Basically it started off as me wanting a single tool with which to perform and automate the majority of the stuff i do on a regular basis. Like gathering hosts and checking hosts against information obtained through OSINT, port scanning, cross referencing enumerated services with lists of known vulnerabilities and generating payloads based on those results, automated recon as far as it concerns organizations and individuals and because i have an interested in all things malware, i'm writing stuff like templates as well, to have an easy way to get started and have most of the important things in place, without having to write something entirely unique depending on the situation.
However at some point i came to the realization that it would basically amount to a big ass wrapper for tools i often use including some of my own implementations. So that got me thinking, if i am basically automating my entire workflow wouldn't it be more justified to write a distro? However i don't think coming up with an entirely new distro would be justified either. A VM image would seem like the more reasonable choice. If i use LXC/QEMU-KVM as hypervisor through multipass combined with docker images running in there to support the tooling that's not usually supported on the Ubuntu Core versions i think i should be able to accomplish my goal.
Not only that it would be a lot more secure than just running this stuff on the host machine directly, especially since i came up with a pretty cool way to do C2 through OnionShare. If i have for instance my hidden pastebin service running as a static site through onionshare, where the pastes would consist of encoded instructions, i don't have to go through the trouble of setting a hidden service up through Docker but still have it contained within my Multipass Guest. And then i got to thinking, that what if i has a sort of bootstrap script to get Multipass and subsequent VMs installed, and do the same within the VM for the docker images i may need, this would be a pretty easy way to deploy some serious firepower in a relatively safe and accessible manner.
Relatively safe and accessible spells OSS Red Team capabilities for me personally. I could basically maintain the 'distro' through a sort of 'master copy' i host on a dedi and would commit updates to.
That'd be pretty cool, any thoughts on this? I don't often work with Docker, so getting all those set up appropriately within the VM in a manner that it works might be somewhat of a challenge. Or are you of the opinion that i should ditch LXC/Multipass entirely and just run a docker image that basically would be doing the same thing?
2020-11-25 at 4:56 PM UTC
livingelegy
motherfucker
[my polyoicous forward graciousness]
You should automate your molestation of children next
The following users say it would be alright if the author of this
post didn't die in a fire!
