pentesting-bootstrap

Fast and easy way of setting up a self-contained and hardened pentesting environment with Kali Linux

Requirements

• Latest Kali Linux for x86_64
• 40GB of free disk space

Installation

1. Create a fresh image based on latest Kali Linux (assumes accepting default meta-packages: top10 and default).
2. $ git clone https://github.com/tasooshi/pentesting-bootstrap.git
3. $ sudo pentesting-bootstrap/bootstrap.sh (-q to silence output)
4. Answer a few questions (or skip them with -y).

(Optional)

5. In case you need support for wireless adapter: bootstrap.rtl88*.sh

Packages

These are the optional "packages":

kali.extra.disable.ipv6.sh

Disabling IPv6 system-wide.

kali.extra.hardening.sh

Restricting SSH, IPv4, default file permissions etc.

kali.extra.kalitorify.sh

There are some good uses, too.

kali.extra.namechange.sh

Changes host name to a random string that makes sense, after each reboot.

kali.extra.packages.sh

Consists of packages not installed by default in Kali Linux and the ones that I had found useful over the years: extra compilers, utilities for data extraction, less common file systems or protocols etc.

kali.extra.socat-openssl-v23.sh

Really handy when dealing with legacy systems not supporting modern TLS.

kali.extra.source-packages.sh

Downloads non-packaged binaries and source code in case you end up without Internet access (mostly from Github).

kali.extra.sublime-text.sh

Personal choice of mine, highly recommended for improving productivity. Great both for programming and note taking.

kali.extra.wide-compatibility.sh

Enables SSH client to talk to legacy systems.

Usage

usage: bootstrap.sh [-h] [-q] [-y]

Fast and easy way of setting up a hardened pentesting environment with Kali Linux

Optional arguments:
  -h                    Show this help message and exit
  -q                    Run quietly
  -y                    Answer "yes" to all