- Joined
- Jan 8, 2019
- Messages
- 56,610
- Solutions
- 2
- Reputation
- 32
- Reaction score
- 100,454
- Points
- 2,313
- Credits
- 32,620
6 Years of Service
76%
What is CommandoVM?
Complete Mandiant Offensive VM (“CommandoVM”) is a comprehensive, customizable, Windows-based security distribution for penetration testing and red teaming. CommandoVM comes packaged with various offensive tools not included in Kali Linux, highlighting the effectiveness of Windows as an attack platform.
Penetration testers commonly use their own variants of Windows machines when assessing Active Directory environments. Commando VM was designed specifically to be the go-to platform for performing these internal penetration tests. The benefits of using a Windows machine include native support for Windows and Active Directory, using your VM as a staging area for C2 frameworks, browsing shares more quickly (and interactively), and using tools such as PowerView and BloodHound without having to worry about placing output files on client assets.
Commando VM uses Boxstarter, Chocolatey, and MyGet packages to install all of the software, and delivers many tools and utilities to support penetration testing. This list includes more than 140 tools, including:
Nmap
Wireshark
Covenant
Python
Go
Remote Server Administration Tools
Sysinternals
Mimikatz
Burp-Suite
x64dbg
Hashcat
With such versatility, Commando VM aims to be the de facto Windows machine for every penetration tester and red teamer. For the blue teamers reading this, don’t worry, we’ve got full blue team support as well! The versatile toolsets included in Commando VM provide blue teams with the tools necessary to audit their networks and improve their detection capabilities. With a library of offensive tools, it makes it easy for blue teams to keep up with offensive tooling and attack trends.