Pentest Environment Deployer

This repo provides an easy way to deploy a clean pentesting environment with Kali linux using vagrant and virtualbox.

Requirements

I assume you are familiar with virtualbox and vagrant.

• https://www.virtualbox.org/
• http://www.vagrantup.com/

Latest pentest-env release is tested with:

• Virtualbox (5.0.14)
• Vagrant (1.8.1)

Current box

Kali 2016.1

• http://box.hackbbs.org/kali-2016.1.box

SHA512: de1333a412675b8491e2f09b08c5c454073233eecfdf3d662b5c1572811f103df75abc7fffd49056f95b786bba8957e90d4ed69de1e21deba26219962f2a1ad7

See the wiki page about boxes for more details.

Getting started

To get started with pentest-env, clone this repository and run vagrant up kali inside the directory. This will download and run the Kali instance.

You can customize, add targets, create new targets etc.. inside pentest-env

For more details, visit the wiki pages:

1. Installation
2. Usage
3. Customizarions
4. Targets
5. About boxes
6. Known issues

If you use Chef, this chef-repo is for you!

About Security

verify checksums

It’s recommended to check downloaded box files with provided checksums (SHA512): http://box.hackbbs.org/checksums.txt

sshd is running

Provided boxes run the sshd service. So if you plan to run the Kali linux with a Bridged interface, default setup can be dangerous!

• root password of kali is toor.
• SSH private key is not private! Anyone can use this key to connect to your instance.
• The Kali linux 1.0 box added a vagrant user with password tnargav and is in sudoers with no password required.

License

See COPYING file