- Connect devices to the host system only
- Install MacOS VM;
- Parallels Tools on the guest VM (MacOSVM -> Install Parallels Tools).
- 4 CPUs, 8GB memory, 128GB disk;
- Disable Mapping Mac volumes to VM;
- Turn off bluetooth;
- General -> Disable AirDrop and Handoff;
- General -> Sharing -> Hostname
- Desktop -> Disable stage manager on Desktop;
- Desktop -> Disable suggestions and recent items;
- Desktop -> Disable click wallpaper to reveal Desktop;
- Desktop -> Right bottom hot corner to show Desktop;
- Turn off screen lock and screen saver;
- Remove all items from Dock.
- Add to Dock;
- Make Homebrew default profile;
- Bump font size to 15;
- Add current user to shortcuts and remove unused ones;
- Apply default group by name and sort by kind in grid view.
diskutil unmount /dev/disk1 # use mount command to check the name-
Use whatever VPN you like (you can easily reconnect in case you send too many bad requests to a target, and it blocks you);
-
Check VPN connection:
curl https://ipinfo.io- Enter Downloads folder first:
cd ~/Downloads-
Firefox:
- Install and add to Dock;
- Go to
about:config - Set
browser.urlbar.trimURLstofalse - Make Firefox a default browser.
- Change Home page to blank.
- Delete all default bookmarks.
- Disable saving passwords.
- Install command-line-tools:
-
Install Command-Line Tools:
xcode-select --install- Login to Github and add an ssh key:
ssh-keygen -t ed25519 -C "<email>"
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_ed25519
cat ~/.ssh/id_ed25519.pub- Download pentest-tools and clean the keys:
git clone [email protected]:maksyche/pentesting-tools.git ~/pentesting-tools \
&& rm -rf ~/pentesting-tools/.git \
&& rm -f ~/.ssh/id_ed25519 \
&& rm -f ~/.ssh/id_ed25519.pub- Install Homebrew:
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" \
&& (echo; echo 'eval "$(/opt/homebrew/bin/brew shellenv)"') >> /Users/kali/.zprofile \
&& eval "$(/opt/homebrew/bin/brew shellenv)"- Add more things to PATH:
sudo bash -c "echo /Users/kali/Library/Python/3.9/bin >> /etc/paths"- Install a bunch of useful tools:
brew install wget \
&& pip3 install wfuzz \
&& brew install hashcat \
&& brew install john-jumbo \
&& brew install feroxbuster \
&& brew install --cask sublime-text \
&& git clone https://github.com/victorporof/Sublime-HTMLPrettify.git ~/Library/Application\ Support/Sublime\ Text/Packages/Sublime-HTMLPrettify \
&& brew install openvpn \
&& brew install rlwrap \
&& brew install gnu-sed \
&& brew install node \
&& brew install brew-gem \
&& brew-gem install fpm \
&& brew install --cask mysql-shell \
&& brew install sqlcmd \
&& brew install redis \
&& sudo npm install --global jwt-cracker \
&& sudo pip3 install droopescan \
&& pip3 install wesng \
&& wget https://github.com/SecureAuthCorp/impacket/releases/download/impacket_0_11_0/impacket-0.11.0.tar.gz \
&& tar -xzf impacket-* \
&& cd impacket-0.11.0 \
&& sudo pip3 install . \
&& cd .. \
&& brew-gem install evil-winrm \
&& sudo pip3 install pyftpdlib \
&& brew-gem install highline \
&& sudo npm install --global xls2csv \
&& sudo npm install --global xlsx2csv \
&& sudo npm install --global doc2txt \
&& sudo npm install --global docx2txt
&& sudo pip3 install oletools \
&& brew install putty \
&& softwareupdate --install-rosetta --agree-to-license \
&& brew install --cask metasploit \
&& brew install jq \
&& brew install sqlmap \
&& brew install name-that-hash \
&& git clone https://github.com/spipm/Depix.git /Users/kali/depix \
&& brew install net-snmp \
&& brew install hydra \
&& sudo -H pip3 install dnsrecon \
&& git clone https://github.com/aboul3la/Sublist3r.git /Users/kali/sublist3r \
&& sudo pip install -r /Users/kali/sublist3r/requirements.txt \
&& brew install awscli- Download dictionaries:
wget https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt \
&& gsed -i '/^\s*$/d' ~/rockyou.txt \
&& git clone https://github.com/danielmiessler/SecLists.git \
&& git clone https://github.com/xmendez/wfuzz.git \
&& mv ./wfuzz/wordlist ~/wfuzz_wordlist \
&& rm -rf ./wfuzz- Nmap: https://nmap.org/download.html#macosx (open Zenmap to install Rozetta afterwards);
- Burp: https://portswigger.net/burp/communitydownload (then go to http://localhost:8080/ and import the certificate to Firefox);
- ZAP (Free intruder, do the same thing with the certificate): https://www.zaproxy.org/download/
- FoxyProxy for Burp: https://addons.mozilla.org/de/firefox/addon/foxyproxy-standard/ (then configure
127.0.0.18080proxy); - Install Python2: https://www.python.org/downloads/release/python-2718/;
- Install Go: https://go.dev/dl/;