ENNAENNA

Commando VM

Apache-2.0

๐Ÿ”ฅ Offensive Ops ยท PowerShell

Commando VM is a Windows-based penetration testing virtual machine distribution created by Mandiant (formerly FireEye). It uses Boxstarter, Chocolatey, and custom scripts to automatically install and configure over 140 offensive security tools on a Windows platform. This includes tools for Active Directory attacks, reverse engineering, exploitation, vulnerability analysis, and reconnaissance. Unlike Kali Linux, Commando VM provides a native Windows testing environment essential for testing Windows-specific exploits, running .NET offensive tools natively, and testing in environments where Linux tools are impractical.

7.6kstars
1.3kforks
8issues
Updated 6mo ago
+I use this
View on GitHubOfficial Website

Installation

$ git clone https://github.com/mandiant/commando-vm.git && cd commando-vm && .\install.ps1

Use Cases

  • Setting up a Windows-based penetration testing environment
  • Running Windows-native offensive tools without Linux
  • Active Directory attack testing from a domain-joined machine
  • Training and lab environments for Windows exploitation

Tags

pentest-distrowindowstoolsetmandiantvm-setupfireeye-flarepenetration-testingred-teaming

Details

Category
๐Ÿ”ฅ Offensive Ops
Language
PowerShell
License
Apache-2.0
Platforms
๐ŸชŸwindows

Links

GitHub Repository

github.com/mandiant/commando-vm

Official Website

www.mandiant.com/resources/blog/commando-vm-windows-offensive-distribution

Releases

github.com/mandiant/commando-vm/releases

Issues

github.com/mandiant/commando-vm/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Community Reviews

Alternatives & Comparisons

LinPEAS

Shell

Linux privilege escalation enumeration script. Finds misconfigs, SUID bins, creds, and escalation paths.

Compare Commando VM vs LinPEAS

Seatbelt

C#

C# safety checks for offensive operations. Enumerates host security config, credentials, and interesting data.

Compare Commando VM vs Seatbelt

WinPwn

PowerShell

Automated Windows internal penetration testing toolkit. Runs recon, privesc, credential extraction, and lateral movement in one script.

Compare Commando VM vs WinPwn

More in Offensive Ops

Mythic

Go

Collaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.

c2red-teammulti-operator

Havoc

C/C++

Modern C2 framework. Qt-based GUI, BOF support, custom agents, and a Cobalt Strike-inspired workflow.

c2red-teamgui

Rubeus

C#

C# toolset for raw Kerberos interaction and abuse. AS-REP roasting, Kerberoasting, ticket manipulation, delegation attacks.

kerberosactive-directoryroasting

Certipy

Python

Active Directory Certificate Services (AD CS) abuse tool. Find and exploit certificate template misconfigurations.

active-directorycertificatesadcs

Coercer

Python

Automatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.

authentication-coercionntlm-relaypetitpotam

SharpHound

C#

Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.

active-directoryenumerationbloodhound