Download
Commando VM (by Mandiant) is a Windows-based offensive security / red-team distribution built to turn a fresh Windows installation into a fully featured penetration testing environment. It provides an automated installer (PowerShell script) that uses Chocolatey, Boxstarter, and MyGet package feeds to download, install, and configure dozens (100+ / 170+ depending on version) of offensive, fuzzing, enumeration, and exploitation tools. The idea is to spare testers the repetitive work of hand-installing dozens of windows tools, dependencies, and configurations. Commando VM supports customization of its installation profile (you can pick subsets of tools), includes support for WSL/Kali integration, and is intended to be used in a VM to facilitate snapshot recovery and test isolation.
Features
- Automated installer script chaining Chocolatey/Boxstarter to install, configure, and integrate hundreds of security tools
- Custom install profiles so users can choose which toolsets (e.g. AD tools, web tools, red-team tools) to include
- WSL / Kali integration so Linux tools can interoperate within the same VM environment
- Support for modular package definitions via a separate VM-Packages repo to maintain, update, and audit tool installs
- Post-installation configuration tweaks (e.g. shortcuts, environment variables, network settings, disabling defender)
- Maintenance and update workflows (auto updates of components, continuous integration testing of package installs)
Project Samples
