# mandiant/commando-vm **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/mandiant-commando-vm).** 7,667 stars · 1,353 forks · PowerShell · Apache-2.0 ## Links - GitHub: https://github.com/mandiant/commando-vm - Homepage: https://www.mandiant.com/resources/blog/commando-vm-windows-offensive-distribution - awesome-repositories: https://awesome-repositories.com/repository/mandiant-commando-vm.md ## Topics `fireeye-flare` `penetration-testing` `red-teaming` `windows` ## Description Commando VM is a Windows-based penetration testing distribution and offensive security virtual machine. It serves as a toolset manager for deploying and maintaining a curated collection of security tools, scripts, and configurations designed for security auditing, red teaming, and adversary simulation. The project automates the provisioning of a specialized workstation by using PowerShell scripts and a modular repository to orchestrate the installation of offensive security software. It utilizes a community-driven package manager to handle dependency resolution and binary installations, ensuring a consistent environment for conducting network attacks and vulnerability research. The distribution further optimizes the host operating system through post-installation environment configurations, including system-wide registry changes and environment variable updates. These capabilities provide a dedicated infrastructure for performing formal security assessments and simulating advanced adversary tactics. ## Tags ### Security & Cryptography - [Security Audit Virtual Machines](https://awesome-repositories.com/f/security-cryptography/security-audit-virtual-machines.md) — Provides a specialized virtual machine image pre-loaded with a curated collection of offensive security tools. - [Penetration Testing Suites](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/offensive-red-team/offensive-security-frameworks/penetration-testing-suites.md) — Ships a complete suite of specialized tools designed to automate Windows-based security research and penetration testing. - [Red Team Workstations](https://awesome-repositories.com/f/security-cryptography/red-team-workstations.md) — Provides a specialized Windows environment designed for simulating advanced adversary attacks. ### Part of an Awesome List - [Penetration Testing Distributions](https://awesome-repositories.com/f/awesome-lists/devtools/penetration-testing-distributions.md) — Offers a pre-configured Windows operating system distribution bundled with a wide array of penetration testing utilities. - [Offensive Security Tools](https://awesome-repositories.com/f/awesome-lists/security/offensive-security-tools.md) — Provides a comprehensive suite of frameworks and utilities for reconnaissance, scanning, and exploitation. - [Pentesting Frameworks](https://awesome-repositories.com/f/awesome-lists/security/pentesting-frameworks.md) — Provides a comprehensive environment for orchestrating red team operations and security assessments. ([source](https://github.com/mandiant/commando-vm)) - [Red Team Operations](https://awesome-repositories.com/f/awesome-lists/security/red-team-operations.md) — Establishes a dedicated infrastructure and workstation for simulating advanced adversary tactics. ### Development Tools & Productivity - [Installation Scripts](https://awesome-repositories.com/f/development-tools-productivity/installation-scripts.md) — Uses automated PowerShell scripts to orchestrate the download and installation of diverse security tools. - [Toolsets](https://awesome-repositories.com/f/development-tools-productivity/modular-architecture/toolsets.md) — Organizes a vast array of security utilities into discrete, selectable toolsets for targeted deployment. - [Chocolatey Package Support](https://awesome-repositories.com/f/development-tools-productivity/chocolatey-package-support.md) — Provides integrated support for installing security tools via the Chocolatey package manager on Windows. - [Security Toolset Managers](https://awesome-repositories.com/f/development-tools-productivity/development-environment-management/apple-toolset-managers/security-toolset-managers.md) — Serves as a manager for deploying and updating a comprehensive repository of security tools on Windows. - [Security Tool Managers](https://awesome-repositories.com/f/development-tools-productivity/security-tool-managers.md) — Provides a system for the lifecycle management, updating, and maintenance of security binaries. ([source](https://github.com/mandiant/commando-vm/blob/main/README.md)) ### Operating Systems & Systems Programming - [OS Distributions](https://awesome-repositories.com/f/operating-systems-systems-programming/os-distributions.md) — Bundles a curated collection of security software and configurations into a specialized Windows distribution. - [OS Optimizations](https://awesome-repositories.com/f/operating-systems-systems-programming/system-administration-maintenance/system-administration-utilities/system-utilities/environment-configuration-tools/system-environment-customizers/environment-variable-configurations/os-optimizations.md) — Applies critical registry changes and environment updates to optimize Windows for offensive security activities. ### DevOps & Infrastructure - [Security Tool Image Deployment](https://awesome-repositories.com/f/devops-infrastructure/self-contained-deployments/bundled-image-deployment/security-tool-image-deployment.md) — Enables the deployment of pre-configured environments bundled with offensive security toolsets. ([source](https://github.com/mandiant/commando-vm/blob/main/README.md))