credit/src ¹ for image.

• Slideshow - https://slides.com/elrey741/redops
• Video

  • (coming soon)SELF (Southeast Linuxfest)

  • bsides chs

  • Vagrant for Pentesters ( not directly tied to project, but applicable )

    

• Blog posts
  • Part 1: https://blog.secureideas.com/2018/09/automating-red-team-homelabs-part-1-kali-automation.html
    • This blog post is a high level overview as to what I want to use this repo for
  • Part 2: https://blog.secureideas.com/2019/05/automating-red-team-homelabs-part-2-build-pentest-destroy-and-repeat.html
    • This blog post is a deep dive into using packer and how I automated this github repo.

here is my account on vagrant cloud (which should list all the packer builds for this repo): https://app.vagrantup.com/elrey741/

and specifically here is the vagrant box for the master branch: https://app.vagrantup.com/elrey741/boxes/kali-linux_amd64

• user: vagrant
• pass: vagrant

listed in the scripts directory: here

So you can vagrant box update to get the new box that is created from this each month by a cron job on my server. This will allow for a fresh new image of Kali with the most up to date tools through the ease of vagrant and however you want to provision my kali box.

Based on vagrants help command (displayed below), this should destroy/delete anything from before the box was upgraded.

$ vagrant box update --help
Usage: vagrant box update [options]

Updates the box that is in use in the current Vagrant environment,
if there any updates available. This does not destroy/recreate the
machine, so you'll have to do that to see changes.

To update a specific box (not tied to a Vagrant environment), use the
--box flag.

So to get the new up to date kali box you would have to vagrant destroy and vagrant up it again. Then everything would be based on your Vagrantfile for provisioning.

before vagrant destroy

• did you backup all your metasploit data? - msfconsole -q -x "db_export -f xml /root/pentesting/metasploit-backups/general/metasploit-backup-main.xml; exit"
• did you backup all your metasploit creds (doesn't get exported by metasploit by default...)? - msfconsole -q -x "creds -o /root/pentesting/metasploit-backups/creds/metasploit-backup-creds.csv; exit"
• do you have any customizations that could be automated in your Vagrantfile?
• putting all your data in your /vagrant folder is ideal, to keep everything shared and making sure it doesn't get lost when destroying boxes (because it is on your local machine as a shared folder)

• vagrant
• packer
• internet connection

• Create different kali box automations (i.e. with empire and other frameworks)
• docs...eventually :D
• different virtualization platforms (virtualbox)

[1] KALI LINUX ™ is a trademark of Offensive Security. This repo is not the official implementation of Vagrant and Kali. You can find that here