-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathone-kali-setup.sh
executable file
·195 lines (181 loc) · 5.4 KB
/
one-kali-setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
#!/bin/bash
# System update
system_update() {
echo "Full system update:"
sudo apt update && sudo apt upgrade -y && sudo apt full-upgrade -y
sudo timedatectl set-timezone Europe/Prague
echo "System update finnished"
}
# Install tools
install_default() {
echo "Installing default apps:"
sudo apt install -y \
realtek-rtl88xxau-dkms \
autoconf \
automake \
neofetch \
golang \
jython \
maven \
powershell \
xclip \
remmina
mkdir ~/Git
# Add path for Go binaries
cat profile_additions.txt >> $HOME/.profile
echo "Default apps installed"
}
# Install tools and DBs
install_tools() {
echo "Installing tools and repos:"
sudo apt install -y \
seclists
# Install golang packages
go install github.com/projectdiscovery/cvemap/cmd/cvemap@latest
# Git tools and packages
git clone https://github.com/projectdiscovery/nuclei-templates.git $HOME/Git/nuclei-templates
git clone https://github.com/peass-ng/PEASS-ng.git $HOME/Git/PEAS-ng
echo "Tools installed"
# Tools adjustments and preparations
sudo msfdb init
}
# Install network tools
install_tools_network() {
echo "Installing network tools:"
sudo apt install -y \
yersinia \
zaproxy \
nuclei \
naabu \
bettercap \
sipvicious \
ssh-audit \
freeradius
}
# Install wireless tools
install_tools_wireless() {
echo "Installing wireless tools:"
sudo apt install -y \
eaphammer \
horst \
asleap \
hostapd-mana \
gpsd-clients \
gpsd-tools \
gpsd
git clone https://github.com/Kismon/kismon.git $HOME/Git/kismon
# Add kali user to Kismet group
sudo usermod -aG kismet kali
}
# Install web tools
install_tools_web() {
echo "Installing web tools:"
sudo apt install -y \
gobuster \
cyberchef \
seclists \
subfinder \
httpx-toolkit \
beef-xss
# Install Katana crawler
go install github.com/projectdiscovery/katana/cmd/katana@latest
# add Burp Suite Pro in future?
}
# SSH key re-generation
ssh-key-reconf() {
echo "SSH keys reconfiguration"
sudo mkdir /etc/ssh/old_keys
sudo mv /etc/ssh/ssh_host_* /etc/ssh/old_keys
sudo dpkg-reconfigure openssh-server
# add checksum checks in future
# sudo md5sum /etc/ssh/old_keys/ssh_host_*
# sudo md5sum /etc/ssh/ssh_host_*
echo "SSH keys reconfiguration done"
}
# SSH, RDP and Fail2Ban
remote_access() {
echo "setup remote access with firewall"
sudo apt install -y \
xrdp \
ufw \
fail2ban
sudo systemctl enable ssh
sudo systemctl start ssh
sudo systemctl enable xrdp
sudo systemctl start xrdp
# Instalation and setting up Fail2Ban
sudo apt install fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2ban
# add ufw with allowed SSH access
sudo ufw default allow incoming
sudo ufw default allow outgoing
sudo ufw deny 8834
sudo ufw allow OpenSSH # just sanity check if someone would change default incoming
sudo ufw enable
echo "firewall and remote access installed and configured"
}
# Install VSCode
vscode_install() {
echo "VSCode installation"
# MS apt repository and key manual installation
sudo apt install -y \
wget \
gpg
wget -qO- https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > packages.microsoft.gpg
sudo install -D -o root -g root -m 644 packages.microsoft.gpg /etc/apt/keyrings/packages.microsoft.gpg
echo "deb [arch=amd64,arm64,armhf signed-by=/etc/apt/keyrings/packages.microsoft.gpg] https://packages.microsoft.com/repos/code stable main" |sudo tee /etc/apt/sources.list.d/vscode.list > /dev/null
rm -f packages.microsoft.gpg
# Update the package cache and install the package using
sudo apt install -y \
apt-transport-https
sudo apt clean -y && sudo apt autoclean -y && sudo apt autoremove -y && sudo apt update -y
sudo apt install -y code # or code-insiders
# Set vscode as default editor
sudo update-alternatives --set editor /usr/bin/code
echo "VSCode installed"
}
# Install Nessus
nessus_install() {
echo "Installing Nessus"
nessus_latest_deb=$(curl -s https://www.tenable.com/downloads/api/v1/public/pages/nessus | grep -Po 'Nessus-\d+\.\d+\.\d+-debian10_amd64\.deb' | head -n 1)
sudo curl -o /tmp/$nessus_latest_deb --request GET https://www.tenable.com/downloads/api/v2/pages/nessus/files/$nessus_latest_deb
sudo dpkg -i /tmp/$nessus_latest_deb
sudo systemctl enable nessusd
sudo systemctl start nessusd
echo "Nessus Installed"
}
# .zshrc additions
zshrc_additions() {
echo ".zshrc file additions"
cat zshrc_additions.txt >> ~/.zshrc
echo ".zshrc additions complete"
}
# tmux configuration
tmux_config() {
echo "tmux configuration"
sudo apt install -y xsel
git clone https://github.com/mauzk0/one-tmux-conf.git ~/Git/one-tmux-conf
ln -s ~/Git/one-tmux-conf/.tmux.conf ~/.tmux.conf
echo "tmux configuration ready"
}
# clean
clean() {
sudo apt clean -y && sudo apt autoclean -y && sudo apt autoremove -y
}
# Script execution
echo "Starting additional Kali tools installation and configuration"
system_update
install_default
install_tools
install_tools_network
install_tools_wireless
install_tools_web
ssh-key-reconf
remote_access
vscode_install
nessus_install
zshrc_additions
tmux_config
clean
echo "Script finished"