Breaking News

ThreatBox is an ordinary and regulated Linux based totally assault platform. I’ve used a mode of this for years. It began as a number of scripts, lived as a rolling digital gadget, existed as code to construct a Linux ISO, and has now been made over to a collection of ansible playbooks. Why Ansible? Why now not? This looked to be the following herbal evolution to the configuration of ordinary assault platforms.

This drawback makes use of ansible playbooks and roles to accomplish put up deployment configuration on a linux serve as (Examined on Ubuntu 18.04).

The issue is designed for use as a starter procedure in emerging, managing, and the usage of an ordinary assault platform for purple teaming or penetration testing.

Element on the idea that of a Usual Assault Platform can also be came upon it the e instruction manual Crimson Staff Construction and Operations – A wise instruction manual, written by the use of Joe Vest and James Tubberville. 

Possible choices

  • Usual apparatus outlined as ansible roles
  • Customizations designed to make coverage testing easier
  • Variable listing to be able to add or take away git repositories, OS applications, or python modules. (threatbox.yml)
  • Sort monitoring of the deployed example taste and the deploy device taste. That turns out to be useful it assembly compliance rules and will lend a hand cut back concern by the use of actively monitoring all apparatus.
    • Threatbox taste created at deployment and displayed in desktop wallpaper
    • Deployed device tracked in ~/Desktop/readme
  • SSH port auto-switching. The deployment begins on port 22, however reconfigures the objective device to the required SSH port the usage of the ansible_port variable in threatbox.yml
  • Obtain and collect quite a lot of .internet toolkits (i.e. SeatBelt.exe from Ghostpack
  • Maximum python duties put in the usage of pipenv. Use pipenv shell within the issue listing to get right to use. See for pipenv utilization steering

Enterprise Knowledge

The next listing highlights key parts of this drawback.

hostAnsible hosts fileTrade with IP addresses of serve as ansible methods
group_vars/threatbox.ymlnow not ordinary variablesvariable used for the issue. exchange as wanted.
threatbox_playbox.ymlNumber one ansible playbookTrade as want to upload further roles or possible choices
roles/now not ordinaryNot ordinary OS platform configurationSetup now not ordinary OS settings (i.e set taste in background or bring together)
roles/.different specific roles to configure or deploy apparatusupload or alter roles in roles/



Provision quite a lot of goals.

Take into account: This drawback was once once examined on Ubuntu 18.04 deployed in Digitalocean


  1. Replica hosts.development to hosts
  2. Edit hosts with the IP(s) of your serve as methods
  3. Replica group_varsthreatbox.yml.development to group_varsthreatbox.yml
  4. Edit group_varsthreatbox.yml with the up to date variables you want to make use of
    • Don’t forget to switch SSH key with a key that has get right to use to the far flung serve as

Ansible instructions

# OSX factor
if [[ "$(uname)" == "Darwin" ]]

# Ansible Logging
rm ./ansible.log
export ANSIBLE_LOG_PATH="ansible.log"

# Ansible Debugging
export ANSIBLE_DEBUG=False

# Execute playbook
ansible-playbook -e ansible_python_interpreter=/usr/bin/python3 -i hosts threatbox_playbook.yml

Take into account: Consider the usage of Mitogen for Ansible to achieve an important efficiency spice up.

Examined with this ansible.cfg

host_key_checking = False
pipelining = True
forks = 100
timeout = 600
stdout_callback = yaml
bin_ansible_callbacks = True
callback_whitelist = profile_roles, profile_tasks, timer

strategy_plugins = ~/Bureaucracy/mitogen-0.2.9/ansible_mitogen/plugins/technique
technique = mitogen_linear

Remotely Get entry to the device

Console get right to use with SSH

Take into account: SSH could also be set to a non-standard port throughout setup. This price is in a position throughout the group_vars/threatbox.yml wisdom

ssh -p $sshport -i ~/.ssh/threatbox_id_rsa [email protected]$threatboxip

GUI Get entry to with VNC over SSH

Take into account: VNC is setup however now not allowed over the gang. You will have to use an SSH tunnel to get right to use.

ssh -p $sshport -i ~/.ssh/threatbox_id_rsa -L 5901:localhost:5901 [email protected]$threatboxip

Notes at the drawback

This drawback makes use of ansbile roles. Those roles won’t precisely practice the ansible taste. They’ve been designed for use as a part of this drawback and use a unmarried ‘variable’ report to keep an eye on the issue. The jobs can simply be utilized in different drawback with minor tweaks.

Possible choices

ThreatBox Customized Instructions

Instrument Classes

Monitoring of all put in apparatus

Automated terminal logging

Customized terminal possible choices supply additional context

Subtle taste of the terminal 

Pipenv stay Python duties unbiased

Instance of SilentTrinity working in pipenv atmosphere

Supply : KitPloit – PenTest Equipment!

Leave a Reply

Your email address will not be published. Required fields are marked *

Donate Us