PentestBox is not like other Penetration Testing Distributions which runs on virtual machines. It is created because more than 70% of penetration testing distributions users uses windows and provides an efficient platform for Penetration Testing on windows. It provides all security tools as a software package, eliminating requirement of Virtual machines or dualboot environments on Windows Operating System. It is created because more than 50% of penetration testing distribution users uses windows.

 



pentestbox1-e1433264899525

 

A Portable Penetration Testing Distribution for Windows: PentestBox

 

Easy to Use

It is a command line utility which is all what you want.

 

Awesome Design

It is the same green font on black terminal but in an modern way.

 

Best Performance

PentestBox directly runs on host machine instead of virtual machines, so performance gain is obvious.

 

No Dependencies Needed

All the dependencies required by tools are inside PentestBox, so you can even run PentestBox on freshly installed windows without any hassle.

 

Portable

PentestBox is entirely portable, so now you can carry your own Penetration Testing Environment on a USB stick. It will take care of dependencies required to run tools which are inside it.

 

Linux Environment

PentestBox contains nearly all Linux utilities like bash, cat, chmod, curl, git, gzip, ls, mv, ps, ssh, sh, uname and others. It even contains your favourite text editor “vim”.  Because of this, most penetration testing tools which were earlier compatible only with Linux are working smoothly in PentestBox on Windows.

 

No Driver Issue

Windows has already large support of drivers for Graphic Cards and wireless chip-sets. Now, you don’t have to worry about drivers compatibility issues.

 

Modular

Only the best tools went into PentestBox, but if you miss something you can easily install it using tools-manager from the inside of PentestBox environment.

 

Less memory Usage

PentestBox runs on host machine without any need for virtual machine. It only needs 20 MB – compared to at least 2GB of RAM need for running virtual machine distributions.

 

Less Disk Usage

PentestBox is very light. It requires less than third of space of other penetration testing Linux distributions.

 

Inbuilt Browser

PentestBox packs a Mozilla Firefox Browser with nearly all security addons.

 

Automatic Updates

Automatic update feature will keep your tool up to date.

 

Can Be Shared On A Network

You can use PentestBox on many computers by sharing it through network. You don’t have to install it on each and every computer that you want it to run on. Just install PentestBox on one computer and share it to all other computers on the same network.

 


 

 

 

 


 

whats-inside.jpg

 


 

 

No Metasploit ?

Metasploit contain exploits/payloads inside its folder structure, so when installed on windows machines nearly all anti-viruses and firewalls fire up. Metasploit officially instruct users to disable anti-viruses and firewalls while using it. It’s your call. If you willing to switch off your antiviruses program and want to use Metsaploit on Windows, you can download windows installer for Metsaploit from officially Metsaploit website.

 

PentestBox throwing up red flags ?

PentestBox is packed by UPX which is identified as malware by some antivirus softwares. You can scan PentestBox.exe with virtustotal.com and see the result. As an alternative there is a PentestBox.bat file in the same directory which upon running won’t show any warnings. There are some ruby gems also which can also flag as virus/malware, you can remove those of your antivirus are flagging it. Also THC-SSL-DOS will also be flagged because of it’s action against SSL servers.If you worried about those warnings then you can allow your Antivirus to remove those files, in that case you can start PentestBox through PentestBox.bat file and THC-SSL-DOS will not work. Rest other tools/products will work normally.

 

How to include your own Tool

If you want to include a tool which is not currently present in PentestBox then below are the ways to include it.

  • If it is Python based program
    • Place that folder in PentestBox_Directory/bin or in any folder inside bin.
    • As Python is configured inside PentestBox, you can directly go to that directory and then run that program by prepending python to the filename.
    • But if you want to set an alias for that program then please follow How to add an alias
  • If it is Ruby Based Program
    • Place that folder in PentestBox_Directory/bin or in any folder inside bin.
    • As Ruby is configured inside PentestBox, you can directly go to that directory and then run that program by prepending ruby to the filename.
    • But if you want to set an alias for that program then please follow How to add an alias
  • It it is Executable file
    • Place that folder in PentestBox_Directory/bin or in any folder inside bin.
    • You can directly access by moving to that folder and typing the filename.
    • But if you want to set an alias for that program then please follow How to add an alias

documentation_main

Source && Download

download.jpg

 

Original Post: https://n0where.net/portable-penetration-testing-distribution-for-windows/

Advertisements