forked from Sptimus/Vulnerable_Host
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinstall.sh
163 lines (120 loc) · 4.57 KB
/
install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
#!/usr/bin/env bash
echo "
Installation process starts...
A collection of tools, tutorials, resources, and intentionally vulnerable
applications running in Docker containers. Labs include
over many exercises to learn and practice ethical hacking (penetration testing) skills.
"
echo " "
# Setting Up default Tools
cd ~/
apt update
apt install -y wget vim vim-python-jedi curl exuberant-ctags git ack-grep python3-pip git
pip3 install pep8 flake8 pyflakes isort yapf Flask
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
echo 'deb [arch=amd64] https://download.docker.com/linux/debian buster stable' | sudo tee /etc/apt/sources.list.d/docker.list
apt update
apt remove docker docker-engine docker.io
apt install -y docker-ce
echo "Installing Updating Docker-Compose!"
sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
echo "getting docker-compose.yml from Github Repository"
wget https://raw.githubusercontent.com/Sptimus/Vulnerable_Host/main/docker-compose.yml
# instantiating the containers with docker-compose
echo "Setting up the containers and internal bridge network"
docker-compose -f docker-compose.yml up -d
# cloning NodeGoat
git clone https://github.com/OWASP/NodeGoat.git
#replacing the docker-compose.yml file with second bridge network (10.6.7.0/24)
curl -sSL https://raw.githubusercontent.com/Sptimus/Vulnerable_Host/main/nodegoat-docker-compose.yml > /root/NodeGoat/docker-compose.yml
# downloading the nodegoat.sh from Github Repository
# this will be used manually to setup the NodeGoat environment
wget https://raw.githubusercontent.com/Sptimus/Vulnerable_Host/main/nodegoat.sh
chmod 744 nodegoat.sh
#cloning H4cker github
cd /root
mkdir Tools
cd /root/Tools
git clone https://github.com/The-Art-of-Hacking/h4cker.git
#cloning SecLists
git clone https://github.com/danielmiessler/SecLists.git
#cloning GitTools
git clone https://github.com/internetwache/GitTools.git
#cloning Payloads All The Thing
git clone https://github.com/swisskyrepo/PayloadsAllTheThings.git
#getting test ssl script
curl -L https://testssl.sh --output testssl.sh
chmod +x testssl.sh
#Installing ffuf
apt install -y ffuf
#Installing tor
apt install -y tor
#Installing golang
apt install -y golang-go
#Installing Jupyter Notebooks
apt install -y jupyter-notebook
#Installing nmap
apt install -y nmap
#Installing net-tools
apt install -y net-tools
#Installing metasploit
cd /root/Tools
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
chmod 755 msfinstall
./msfinstall
#Installing radamnsa
cd /root/Tools
git clone https://gitlab.com/akihe/radamsa.git && cd radamsa && make && sudo make install
#Installing Ghidra
cd /root/Tools
# first install Java Amazon Corretto is a no-cost, multiplatform, production-ready distribution of the
# Open Java Development Kit (OpenJDK). Corretto comes with long-term support that includes performance
# enhancements and security fixes.
wget https://corretto.aws/downloads/latest/amazon-corretto-11-x64-linux-jdk.deb
apt install -y ./amazon-corretto-11-x64-linux-jdk.deb
rm *.deb
#then download and unzip ghidra
wget https://ghidra-sre.org/ghidra_9.2_PUBLIC_20201113.zip
unzip ghidra_9*
rm -rf *.zip
#Installing EDB
apt install -y edb-debugger
#Installing gobuster
apt install -y gobuster
#Installing apache
apt install -y apache2
ufw allow 'Apache'
#Installing Sublist3r
cd /root/Tools
git clone https://github.com/aboul3la/Sublist3r.git
cd Sublist3r
pip3 install -r requirements.txt
# installing enum4linux-ng
cd /root/Tools
git clone https://github.com/cddmp/enum4linux-ng && cd enum4linux-ng
#Installing Knock
cd /root/Tools
git clone https://github.com/guelfoweb/knock.git
cd knock
python3 setup.py install
#Getting the container info script
sudo cd /root
curl -sSL https://raw.githubusercontent.com/Sptimus/Vulnerable_Host/main/containers.sh > /root/containers.sh
chmod +x /root/containers.sh
mv /root/containers.sh /usr/local/bin/containers
#Final confirmation
sudo /usr/local/bin/containers
echo "
All set! All tools, apps, and containers have been installed and setup.
Have fun hacking!
To install OWASP ZAP and Burp Suite
Burp Suite:
Visit: https://portswigger.net/burp/releases/startdownload?product=community&version=2022.3.9&type=Linux
Then run:
sudo ./burpsuite_community_linux_v2022_3_9.sh
OWASP Zap:
Visit: https://github.com/zaproxy/zaproxy/releases/download/v2.11.1/ZAP_2_11_1_unix.sh
Then run:
sudo ./ZAP_2_11_1_unix.sh
"