# tools to install ## Tools to install apt install updatedb apt search xxxxxx on new install ```bash apt update apt install kali-desktop-gnome apt install kali-linux-default apt install kali-linux-everything apt install kali-wallpapers-all dpkg-reconfigure locales dpkg-reconfigure keyboard-configuration apt-get install console-common dpkg-reconfigure kali-grant-root ``` If you really don’t care about security, and if you preferred the old model, you can install kali-grant-root and run ```bash dpkg-reconfigure kali-grant-root to configure password-less root rights. sudo su (enter you password) dpkg-reconfigure kali-grant-root (choose top option) sudo su (we don't need password for root. close terminal and reopen it) next edit .bashrc for the user and add sudo su to the bottom ----- ``` ```bash update Kali Linux apt update apt list --upgradeable apt upgrade apt dist-upgrade ``` #### tmux ```bash apt-get install tmux nano ~/.tmux.conf # Improve colors # set -g default-terminal 'screen-256color' # Set scrollback buffer to 10000 set -g history-limit 1000000 # Customize the status line # set -g status-fg green # set -g status-bg black # remap prefix from 'C-b' to 'C-a' unbind C-b set-option -g prefix C-a bind-key C-a send-prefix # split panes using | and - bind h split-window -h bind v split-window -v unbind '"' unbind % # don't rename windows automatically set-option -g allow-rename off # reload config file (change file location to your the tmux.conf you want to use) bind r source-file ~/.tmux.conf ``` tmux new -s HTB #### sublimetext ```bash wget -qO - https://download.sublimetext.com/sublimehq-pub.gpg | sudo apt-key add - apt-get install apt-transport-https echo "deb https://download.sublimetext.com/ apt/stable/" | sudo tee /etc/apt/sources.list.d/sublime-text.list apt-get update apt-get install sublime-text ``` #### rclone ```bash apt install rclone rclone config n GoogleDrive (number for Google Drive) client_id client_secret Choose a number from below, or type in your own value 1 / Full access all files, excluding Application Data Folder. \ "drive" edit advanced config (Y/N) n use auto config (Y/N) y ``` #### crontab -e ```bash crontab -e # Edit this file to introduce tasks to be run by cron. # # Each task to run has to be defined through a single line # indicating with different fields when the task will be run # and what command to run for the task # # To define the time you can provide concrete values for # minute (m), hour (h), day of month (dom), month (mon), # and day of week (dow) or use '*' in these fields (for 'any'). # # Notice that tasks will be started based on the cron's system # daemon's notion of time and timezones. # # Output of the crontab jobs (including errors) is sent through # email to the user the crontab file belongs to (unless redirected). # # For example, you can run a backup of all your user accounts # at 5 a.m every week with: # 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ # # For more information see the manual pages of crontab(5) and cron(8) # # m h dom mon dow command # ┌───────────── minute (0 - 59) # │ ┌───────────── hour (0 - 23) # │ │ ┌───────────── day of month (1 - 31) # │ │ │ ┌───────────── month (1 - 12) # │ │ │ │ ┌───────────── day of week (0 - 6) (Sunday to Saturday; # │ │ │ │ │ 7 is also Sunday on some systems) # │ │ │ │ │ # │ │ │ │ │ # * * * * * command_to_execute # Backup Documents to Google Drive evey 20 minutes */20 * * * * rclone sync /root/Documents/ GoogleDrive:kali-Documents-2019.3/ # 09 * * * * rclone copy GoogleDrive:kali-Documents-2019.3a/ /home/kali/Documents/ */10 * * * * rclone copy GoogleDrive:Machine-Writeups-Notes/ /root/Documents/ /home/kali ``` #### AutoRecon ```bash sudo apt install python3 sudo apt install python3-pip (To make this easier, you could add the following alias to your ~/.profile (or equivalent):) alias sudo="sudo env \"PATH=$PATH\"" Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/kali/.local/bin" sudo apt install seclists curl enum4linux gobuster nbtscan nikto nmap onesixtyone oscanner smbclient smbmap smtp-user-enum snmp sslscan sipvicious tnscmd10g whatweb wkhtmltopdf sudo python3 -m pip install git+https://github.com/Tib3rius/AutoRecon.git ``` #### MS Visual Studio ```bash cd /opt/ sudo apt update sudo apt install curl gpg software-properties-common apt-transport-https curl -sSL https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add - echo "deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main" | sudo tee /etc/apt/sources.list.d/vscode.list sudo apt update sudo apt install code ``` ### Obsidian ```bash cp ~/Downloads/Obsidian-0.11.13.AppImage ~/.local/bin/obsidian chmod +x ~/.local/bin/obsidian ``` ### Other Tools to install ```bash xclip ``` ### Firefox addons ```bash Wappalyzer ``` ### FoxyProxy and BURP certificate ```bash add FoxyProxy into Firefox via the menu ``` ```bash searchsploit -u ``` ```bash apt install golang mkdir -p ~/go/{pkg,bin,src} nano ~/.profile add export GOPATH="$HOME/go" export GOBIN="$GOPATH"/bin" export PATH="$PATH:$GOBIN" exit and save then type ~/.profile go get -v -u github.com/zricethezav/gitleaks gobuster git clone https://github.com/OJ/gobuster.git go build ``` ```bash apt install python3-dev python3-pip pip3 install truffleHog pip3 install jwt pip3 install pyjwt ``` ```bash Microsoft Access database tools apt install mdbtools ``` ```bash Tools for reading Microsoft Outlook PST files apt install pst-utils ``` ``` apt install crackmapexec apt install rlwrap ``` ```bash cd /opt/ git clone https://github.com/SecureAuthCorp/impacket cd /opt/ git clone https://github.com/DominicBreuker/pspylo cd /opt/ git clone https://github.com/ropnop/kerbrute cd /opt/ rm -rf BloodHound git clone https://github.com/BloodHoundAD/BloodHound.git cd/opt/BloodHound wget https://github.com/BloodHoundAD/BloodHound/releases/download/3.0.3/BloodHound-linux-x64.zip unzip BloodHound-linux-x64.zip cd /opt/ git clone https://github.com/PowerShellMafia/PowerSploit/ -b dev mimitatz cd /opt/ git clone https://github.com/gentilkiwi/mimikatz cd /opt/ git clone https://github.com/pdfminer/pdfminer.six pip install pdfminer.six cd /opt/ git clone https://github.com/wireghoul/dotdotpwn cd /opt/ git clone https://github.com/theevilbit/ciscot7.git evil-winrm cd /opt/ git clone https://github.com/Hackplayers/evil-winrm cd /evil-winrm gem install evil-winrm pip3 install donut-shellcode cd /opt/ apt install padbuster cd /opt/ apt install python3-venv p7zip-full -y cd /opt/ git clone https://github.com/snovvcrash/usbrip.git usbrip && cd usbrip ``` ## git clone cd /opt ``` git clone ``` apt install padbuster apt install python3-venv p7zip-full -y git clone usbrip && cd usbrip vpn openvpn --config dystopian.ovpn crontab bash script to install tools ```bash #!/bin/bash home='cd /opt' `echo $home` apt install python3-dev python3-pip pip3 install truffleHog pip3 install jwt pip3 install pyjwt apt install pst-utils apt install crackmapexec apt install rlwrap # dirsearch git clone https://github.com/maurosoria/dirsearch # EyeWitness git clone https://github.com/FortyNorthSecurity/EyeWitness cd EyeWitness/setup ./setup.sh `echo $home` # Masscan git clone https://github.com/robertdavidgraham/masscan # Parameth git clone https://github.com/maK-/parameth # Recon-ng git clone https://bitbucket.org/LaNMaSteR53/recon-ng # Sublist3r git clone https://github.com/aboul3la/Sublist3r # Aquatone git clone https://github.com/michenriksen/aquatone # WPScan git clone https://github.com/wpscanteam/wpscan # DNSRecon git clone https://github.com/darkoperator/dnsrecon # Gobuster git clone https://github.com/OJ/gobuster cd gobuster apt install golang make export PATH=$PATH:/opt/gobuster `echo $home` # MassDNS git clone https://github.com/blechschmidt/massdns # RobotsDisallowed git clone https://github.com/danielmiessler/RobotsDisallowed # Seclists mkdir wordlists; cd wordlists git clone https://github.com/danielmiessler/SecLists `echo $home` # Easy-P git clone https://github.com/cheetz/Easy-P # Nishang git clone https://github.com/samratashok/nishang # Powersploit git clone https://github.com/PowerShellMafia/PowerSploit # LinEnum mkdir -p priv_esc/linux; cd priv_esc/linux git clone https://github.com/rebootuser/LinEnum # linux-exploit-suggest.sh git clone https://github.com/mzet-/linux-exploit-suggester # linuxprivchecker.py wget https://raw.githubusercontent.com/sleventyeleven/linuxprivchecker/master/linuxprivchecker.py # unix-privesc-check git clone https://github.com/pentestmonkey/unix-privesc-check `echo $home` # Empire mkdir priv_esc/windows; cd priv_esc/windows git clone https://github.com/EmpireProject/Empire `echo $home` # my bits now #/----------------------------------------------------------------------------/ git clone https://github.com/SecureAuthCorp/impacket git clone https://github.com/DominicBreuker/pspylo git clone https://github.com/ropnop/kerbrute cd /opt/ rm -rf BloodHound git clone https://github.com/BloodHoundAD/BloodHound.git cd/opt/BloodHound wget https://github.com/BloodHoundAD/BloodHound/releases/download/3.0.3/BloodHound-linux-x64.zip unzip BloodHound-linux-x64.zip cd /opt/ git clone https://github.com/PowerShellMafia/PowerSploit/ -b dev # mimitatz cd /opt/ git clone https://github.com/gentilkiwi/mimikatz cd /opt/ git clone https://github.com/pdfminer/pdfminer.six pip install pdfminer.six cd /opt/ git clone https://github.com/wireghoul/dotdotpwn cd /opt/ git clone https://github.com/theevilbit/ciscot7.git evil-winrm cd /opt/ git clone https://github.com/Hackplayers/evil-winrm cd /evil-winrm gem install evil-winrm pip3 install donut-shellcode cd /opt/ apt install padbuster cd /opt/ apt install python3-venv p7zip-full -y cd /opt/ git clone https://github.com/snovvcrash/usbrip.git usbrip && cd usbrip ``` ```bash etc/hosts # Hack the Box machines 10.10.10.29 bank.htb # 10.10.10.100 active.htb htb # 10.10.10.160 Postman # 10.10.10.161 htb.local htb # 10.10.10.162 staging-order.mango.htb # 10.10.10.168 obscurity.htb # 10.10.10.172 megabank.local # 10.10.10.177 oouch.htb consumer.oouch.htb authorization.oouch.htb # 10.10.10.179 megacorp.htb # 10.10.10.180 remote.htb # 10.10.10.183 forwardslash.htb # 10.10.10.186 quick.htb portal.quick.htb # Vulnhub machines # 192.168.1.86 kioptrix3.com # 192.168.1.87 gfriEND.lan ``` I ```bash this will set up root. sudo -i (enter you password) whoami (this should return root) (now change the password for root) passwd root (now type the password) ``` ```bash crontab # /etc/crontab: system-wide crontab # Unlike any other crontab you don't have to run the `crontab' # command to install the new version when you edit this file # and files in /etc/cron.d. These files also have username fields, # that none of the other crontabs do. SHELL=/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin # Example of job definition: # .---------------- minute (0 - 59) # | .------------- hour (0 - 23) # | | .---------- day of month (1 - 31) # | | | .------- month (1 - 12) OR jan,feb,mar,apr ... # | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat # | | | | | # * * * * * user-name command to be executed 17 * * * * root cd / && run-parts --report /etc/cron.hourly 25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily ) 47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly ) 52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly ) # 21 * * * * root rclone copy GoogleDrive:/kali-Documents-2019.3 /home/kali/Documents/ 23 * * * * root rclone sync /home/kali/Documents/ GoogleDrive:/kali-Documents-2020.1 ``` ``` 03 * * * * rclone copy GoogleDrive:kali-Documents-2020.3a/ /home/kali/Documents/ */05 * * * * root rclone copy GoogleDrive:/kali-Documents-2020.3a/ /home/kali/Documents/ ``` change ownership of all files from root to user For recursive (i.e files and folders inside a folder): ```bash sudo chown -R user:user dirName ``` PS1='\[\033\[1;31m]\u@\h\[\033\[1;34m]\w:\[\033\[0;37m]$ ```bash Linux proof hostname && whoami && cat proof.txt && ip a Windows proof hostname && whoami.exe && type proof.txt && ipconfig/all ``` ```bash # m h dom mon dow command # ┌───────────── minute (0 - 59) # │ ┌───────────── hour (0 - 23) # │ │ ┌───────────── day of month (1 - 31) # │ │ │ ┌───────────── month (1 - 12) # │ │ │ │ ┌───────────── day of week (0 - 6) (Sunday to Saturday; # │ │ │ │ │ 7 is also Sunday on some systems) # │ │ │ │ │ # │ │ │ │ │ # * * * * * command_to_execute # Backup Documents to Google Drive evey 20 minutes */20 * * * * rclone sync /root/Documents/ GoogleDrive:kali-Documents-rolling-new/ #*/07 * * * * rclone sync /root/Documents/machine-write-ups/ GoogleDrive:Machine-Writeups-Notes/ */05 * * * * rclone sync GoogleDrive:kali-Documents-rolling-2021.1a/ /root/Documents/ */07 * * * * rclone sync GoogleDrive:kali-Documents-rolling-2021-1/ /root/Documents/ */10 * * * * rclone copy GoogleDrive:Machine-Writeups-Notes/ /root/Documents/machine-write-ups ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://0xdecaf2bad.gitbook.io/red-team-notes/tools-to-install.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.