For this series, we will focus on attacking Windows Applications with a Windows OS. The Commando VM is Windows with a host of attack tools pre loaded. This Windows, with 150+ tools installed, is an excellent pen testing tool for red teaming, pen-testing or app testing.
Full details may be found here: Commando VM

Now let’s install windows 10. Feel free to chose whatever virtualization you like, I have tested this in VMWare and in VirtualBox. After installation, update the system, and perform any standard prerequisites you would like. From here we are ready to begin installing Commando. If you read the article, you know we need to head over to github. https://github.com/mandiant/commando-vm

Complete these changes to the system, then grab the source as a zip file. Change to the folder you just downloaded. Right click the start button and run Powershell as an admin.

From here, follow the directions on the GUI popup. If you are completely new, the lite version may be less overwhelming with all the tools available. I always choose the Full profile.

Note: This image can be used for two other VMs from Mandient Flare VM and ThreatPursuit-VM.


A small video showing the install.

After about 2 hours. We restart and Commando is installed!

Log in to the system, and become familiar with the tools available. On the desktop, a folder titled Tools will provide a quick start.