PentestBox v2.3 released: penetration testing environments for Windows
PentestBox is a Windows platform pre-configured portable open-source penetration test environment. Speaking of the penetration test environment, Linux has a lot of easy to use penetration testing system, such as Kali, BackTrack, Parrot Security OS, etc .; these Linux systems are a lot of penetration testing process required a lot of tools. But after all, most people are using the Windows system, if you want to use both Windows and Linux systems, then it can only be set up for the dual system or the Linux system installed in the virtual machine. PentestBox will be able to solve this trouble, the official website is introduced:
It has packaged all the security tools and can be run in the Windows system to run, effectively reducing the virtual machine or dual boot environment needs.
Some of the benefits of PentestBox are as follows:
- Easy to use: just a simple command line tool.
- No dependency requirements: all dependencies have been installed inside the PentestBox, and can even run directly on a newly installed Windows system.
- Easy to carry: PentestBox has a high degree of portability, and now you can put your penetration test environment directly on the USB storage device. It is perfect to solve all the dependencies and configuration required to run the tool.
- Linux toolset: PentestBox contains almost all of the Linux toolset, such as bash, cat, chmod, curl, git, gzip, ls, mv, ps, ssh, sh, uname and so on. It even contains the editor of the god “vim”.
- No driver problem: Windows platform has a perfect graphics card and wireless network driver support, do not worry about driving compatibility issues. If you want to use RainbowCrack driver GPU crack Hash, which in the class Linux environment cannot be achieved, but PentestBox can help you complete.
- Modular: In the process of developing PentestBox, we always choose the best tool, but we may still miss some of the tools you want to use. You can use the PentestBox built-in tools manager to easily install/ update/uninstall the tools you want to use.
- Less memory footprint: PentestBox running does not require virtual machine support, and run on the virtual machine at least 2GB of memory compared to the release, only 20MB of memory.
- Built-in browser: PentestBox built an installed almost all security-related plug-ins Firefox browser
- Updateable features: PentestBox contains an update module that keeps your tools always in the latest version.
PentestBox has two versions to choose from, one installed Metasploit, the other is not installed. It should be noted that the installation and use of “installed Metasploit PentestBox” need to turn off anti-virus software and firewall because Metasploit generated attack load for Windows security is a threat.
The installation process is actually the release of the file, then the installation directory will be generated under the five folders, two library files, a bat batch, and exe start the program. Which the base folder collection of ruby, jdk, python and other needs to use the environment variable; vendor is the program running framework; icons store the program icon; config is some configuration files, bin folder is the program package all the security tools , We routinely used tests such as sqlmap, burpsuite, nmap, wpscan, cmsmap, dirbuster, ipscan, wireshark, metasploit and so on, there are firefox infiltration essential browser, the program also firefox Pre-installed some security plug-ins, including firebug, hackbar, live http headers and so on. In other words, you can copy the files in the installation directory to your U disk, and then you have a portable penetration test environment.
Changelog v 2.3
- Python2, Ruby, Perl, Java Development Kit, Curl were upgraded to latest version.
- Python3 support is added.(call is called as “python3” from the terminal.)
- Bettercap is added.
- Some python3 tools like dirsearch are added.
- All the tools which were present in the earlier version were upgraded.
- Windows 10 Complete support, it was there before but some recent version of windows broke some UI functionality.
How to use PentestBox
Enter the list command, the menu displays the different types of tools to view the command
You would like to see what tools are available for web applications and only need to enter list webapplication.
Enter sqlmap to run SQL map tool
To know all the PentestBox pre-installation tools to start the command can access: