OpenSecAtlas
OPENSECATLAS
11/12 free views
Script
Script
Penetration Testing & Red Teaming

kali-ctf-machine-setup

by fazlearefin

11stars
2forks
0watchers
Updated 11 months ago
About

Ansible playbooks to automate the installation of extra CTF and pentesting tools on Kali Linux, including vulnerable Docker images for practice.

Kali Linux extra useful packages for CTF and Pentest activities

Primary Use Case

This tool is designed for penetration testers and CTF enthusiasts who want to quickly set up a Kali Linux environment with additional useful tools and vulnerable applications for hands-on practice. It automates the installation and configuration process, saving time and ensuring a consistent setup for red teaming and exploitation exercises.

Key Features
  • Automated installation of extra CTF and pentesting tools on Kali Linux via Ansible
  • Optional deployment of vulnerable Docker images like OWASP Juice Shop and WebGoat
  • Pre-configured vulnerable environments including DVWA
  • Clones and sets up additional useful repositories for privilege escalation and phishing
  • Supports both vanilla Kali Linux installations and Kali virtual machine images
  • Provides a customization utility (kali-tweaks) for further environment adjustments

Installation

  • Ensure a plain vanilla Kali Linux installation, preferably a Kali virtual machine image
  • Optionally upgrade all installed packages: sudo apt update && sudo apt full-upgrade -y
  • Install git and ansible: sudo apt update && sudo apt install git ansible -y
  • If ansible package is unavailable, install ansible-core and required collections:
  • sudo apt install ansible-core -y
  • ansible-galaxy collection install ansible.posix community.general community.docker community.crypto
  • Clone the repository: git clone https://github.com/fazlearefin/kali-ctf-machine-setup.git
  • Navigate into the cloned directory: cd kali-ctf-machine-setup
  • Run the Ansible playbook to install tools without vulnerable Docker images:
  • ansible-playbook -vv -i localhost, -e "{ setup_vuln_docker_images: false }" -e "local_username=$(id -un)" -K main.yml

Usage

>_ ansible-playbook -vv -i localhost, -e "{ setup_vuln_docker_images: false }" -e "local_username=$(id -un)" -K main.yml

Installs extra CTF and pentest tools on Kali Linux without pulling vulnerable Docker images.

>_ ansible-playbook -vv -i localhost, -e "{ setup_vuln_docker_images: true }" -e "local_username=$(id -un)" -K main.yml

Installs extra CTF and pentest tools on Kali Linux including vulnerable Docker images.

>_ docker run --rm -d -p 3000:3000 --name juice-shop bkimminich/juice-shop

Runs the OWASP Juice Shop vulnerable web application container for local testing.

>_ docker run --rm -it -p 127.0.0.1:8080:8080 -p 127.0.0.1:9090:9090 -e TZ=UTC --name webgoat webgoat/webgoat

Runs the OWASP WebGoat vulnerable web application container for local testing.

>_ sudo systemctl start dvwa

Starts the Damn Vulnerable Web Application service on Kali Linux.

>_ kali-tweaks

Launches a utility for further customization of the Kali Linux setup.

Security Frameworks
Reconnaissance
Resource Development
Initial Access
Execution
Privilege Escalation
Usage Insights
  • Integrate with CI/CD pipelines to provide automated pentesting environments for developers.
  • Use the vulnerable Docker images for continuous red team training and purple team exercises.
  • Leverage the ansible automation to quickly spin up consistent environments for CTF competitions or red team engagements.
  • Combine with Metasploit or custom exploit scripts to automate exploitation workflows.
  • Use kali-tweaks customization to tailor environments for specific threat emulation scenarios or training needs.

Docs Take 2 Hours. AI Takes 10 Seconds.

Ask anything about kali-ctf-machine-setup. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.

This tool hasn't been indexed yet. Request indexing to enable AI chat.

Admin will review your request within 24 hours

Security Profile
Red Team90%
Blue Team30%
Purple Team70%
Details
LanguageShell
Open Issues2
Topics
ansible
kali
kali-linux
proxychains
setup
tor
capture-the-flag
ctf
pentest

Related Tools

Awesome-Hacking icon

Awesome-Hacking

Hack-with-Github/Awesome-Hacking

Documentation

A collection of various awesome lists for hackers, pentesters and security researchers

104.7K
3 months ago
hackingtool icon

hackingtool

Z4nzu/hackingtool

Tool

ALL IN ONE Hacking Tool For Hackers

54.5K
3 months ago
mitmproxy icon

mitmproxy

mitmproxy/mitmproxy

Tool

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

41.9K
3 months ago
sqlmap icon

sqlmap

sqlmapproject/sqlmap

Tool

Automatic SQL injection and database takeover tool

36.3K
3 months ago
metasploit-framework icon

metasploit-framework

rapid7/metasploit-framework

Tool

Metasploit Framework

35.7K
10 months ago
h4cker icon

h4cker

The-Art-of-Hacking/h4cker

Educational Resource

This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security, vulnerability research, exploit development, reverse engineering, and more. 🔥 Also check: https://hackertraining.org

24.8K
3 months ago