diff options
Diffstat (limited to 'kali.yml')
| -rw-r--r-- | kali.yml | 334 |
1 files changed, 0 insertions, 334 deletions
diff --git a/kali.yml b/kali.yml deleted file mode 100644 index 7a65a77..0000000 --- a/kali.yml +++ /dev/null @@ -1,334 +0,0 @@ ---- - - hosts: localhost - become: yes - vars: - docker_repo_key: "https://download.docker.com/linux/debian/gpg" - docker_repo: "deb [arch=amd64] https://download.docker.com/linux/debian bullseye stable" - sublime_repo_key: "https://download.sublimetext.com/sublimehq-pub.gpg" - sublime_repo: "deb https://download.sublimetext.com/ apt/stable/" - ysoserial_jar: "https://github.com/frohoff/ysoserial/releases/latest/download/ysoserial-all.jar" - kitty_installer: "https://sw.kovidgoyal.net/kitty/installer.sh" - tasks: - - name: Confirming playbook was run properly - ansible.builtin.fail: - msg: "Do not call this playbook directly! Execute sudo bash setup.sh" - when: tmux is not defined or zsh_func is not defined - - - name: Add Docker repo key - ansible.builtin.shell: curl -fsSL {{ docker_repo_key }} | gpg --dearmor --batch --yes -o /etc/apt/trusted.gpg.d/docker-ce-keyring.gpg - - - name: Add Docker repo - ansible.builtin.apt_repository: - repo: "{{ docker_repo }}" - state: present - - - name: Add Sublime Text repo key - ansible.builtin.shell: curl -fsSL {{ sublime_repo_key }} | gpg --dearmor --batch --yes -o /etc/apt/trusted.gpg.d/sublime-text-keyring.gpg - - - name: Add Sublime Text repo - ansible.builtin.apt_repository: - repo: "{{ sublime_repo }}" - state: present - - - name: Ensuring all packages are up to date - ansible.builtin.apt: - update_cache: yes - upgrade: dist - - - name: Installing one-off packages from package manager - ansible.builtin.package: - name: - - bloodhound - - build-essential - - bytecode-viewer - - clang - - cmake - - crackmapexec - - curl - - default-jdk - - default-jre - - docker - - docker-compose - - eog - - feroxbuster - - flex - - forensics-extra - - gawk - - gdb - - gdbserver - - ghidra - - git - - gobuster - - golang-go - - jq - - jxplorer - - libffi-dev - - liblzma-dev - - libssl-dev - - libxml2-dev - - ltrace - - ncat - - neo4j - - ntpdate - - mingw-w64 - - patch - - powershell - - python3 - - python3-dev - - python3-pip - - p7zip-full - - remmina - - rlwrap - - samba - - seclists - - steghide - - strace - - sublime-text - - terminator - - tmux - - xclip - - xfce4-terminal - - zaproxy - - zlib1g-dev - state: latest - - - name: Install pwntools - ansible.builtin.pip: - name: git+https://github.com/Gallopsled/pwntools.git@dev - - - name: Clone Invoke-Obfuscation (•_•) ( •_•)>⌐■-■ (⌐■_■) - ansible.builtin.git: - repo: 'https://github.com/danielbohannon/Invoke-Obfuscation' - dest: /opt/Invoke-Obfuscation - - - name: Clone JumboJohn - ansible.builtin.git: - repo: 'https://github.com/magnumripper/JohnTheRipper' - dest: /opt/JohnTheRipper - - - name: Compiling JumboJohn, hold onto yer butts... - ansible.builtin.command: chdir=/opt/JohnTheRipper/src {{ item }} - with_items: - - ./configure - - make - - make install - - - name: Install trufflehog - ansible.builtin.pip: - name: trufflehog - - - name: Install LDAPDomainDump - ansible.builtin.pip: - name: ldapdomaindump - - - name: Clone Nishang - ansible.builtin.git: - repo: 'https://github.com/samratashok/nishang' - dest: /opt/nishang - - - name: Clone Chisel - ansible.builtin.git: - repo: 'https://github.com/jpillora/chisel' - dest: /opt/chisel - - - name: Clone LinEnum - ansible.builtin.git: - repo: 'https://github.com/rebootuser/LinEnum' - dest: /opt/LinEnum - - - name: Clone PEASS - ansible.builtin.git: - repo: 'https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite' - dest: /opt/privilege-escalation-awesome-scripts-suite - - - name: Clone PowerSploit - ansible.builtin.git: - repo: 'https://github.com/PowerShellMafia/PowerSploit' - dest: /opt/PowerSploit - - - name: Clone Impacket - ansible.builtin.git: - repo: 'https://github.com/SecureAuthCorp/impacket' - dest: /opt/impacket - - - name: Installing Impacket - ansible.builtin.shell: "python3 /opt/impacket/setup.py build && python3 /opt/impacket/setup.py install" - args: - chdir: /opt/impacket - - - name: Clone Bloodhound.py - ansible.builtin.git: - repo: 'https://github.com/fox-it/BloodHound.py.git' - dest: /opt/BloodHound.py - - - name: Clone PyFuscation - ansible.builtin.git: - repo: 'https://github.com/CBHue/PyFuscation.git' - dest: /opt/PyFuscation - - - name: Clone Gef - ansible.builtin.git: - repo: 'https://github.com/hugsy/gef.git' - dest: /opt/gef - - - name: Clone Static Binaries - ansible.builtin.git: - repo: 'https://github.com/andrew-d/static-binaries' - dest: /opt/static-binaries - - - name: Clone Ysoserial - ansible.builtin.git: - repo: 'https://github.com/frohoff/ysoserial' - dest: /opt/ysoserial - - - name: Clone Kerbrute - ansible.builtin.git: - repo: 'https://github.com/ropnop/kerbrute.git' - dest: /opt/kerbrute - - - name: Building Kerbrute... - ansible.builtin.command: chdir=/opt/kerbrute make linux - - - name: Downloading Ysoserial JAR file - ansible.builtin.get_url: - url: "{{ ysoserial_jar }}" - dest: /opt/ysoserial/ysoserial-all.jar - mode: '0644' - - - name: Get Evil-WinRM via gem installer - community.general.gem: - name: evil-winrm - norc: yes - state: latest - user_install: no - - - name: Getting all interactive users - ansible.builtin.shell: "awk -F: '{ if (($3 >= 1000 && $3 != 65534) || $3 == 0) print $1}' /etc/passwd" - register: users - - - name: Install Kitty Terminal Emulator 🐱 - ansible.builtin.shell: - cmd: "/usr/bin/curl -sL {{ kitty_installer }} | sh /dev/stdin dest=/opt launch=n" - - - name: Create Desktop Icon for Kitty 🐱 - ansible.builtin.copy: - dest: "/usr/share/applications/kitty.desktop" - content: | - [Desktop Entry] - Version=0.26.2 - Type=Application - Name=Kitty Terminal Emulator - Exec=/opt/kitty.app/bin/kitty - Icon=/opt/kitty.app/share/icons/hicolor/256x256/apps/kitty.png - Categories=Utility - - - name: Prepare kitty.conf files for all interactive users 🐱 - loop: "{{ users.stdout_lines }}" - ansible.builtin.file: - dest: "~{{ item }}/.config/kitty/" - state: directory - recurse: yes - owner: "{{ item }}" - group: "{{ item }}" - mode: 0755 - - - name: Prepare personalized configs for Kitty 🐱 - loop: "{{ users.stdout_lines }}" - ansible.builtin.blockinfile: - path: "~{{ item }}/.config/kitty/kitty.conf" - insertafter: EOF - create: yes - state: present - block: | - # New windows open in current directory - map ctrl+shift+enter launch --cwd=current - - # New tabs open in current directory - map ctrl+t new_tab --cwd=current - - # The coveted "zoom" function - map ctrl+shift+z toggle_layout stack - - # Disable mouse-click a link to open in a browser - mouse_map left click ungrabbed no_op - - - name: Disable mouse interactivity in vim (╯°□°)╯︵ ┻━┻ - ansible.builtin.blockinfile: - path: /etc/vim/vimrc - marker: "\" {mark} ANSIBLE MANAGED BLOCK" - insertafter: EOF - state: present - block: | - set mouse= - set ttymouse= - - - - name: Add sudo-NOPASSWD to users - loop: "{{ users.stdout_lines }}" - ansible.builtin.lineinfile: - path: /etc/sudoers - state: present - insertafter: EOF - line: "{{ item }} ALL=(ALL) NOPASSWD: ALL" - validate: /usr/sbin/visudo -cf %s - - - name: Initialize Gef for all users - ansible.builtin.script: /opt/gef/scripts/gef.sh - become_user: "{{ item }}" - loop: "{{ users.stdout_lines }}" - - - name: Copying over zsh functions file for all users - ansible.builtin.copy: - src: "{{ zsh_func }}" - dest: "~{{ item }}/.zsh_functions" - owner: "{{ item }}" - group: "{{ item }}" - mode: '0640' - loop: "{{ users.stdout_lines }}" - - - name: Enabling zsh functions - loop: "{{ users.stdout_lines }}" - ansible.builtin.blockinfile: - path: "~{{ item }}/.zshrc" - state: present - insertafter: EOF - owner: "{{ item }}" - block: | - if [ -f ~/.zsh_functions ]; then - source ~/.zsh_functions - fi - - - name: Copying over tmux config to all users - ansible.builtin.copy: - src: "{{ tmux }}" - dest: "~{{ item }}/.tmux.conf" - owner: "{{ item }}" - group: "{{ item }}" - mode: '0640' - loop: "{{ users.stdout_lines }}" - - - name: Create /srv/smb/ directory for payload population - ansible.builtin.file: - path: /srv/smb - state: directory - mode: '0755' - - - name: Creating IWR share in samba config - ansible.builtin.blockinfile: - path: /etc/samba/smb.conf - insertafter: EOF - state: present - block: | - [iwr] - comment = Invoke-WebReq'd em? Damn near killed em! - path = /srv/smb - guest ok = yes - browseable = yes - create mask = 0600 - directory mask = 0755 - - - name: Ensure that samba doesn't start on boot - ansible.builtin.systemd: - name: smbd - enabled: no - state: stopped |