This repository has been archived by the owner on Jun 15, 2020. It is now read-only.
forked from mandiant/commando-vm
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathprofile.json
181 lines (177 loc) · 6.64 KB
/
profile.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
{
"env": {
"VM_COMMON_DIR": "%ProgramData%\\FEVM",
"TOOL_LIST_DIR": "%ProgramData%\\Microsoft\\Windows\\Start Menu\\Programs\\Tools",
"TOOL_LIST_SHORTCUT": "%UserProfile%\\Desktop\\Tools.lnk",
"RAW_TOOLS_DIR": "%SystemDrive%\\Tools",
"TEMPLATE_DIR": "commandovm.win10.installer.fireeye"
},
"packages": [
{"name":"ghidra.fireeye"},
{"name":"visualstudio2019community"},
{"name":"openjdk"},
{"name": "SublimeText3.fireeye"},
{"name": "dotnet4.6.2"},
{"name": "dotnet4.7.2"},
{"name": "cmder.fireeye"},
{"name": "git"},
{"name": "adobereader.fireeye"},
{"name": "jre8"},
{"name": "wireshark.fireeye"},
{"name": "firefox.fireeye"},
{"name": "vcpython27"},
{
"name": "python2.x86.nopath.flare",
"x64Only": true,
"args": "--package-parameters \'/InstallDir:C:\\Python27.x86\'"
},
{"name": "python2"},
{"name": "python3"},
{"name": "golang"},
{"name": "dep"},
{"name": "ruby"},
{"name": "ruby2.devkit"},
{"name": "adexplorer.fireeye"},
{"name": "rsat.fireeye"},
{"name": "sysinternals.fireeye"},
{"name": "nmap.fireeye"},
{"name": "dnspy.flare"},
{"name": "autoit.fireeye"},
{"name": "ScreenToGif.fireeye"},
{"name": "telnet.fireeye"},
{"name": "sqlitebrowser.fireeye"},
{"name": "putty.fireeye"},
{"name": "processhacker.flare"},
{"name": "vlc.fireeye"},
{"name": "7zip"},
{"name": "Greenshot.fireeye"},
{"name": "winscp.fireeye"},
{"name": "keepass.fireeye"},
{"name": "vnc-viewer.fireeye"},
{"name": "hashcheck"},
{
"name": "neo4j-community.fireeye",
"x64Only": true
},
{"name": "sqlserver-cmdlineutils.fireeye"},
{"name": "peview.flare"},
{"name": "shellcode_launcher.flare"},
{"name": "x64dbg.fireeye"},
{"name": "windbg.fireeye"},
{"name": "windbg.kenstheme.flare"},
{"name": "proxycap.fireeye"},
{"name": "windump.fireeye"},
{"name": "apimonitor.fireeye"},
{"name": "hxd.fireeye"},
{"name": "burp.free.fireeye"},
{"name": "kali_windowsbinaries.fireeye"},
{"name": "unxUtils"},
{"name": "ADACLScanner.fireeye"},
{"name": "ADAPE-Script.fireeye"},
{"name": "ADOffline.fireeye"},
{"name": "ADRecon.fireeye"},
{"name": "ASREPRoast.fireeye"},
{"name": "BloodHound.fireeye"},
{"name": "CheckPlease.fireeye"},
{"name": "CredNinja.fireeye"},
{"name": "DAMP.fireeye"},
{"name": "contextmenu.fireeye"},
{"name": "CrackMapExec.fireeye"},
{"name": "CrackMapExecWin.fireeye"},
{"name": "demiguise.fireeye"},
{"name": "DotNetToJScript.fireeye"},
{"name": "DomainPasswordSpray.fireeye"},
{"name": "DSInternals.fireeye"},
{"name": "Egress-Assess.fireeye"},
{"name": "explorersuite.flare"},
{"name": "Exchange-AD-Privesc.fireeye"},
{"name": "flare-floss.fireeye"},
{"name": "Generate-Macro.fireeye"},
{"name": "Get-LAPSPasswords.fireeye"},
{"name": "Get-ReconInfo.fireeye"},
{"name": "GoFetch.fireeye"},
{
"name": "gowitness.fireeye",
"x64Only": true
},
{"name": "Grouper2.fireeye"},
{"name": "impacket.fireeye"},
{"name": "impacket-examples-windows.fireeye"},
{"name": "Internal-Monologue.fireeye"},
{"name": "Inveigh.fireeye"},
{"name": "Invoke-ACLPwn.fireeye"},
{"name": "Invoke-CradleCrafter.fireeye"},
{"name": "Invoke-DCOM.fireeye"},
{"name": "Invoke-DOSfuscation.fireeye"},
{"name": "Invoke-Obfuscation.fireeye"},
{"name": "Invoke-Phant0m.fireeye"},
{"name": "Invoke-PowerThIEf.fireeye"},
{"name": "Invoke-PSImage.fireeye"},
{"name": "Invoke-TheHash.fireeye"},
{"name": "KeeFarce.fireeye"},
{"name": "KeeThief.fireeye"},
{"name": "LAPSToolkit.fireeye"},
{"name": "luckystrike.fireeye"},
{"name": "MailSniper.fireeye"},
{"name": "metatwin.fireeye"},
{"name": "Mimikatz.fireeye"},
{"name": "mimikittenz.fireeye"},
{"name": "NetshHelperBeacon.fireeye"},
{"name": "nishang.fireeye"},
{"name": "nps.fireeye"},
{"name": "pafishmacro.fireeye"},
{"name": "PoshC2.fireeye"},
{"name": "PowerLessShell.fireeye"},
{"name": "PowerLurk.fireeye"},
{"name": "PowerPriv.fireeye"},
{"name": "PowerShdll.fireeye"},
{"name": "PowerShell-Suite.fireeye"},
{"name": "PowerSploit.fireeye"},
{"name": "PowerUpSQL.fireeye"},
{"name": "PowerView.fireeye"},
{"name": "PrivExchange.fireeye"},
{"name": "PSAmsi.fireeye"},
{"name": "PSAttack.fireeye"},
{"name": "PSReflect.fireeye"},
{"name": "RedTeamPowershellScripts.fireeye"},
{"name": "RiskySPN.fireeye"},
{"name": "Rubeus.fireeye"},
{"name": "ruler.fireeye"},
{"name": "SafetyKatz.fireeye"},
{"name": "Seatbelt.fireeye"},
{"name": "SessionGopher.fireeye"},
{"name": "Sharp-Suite.fireeye"},
{"name": "SharpDPAPI.fireeye"},
{"name": "SharpDump.fireeye"},
{"name": "SharpExchangePriv.fireeye"},
{"name": "SharpHound.fireeye"},
{"name": "SharpRoast.fireeye"},
{"name": "SharpUp.fireeye"},
{"name": "SharpView.fireeye"},
{"name": "SharpWMI.fireeye"},
{"name": "SpoolerScanner.fireeye"},
{"name": "StarFighters.fireeye"},
{"name": "SpoolSample.fireeye"},
{"name": "UACME.fireeye"},
{"name": "vssown.fireeye"},
{"name": "WMImplant.fireeye"},
{"name": "WMIOps.fireeye"},
{"name": "Elite.fireeye"},
{"name": "covenant.fireeye"},
{"name": "ad-control-paths.fireeye"},
{"name": "defendercheck.fireeye"},
{"name": "dnsrecon.fireeye"},
{"name": "EvilClippy.fireeye"},
{"name": "NtdsAudit.fireeye"},
{"name": "SharpExec.fireeye"},
{"name": "FOCA.fireeye"},
{"name": "juicy-potato.fireeye"},
{"name": "NetRipper.fireeye"},
{"name": "Watson.fireeye"},
{"name": "RobotsDisallowed.fireeye"},
{"name": "RottenPotatoNG.fireeye"},
{"name": "SharpClipHistory.fireeye"},
{"name": "SharpSploit.fireeye"},
{"name": "openvpn.fireeye", "args":"--parameters \'/SELECT_SHORTCUTS=0 /SELECT_LAUNCH=0\'"}
]
}