego-clients/maltego-ce.php)
* [Recon-ng](https://bitbucket.org/LaNMaSteR53/recon-ng)
* [Datasploit](https://github.com/DataSploit/datasploit)
* [theHarvestor](https://github.com/laramies/theHarvester)
#### Threat Intelligence:
* [Yeti](https://github.com/yeti-platform/yeti)
* [Harpoon](https://github.com/Te-k/harpoon)
#### Reporting:
* [Asciinema](https://asciinema.org)
* [Flameshot](https://github.com/lupoDharkael/flameshot)
* [CherryTree](https://www.giuspen.com/cherrytree/)
## VM Download Link:
* Release v2: http://bit.ly/RedHunt-OS-v2. All feedback is welcome.
*Changelog*
* System Updates
* Tool Updates
* New Categories added: Reporting
* Outdated tools removed
* Base OS Updated to 18.04
**Setup:**
* Download the latest OVA file from https://github.com/redhuntlabs/RedHunt-OS.
* Import the OVA in VirtualBox.
* Login using the credentials hunter:hunter.
* Update the distribution ‘sudo apt-get update && sudo apt-get upgrade’.
* Configure/Use the tools.
**VM Credentials:**
Username: hunter
Password: hunter
**Caldera Credentials:**
Username: admin
Password: admin
## Checksums:
**Version 1**
* MD5: f8d433140f7e2b370b81c8b6ed3c951f
* SHA1: 66b6a9bdbd2c6f029de9d17a2e086166a1ab7fd3
## Sneak Peek:
## To-Do:
- [ ] Integrate Memory Forensics and Analysis Framework
- [x] Integrate Reporting Tools
- [x] Integrate Threat Intelligence Frameworks
- [x] Integrate OSINT Frameworks
## Website:
* https://redhuntlabs.com
## Twitter:
* https://twitter.com/redhuntlabs
## References:
* https://cyberwardog.blogspot.in/2017/02/setting-up-pentesting-i-mean-threat_98.html
* https://jordanpotti.com/2018/02/16/elk-osquery-kolide-fleet-love/