From b4b3d282b98cb5d7d644bd02a6a3963ee7f32ff4 Mon Sep 17 00:00:00 2001 From: Jeepler Date: Mon, 13 Jun 2016 19:24:23 -0500 Subject: [PATCH 1/8] pentesting --- customization/dark-theme.md | 12 ++ managing-os/kali.md | 60 -------- managing-os/pentesting.md | 19 +++ managing-os/pentesting/blackarch.md | 96 ++++++++++++ managing-os/pentesting/kali.md | 230 ++++++++++++++++++++++++++++ managing-os/pentesting/ptf.md | 126 +++++++++++++++ 6 files changed, 483 insertions(+), 60 deletions(-) create mode 100644 customization/dark-theme.md delete mode 100644 managing-os/kali.md create mode 100644 managing-os/pentesting.md create mode 100644 managing-os/pentesting/blackarch.md create mode 100644 managing-os/pentesting/kali.md create mode 100644 managing-os/pentesting/ptf.md diff --git a/customization/dark-theme.md b/customization/dark-theme.md new file mode 100644 index 00000000..4dada153 --- /dev/null +++ b/customization/dark-theme.md @@ -0,0 +1,12 @@ +--- +layout: doc +title: Qubes OS Dark Theme +permalink: /doc/dark-theme/ +--- + +Dark KDE in dom0 +---------------- + + +Dark Qube (VM) +-------------- diff --git a/managing-os/kali.md b/managing-os/kali.md deleted file mode 100644 index 466f4806..00000000 --- a/managing-os/kali.md +++ /dev/null @@ -1,60 +0,0 @@ ---- -layout: doc -title: How to create a Kali Linux VM -permalink: /doc/kali/ ---- - -How to Create a Kali Linux VM -============================= - -This guide is being created to give guidance on ways in which you could implement Kali Pen-Testing distrubution within Qubes-OS. - -There are multiple ways in which this can be achieved, for example you could create a HVM and use the ISO to install the system straight to that virtual machine. - - -Build Based on Debian Template ---- - -1 - Install debian-8 template (if not already installed) - -2 - Clone debian-8 template - -3 - Add kali repo to /etc/apt/sources.list: - - * deb http://http.kali.org/kali kali-rolling main non-free contrib - -4 - Find and add kali signing keys: - - * gpg --keyserver hkp://keys.gnupg.net --recv-key 7D8D0BF6 (this is the key ID I found on Kali web site) - - * gpg --list-keys --with-fingerprint 7D8D0BF6 - - * gpg --export --armor 7D8D0BF6 > kali.asc - - * sudo apt-key add kali.asc - - * sudo apt-key list - -5 - sudo apt-get update - -6 - sudo halt - -7 - backup template (cloned...) - -8 - sudo apt-get apt-get install kali-*** (or similar) --> installs fine but break the template X settings. As mentioned, X packaged need to be masked prior to this, I did not take the time to look-up how to do that... - -9 - Create a appvm from the kali template and attach necessary devices. - - -Note: - -If you do not want to modify the sources.list file and add the signing keys yourself, alternatively you can use KATOOLIN after cloning the Debian Template. Guide on how to use KATOOLIN - http://www.tecmint.com/install-kali-linux-tools-using-katoolin-on-ubuntu-debian/ - - - -Alternative Options to Kali ---- - -PenTester Framework (PTF) - - diff --git a/managing-os/pentesting.md b/managing-os/pentesting.md new file mode 100644 index 00000000..291a7a90 --- /dev/null +++ b/managing-os/pentesting.md @@ -0,0 +1,19 @@ +--- +layout: doc +title: Penetration Testing +permalink: /doc/pentesting/ +--- + +Penetration Testing +=================== + +"A penetration test, informally pen test, is an attack on a computer system that looks for security weaknesses, potentially gaining access to the computer's features and data." (source [Penetration test](https://en.wikipedia.org/wiki/Penetration_test)). + +Penetration Testing Distributions: +---------------------------------- + +The following install instructions explain how to setup a penetration testing distribution within Qubes OS. + +- [BlackArch](/doc/blackarch/) +- [Kali](/doc/kali/) +- [PenTester Framework (PTF)](/doc/ptf/) diff --git a/managing-os/pentesting/blackarch.md b/managing-os/pentesting/blackarch.md new file mode 100644 index 00000000..2db1ebac --- /dev/null +++ b/managing-os/pentesting/blackarch.md @@ -0,0 +1,96 @@ +--- +layout: doc +title: How to Create a BlackArch VM +permalink: /doc/blackarch/ +--- + +How to Create a BlackArch VM +============================ + +[BlackArch](http://www.blackarch.org) Linux is an [Arch Linux](http://www.archlinux.org/)-based distribution for penetration testers and security researchers. The repository contains [1434](http://www.blackarch.org/tools.html) tools. + +- List of [tools](http://www.blackarch.org/tools.html) +- [Installation Instructions](http://www.blackarch.org/downloads.html) + +Create ArchLinux Based BlackArch Template +----------------------------------------- + +0 - Create ArchlLinux Template + + - Follow the [Archlinux Template instructions](/doc/templates/archlinux/) + +1 - Update Template + +~~~ +sudo pacman -Syyu +~~~ + +2 - Clone template + +1. Via Qubes VM Manager + +2. Via command line + + ~~~ + qvm-clone archlinux blackarch + ~~~ + +3 - Install BlackArch repository + +~~~ +$ curl -O https://blackarch.org/strap.sh + +# The SHA1 sum should match: 86eb4efb68918dbfdd1e22862a48fda20a8145ff +$ sha1sum strap.sh + +# Set execute bit +$ chmod +x strap.sh + +# Run strap.sh +$ sudo ./strap.sh +~~~ + +4 - Install tools + + - install all tools + + ~~~ + sudo pacman -S blackarch + ~~~ + + - or by category: + + ~~~ + # list available categories + pacman -Sg | grep blackarch + + # install category + sudo pacman -S blackarch- + + # example + sudo pacman -S blackarch-forensic + ~~~ + + - or specific tool + + ~~~ + # Search for tool + pacman -Ss + + # Install tool + sudo pacman -S + + # Example + pacman -Ss burpsuite + sudo pacman -S burpsuite + ~~~ + +5 - Create a AppVMs based on the `ptf` template + + - (Optional) Attach necessary devices + +Alternative Options to BlackArch +-------------------------------- + + - [Kali](/doc/kali/) + - [PenTester Framework (PTF)](/doc/ptf/) diff --git a/managing-os/pentesting/kali.md b/managing-os/pentesting/kali.md new file mode 100644 index 00000000..36c95ab1 --- /dev/null +++ b/managing-os/pentesting/kali.md @@ -0,0 +1,230 @@ +--- +layout: doc +title: How to create a Kali Linux VM +permalink: /doc/kali/ +--- + +How to Create a Kali Linux VM +============================= + +This guide is being created to give guidance on ways in which you could create a [Kali Linux](https://www.kali.org/) penetration testing VM (Qube) in Qubes OS. + +Kali Linux is the most widely used penetration testing Linux distribution. + +There are multiple ways to create a Kali Linux VM. One way is to create a HVM and use the offical ISO to install the system or convert a [Virtual Image](https://www.offensive-security.com/kali-linux-vmware-virtualbox-image-download/). Another way is to clone the Qubes OS Debian image and turn it into a Kali Linux distribution. + +Kali Linux HVM +-------------- + +0 - Download the Kali installation DVD + +1 - Create a new HVM + +2 - Start the HVM with attached CD/DVD + +~~~ +qvm-start --cdrom :/home/user/Downloads/.iso +~~~ + +Create Debian Based Kali Template +--------------------------------- + +0 - (Optional) Install `debian-8` template (if not already installed) + +1 - Update your `debian-8` template + +~~~ +sudo apt-get update +sudo apt-get dist-upgrade +~~~ + +2 - Clone `debian-8` template (two options) + + 1. Via Qubes VM Manager + + ![Clone Debian Template](/attachment/wiki/Pentesting/Kali/clone-kali.png) + + 2. Via command line + + ~~~ + qvm-clone debian-8 kali + ~~~ + +3 - Start and upgrade the `kali` Template from Debian 8 to Debian 9 + +~~~ +user@kali:~$ sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list +user@kali:~$ sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list.d/qubes-r3.list +user@kali:~$ sudo apt-get update +user@kali:~$ sudo apt-get dist-upgrade +user@kali:~$ sudo apt-get autoremove +~~~ + +NOTICE: From now on there are two possible ways either doing everything manually or automatically with [Katoolin](https://github.com/LionSec/katoolin). + +Katoolin is a script (written in Python) which helps you to install Kali tools. + +4 *manually* - Add Kali Linux repositories + + 1. Add Kali Linux repositories to `/etc/apt/sources.list` + + ~~~ + deb http://http.kali.org/kali kali-rolling main contrib non-free + deb http://repo.kali.org/kali kali-bleeding-edge main + ~~~ + + 2. Add kali signing key + + - The signing key can be found here [Download Kali Linux Images Securely](https://www.kali.org/downloads/) + + ~~~ + sudo apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 7D8D0BF6 + sudo apt-get update + ~~~ + + + +4 *katoolin* - Install Katoolin and add Kali Linux repositories + + 1. Install Katoolin + + ~~~ + sudo apt-get install git + git clone https://github.com/LionSec/katoolin.git + sudo cp katoolin/katoolin.py /usr/bin/katoolin + sudo chmod +x /usr/bin/katoolin + rm -rf katoolin + ~~~ + + 2. Add Kali Linux repositories + + - start katoolin + + ~~~ + sudo katoolin + ~~~ + + - select 'Add Kali repositories & Update' + + ~~~ + 1) Add Kali repositories & Update + 2) View Categories + 3) Install classicmenu indicator + 4) Install Kali menu + 5) Help + + kat > 1 + ~~~ + + ![Add Kali repositories and Update menu](/attachment/wiki/Pentesting/Kali/katoolin-add-update-repo-menu.png) + + - select 'Add kali linux repositories' + + ~~~ + 1) Add kali linux repositories + 2) Update + 3) Remove all kali linux repositories + 4) View the contents of sources.list file + + What do you want to do ?> 1 + ~~~ + + ![Add Kali repositories](/attachment/wiki/Pentesting/Kali/katoolin-add-repos-menu.png) + + - update Kali repositories + + ~~~ + 1) Add kali linux repositories + 2) Update + 3) Remove all kali linux repositories + 4) View the contents of sources.list file + + What do you want to do ?> 2 + ~~~ + + - quit katoolin by pressing `CRTL` + `c` keys + + ~~~ + What do you want to do ?> ^CShutdown requested...Goodbye... + ~~~ + +5 - Cleanup and update `kali` template + +~~~ +sudo apt-get dist-upgrade +sudo apt-get autoremove +~~~ + + +6 - Shutdown and trim `kali` template + + - Shutdown `kali` template + + ~~~ + sudo shutdown -h now + ~~~ + + - In `dom0` console: + + ~~~ + qvm-trim-template kali + ~~~ + +7 - Start image + +8 *manually* - Install tools + + 1. List available packages + + ~~~ + sudo apt-cache search kali-linux + ~~~ + + 2. Select and install tools + + - install base system + + ~~~ + sudo apt-get install kali-linux + ~~~ + + - or install all tools + + ~~~ + sudo apt-get install kali-linux-full + ~~~ + + - or select specific (example): + + ~~~ + sudo apt-get install kali-linux-top10 kali-linux-web + ~~~ + +8 *katoolin* - Install tools + + 1. View Categories + + - start katoolin + + ~~~ + sudo katoolin + ~~~ + + - select `2) View Categories` + + 2. Select the categories/tools you want to install + + - For more information on how to use Katoolin see [How to Auto Install All Kali Linux Tools Using “Katoolin” on Debian/Ubuntu](http://www.tecmint.com/install-kali-linux-tools-using-katoolin-on-ubuntu-debian/) + + - **Note:** The `all` option does not work for `Information Gathering`, `Web Apps`, `Forensic Tools`, `Reverse Engineering` and `Extra`. + +9 - Create a AppVMs based on the `kali` template + + - (Optional) Attach necessary devices + + +Alternative Options to Kali +--------------------------- + +- [BlackArch](/doc/blackarch/) +- [PenTester Framework (PTF)](/doc/ptf/) diff --git a/managing-os/pentesting/ptf.md b/managing-os/pentesting/ptf.md new file mode 100644 index 00000000..d1597f25 --- /dev/null +++ b/managing-os/pentesting/ptf.md @@ -0,0 +1,126 @@ +--- +layout: doc +title: How to create Penetration Testers Framework (PTF) VM +permalink: /doc/ptf/ +--- + +How to create Penetration Testers Framework (PTF) VM +==================================================== + +"The PenTesters Framework (PTF) is a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. + +PTF attempts to install all of your penetration testing tools (latest and greatest), compile them, build them, and make it so that you can install/update your distribution on any machine." (source [PTF Readme](https://github.com/trustedsec/ptf/blob/master/README.md)) + +1 - Create PTF template + + 1. Follow the [Create Debian Based Kali Template](/doc/kali/) till step 7. + 2. (Optional) Rename the cloned template to `ptf` + +2 - Download PTF + +~~~ +sudo apt-get install git +cd /opt +sudo git clone https://github.com/trustedsec/ptf.git +~~~ + + - (Optional) Configure PTF + + 1. Go to configuration directory + + ~~~ + cd /opt/ptf/config + ~~~ + + 2. Edit the configuration file + + for example by using vim: + + ~~~ + sudo vim ptf.config + ~~~ + + The configuration options are described in the `ptf.config` file + +4 - Install PTF + +~~~ +cd /opt/ptf +sudo ./ptf +~~~ + +**Note:** the config file has to be in the same directory as the executable. It is not +possible to do sudo ptf/ptf + +PTF will put itself into `/usr/local/bin/ptf`. You can use `ptf` from now on. + +5 - Install/Update modules (tools) + + 1. Start PTF + + ~~~ + sudo ptf + ~~~ + + 2. Show available modules (tools) + + ~~~ + ptf> show modules + ~~~ + + 3. Install/Update modules (all/) + + - Install/Update all tools + + ~~~ + ptf> use modules/install_update_all + ~~~ + + - or by category Install/Update + + ~~~ + ptf> use modules/code-audit/install_update_all + ~~~ + + - or individually (example Metasploit) + + 1. Search for module + + ~~~ + ptf> search metasploit + [*] Search results below: + modules/exploitation/metasploit + ~~~ + + 2. Use module + + ~~~ + ptf> use modules/exploitation/metasploit + ptf:(modules/exploitation/metasploit)> + ~~~ + + 3. Install module + + ~~~ + ptf:(modules/exploitation/metasploit)>install + ~~~ + + 4. Run Metasploit + + ~~~ + ptf:(modules/exploitation/metasploit)>exit + ptf> quit + [*] Exiting PTF - the easy pentest platform creation framework. + ~$ sudo msfconsole + ~~~ + +6 - Create a AppVMs based on the `ptf` template + + - (Optional) Attach necessary devices + + +Alternative Options to PTF +-------------------------- + +- [BlackArch](/doc/blackarch/) +- [Kali](/doc/kali/) From 4f7ce4145ba1ff0752378a3ce2ef8a6a1d340a40 Mon Sep 17 00:00:00 2001 From: Jeepler Date: Tue, 14 Jun 2016 08:52:17 -0500 Subject: [PATCH 2/8] added reason in PTF for installing Debian testing first --- customization/dark-theme.md | 4 +++- managing-os/pentesting/ptf.md | 5 +++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/customization/dark-theme.md b/customization/dark-theme.md index 4dada153..91bd5e58 100644 --- a/customization/dark-theme.md +++ b/customization/dark-theme.md @@ -1,6 +1,6 @@ --- layout: doc -title: Qubes OS Dark Theme +title: Dark Theme in Dom0 and DomU permalink: /doc/dark-theme/ --- @@ -8,5 +8,7 @@ Dark KDE in dom0 ---------------- + + Dark Qube (VM) -------------- diff --git a/managing-os/pentesting/ptf.md b/managing-os/pentesting/ptf.md index d1597f25..7f2f2abc 100644 --- a/managing-os/pentesting/ptf.md +++ b/managing-os/pentesting/ptf.md @@ -11,6 +11,11 @@ How to create Penetration Testers Framework (PTF) VM PTF attempts to install all of your penetration testing tools (latest and greatest), compile them, build them, and make it so that you can install/update your distribution on any machine." (source [PTF Readme](https://github.com/trustedsec/ptf/blob/master/README.md)) +**Note** PTF works on Debian testing as well as on Debian 8. PTF itself works with Debian 8, but the software tools will have missing dependencies. Metasploit for examples requires a newer Ruby version than Debian 8 has in the repositories. Therefor the best way to install PTF is by upgrading a Debian 8 into Debian testing with additional Kali repositories. Instead of installing the tools from Kali, PTF will install and update the newest tools. + +How to create Penetration Testers Framework (PTF) VM +---------------------------------------------------- + 1 - Create PTF template 1. Follow the [Create Debian Based Kali Template](/doc/kali/) till step 7. From 808df8591f9e27e75b281e19dc9c09072cea2e90 Mon Sep 17 00:00:00 2001 From: Jeepler Date: Tue, 14 Jun 2016 09:09:21 -0500 Subject: [PATCH 3/8] added image to PTF --- managing-os/pentesting/ptf.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/managing-os/pentesting/ptf.md b/managing-os/pentesting/ptf.md index 7f2f2abc..43dd9643 100644 --- a/managing-os/pentesting/ptf.md +++ b/managing-os/pentesting/ptf.md @@ -13,8 +13,8 @@ PTF attempts to install all of your penetration testing tools (latest and greate **Note** PTF works on Debian testing as well as on Debian 8. PTF itself works with Debian 8, but the software tools will have missing dependencies. Metasploit for examples requires a newer Ruby version than Debian 8 has in the repositories. Therefor the best way to install PTF is by upgrading a Debian 8 into Debian testing with additional Kali repositories. Instead of installing the tools from Kali, PTF will install and update the newest tools. -How to create Penetration Testers Framework (PTF) VM ----------------------------------------------------- +Create Debian Based Penetration Testers Framework (PTF) Template +---------------------------------------------------------------- 1 - Create PTF template @@ -67,6 +67,8 @@ PTF will put itself into `/usr/local/bin/ptf`. You can use `ptf` from now on. sudo ptf ~~~ + ![PTF start banner](/attachment/wiki/Pentesting/PTF/ptf-banner.png) + 2. Show available modules (tools) ~~~ From b514a50560c8eecbd590a22e264195099415ff11 Mon Sep 17 00:00:00 2001 From: Jeepler Date: Wed, 15 Jun 2016 18:48:47 -0500 Subject: [PATCH 4/8] dark-theme finished; kali and ptf images paths adjusted; articles linked to doc.md --- customization/dark-theme.md | 204 ++++++++++++++++++++++++++++++++- doc.md | 5 +- managing-os/pentesting/kali.md | 6 +- managing-os/pentesting/ptf.md | 2 +- 4 files changed, 209 insertions(+), 8 deletions(-) diff --git a/customization/dark-theme.md b/customization/dark-theme.md index 91bd5e58..b82ba8a3 100644 --- a/customization/dark-theme.md +++ b/customization/dark-theme.md @@ -4,11 +4,209 @@ title: Dark Theme in Dom0 and DomU permalink: /doc/dark-theme/ --- -Dark KDE in dom0 +Dark Theme in Dom0 +================== + +Dark KDE in Dom0 ---------------- +The following text describes how to change the default light theme to a dark theme. This is just an example, feel free to adjust the appearance to your taste. + +The image below shows the default light theme after installation. +![begin light theme](/attachment/wiki/Dark-Theme/kde-fresh-installed-standard.png) + +This is the result after applying the steps described here. +![end result dark theme](/attachment/wiki/Dark-Theme/kde-end-result.png) + +1 - Change `Workspace Appearance` + + 1. Open the `Workspace Appearance` window + + ~~~ + Qubes Menu -> System Tools -> System Settings -> Workspace Appearance + ~~~ + + ![Workspace Appearance](/attachment/wiki/Dark-Theme/kde-app-appearance-menu-style.png) + + 2. Go to `Desktop Theme` + + ![Desktop Menu](/attachment/wiki/Dark-Theme/kde-appearance-settings-desktop-theme-oxygen.png) + + 3. Select `Oxygen` and `Apply` the change + +2 - (Optional) Remove blue glowing task items + +![blue glowing task bar items](/attachment/wiki/Dark-Theme/kde-taskbar-blue-glowing-border.png) + + 1. Adjust Oxygen `Details` + + ~~~ + Qubes Menu -> System Tools -> System Settings -> Workspace Appearance -> Desktop Theme -> Details (Tab) + ~~~ + + 2. Select `Oxygen` + + 3. Change `Theme Item -> Task Items` from `Oxygen Task Items` to `Air Task Items` + + ![Change Task items look](/attachment/wiki/Dark-Theme/kde-desktop-theme-details.png) + 4. Apply changes + + ![task bar items blue glowing removed](/attachment/wiki/Dark-Theme/kde-taskbar-blue-glowing-removed.png) + +3 - Change `Application Appearance` + + 1. Open the `Application Appearance` window + + ~~~ + Qubes Menu -> System Tools -> System Settings -> Application Appearance + ~~~ + + 2. Go to `Colors` + + ![colors tab](/attachment/wiki/Dark-Theme/kde-app-appearance-menu-colors.png) + + 3. Select `Obsidian Coast` + + ![set to Obsidian Coast](/attachment/wiki/Dark-Theme/kde-app-appearance-menu-colors-set.png) + + 4. Apply Changes + + Qubes VM Manager should now look like the image below. + + ![result black Qubes Manager](/attachment/wiki/Dark-Theme/kde-black-qubes-manager.png) + +**Note:** Chaning the `Window Decorations` from `Plastik for Qubes` will remove the border color and the VM name. The problem with `Plastik for Qubes` is it does not overwrite the background and text color for Minimize, Maximize and Close buttons. The three button are therefor hard to read. + +Dark XCFE in Dom0 +----------------- + +The following text describes how to change the default light theme to a dark theme. This is just an example, feel free to adjust the appearance to your taste. + +The image below shows the default light theme after installation. +![begin light theme](/attachment/wiki/Dark-Theme/xfce-fresh-installed.png) + +This is the result after applying the steps described here. +![end result dark theme](/attachment/wiki/Dark-Theme/xfce-end-result.png) + +1 - Change Appearance + + 1. Open the `Appearance` dialog + + ~~~ + Qubes Menu -> System Tools -> Appearance + ~~~ + + ![appearance dialog](/attachment/wiki/Dark-Theme/xfce-appearance-dialog.png) + + 2. Change Style to `Albatross` + +**Note:** The black appearance theme `Xfce-dusk` makes the VM names in the `Qubes OS Manager` unreadable. + +2 - *(Optional)* Change Window Manager Style + + 1. Open the `Window Manager` dialog + + ~~~ + Qubes Menu -> System Tools -> Appearance + ~~~ + + ![window manager dialog](/attachment/wiki/Dark-Theme/xfce-window-manager-theme.png) + + 2. Change the Theme in the `Style` Tab (e. g. Defcon-IV). All available themes work. +Dark App VM, Template VM, Standalone VM, HVM (Linux Gnome) +========================================================== -Dark Qube (VM) --------------- +Almost all Qubes VM's are based on the Gnome desktop. Therefor the description below is focused on the Gnome Desktop Environment. + +Using `Gnome-Tweak-Tool` +------------------------ + +The advantage of creating a dark themed Template VM is, that each AppVM which is derived from the Template VM will be dark themed by default. + +**Note:** Gnome-Tweak-Tool crashes under Archlinux. A workaround is to assign the AppVM to another TemplateVM (Debian, Fedora) which has Gnome-Tweak-Tool installed. Start the AppVM and configure the settings. Shutdown the machine and switch the template VM back to Archlinux. + +0 - Start VM + +**Note:** In case of App VM start the Template on which the AppVM is based on. + +1 - Install `Gnome-Tweak-Tool` + + 1. Fedora + + ~~~ + sudo dnf install gnome-tweak-tool + ~~~ + + 2. Debian + + ~~~ + sudo apt-get install gnome-tweak-tool + ~~~ + +2 - *(Only AppVM)* Stop template and start AppVM + +3 - Add `Gnome-Tweak-Tool` to the Application Menu + + 1. `Right-click` on VM entry in `Qubes VM Manager` select `Add/remove app shortcuts` + + 2. Select `Tweak Tool` and press the `>` button to add it + + ![Application Dialog](/attachment/wiki/Dark-Theme/dialog-add-gnome-tweak-tool.png) + +4 - Enable `Global Dark Theme` + + 1. *Debian only* + + ~~~ + cd ~/.config/ + mkdir gtk-3.0 + cd gtk-3.0/ + touch settings.ini + ~~~ + + 2. Start `Tweak Tool` from the VM application menu and set the `Global Dark Theme` switch to `on` + + ![Global Dark Theme enabled](/attachment/wiki/Dark-Theme/gnome-tweak-tool.png) + +5 - *(Optional)* Modify Firefox + +**Note:** Firefox uses GTK style settings by default. This can create side effects such as unusable forms or search fields. There are two different ways to avoid this. Either by using a add-on or by overwriting the defaults. + + - use the theme [GTK+ Dark Theme Global Fixes](https://userstyles.org/styles/111694/gtk-dark-theme-global-fixes) and the [Stylish](https://addons.mozilla.org/en-US/firefox/addon/stylish/) addon + + - or add the following line to `/rw/config/rc.local` + + ~~~ + sed -i.bak "s/Exec=firefox %u/Exec=bash -c 'GTK_THEME=Adwaita:light firefox %u'/g" /usr/share/applications/firefox.desktop + ~~~ + +6 - Restart VM or all application + +Manually +-------- + +Manually works for Debian, Fedora and Archlinux. + +0 - Start VM + +**Note:** In case of App VM start the Template on which the AppVM is based on. + +1 - Enable `Global Dark Theme` + +~~~ +cd ~/.config/ +mkdir gtk-3.0 +cd gtk-3.0/ +touch settings.ini +~~~ + +add the following lines to `settings.ini` + +~~~ +[Settings] +gtk-application-prefer-dark-theme=1 +~~~ + +2 - follow step 5 and 6 in: Using `Gnome-Tweak-Tool` diff --git a/doc.md b/doc.md index 4060e4c1..373a8c90 100644 --- a/doc.md +++ b/doc.md @@ -63,6 +63,9 @@ Managing Operating Systems within Qubes * [Templates: Archlinux](/doc/templates/archlinux/) * [Templates: Ubuntu](/doc/templates/ubuntu/) * [Templates: Whonix](/doc/whonix/) + * [Pentesting: BlackArch](/doc/pentesting/blackarch/) + * [Pentesting: Kali](/doc/pentesting/kali/) + * [Pentesting: PTF](/doc/pentesting/ptf/) * [Installing and Using Windows-based AppVMs (Qubes R2 Beta 3 and later)](/doc/windows-appvms/) * [Creating and Using HVM and Windows Domains (Qubes R2+)](/doc/hvm/) * [Advanced options and troubleshooting of Qubes Tools for Windows (R3)](/doc/windows-tools-3/) @@ -139,6 +142,7 @@ Customization Guides * [Installing XFCE in dom0](/doc/xfce/) * [Installing i3 in dom0](/doc/i3/) * [Language Localization](/doc/language-localization/) + * [Dark Theme in Dom0 and DomU](/doc/dark-theme/) Troubleshooting @@ -187,4 +191,3 @@ For Developers * [Qubes OS License](/doc/license/) * [Style Guide](/doc/style-guide/) * [Usability & UX](/doc/usability-ux/) - diff --git a/managing-os/pentesting/kali.md b/managing-os/pentesting/kali.md index 36c95ab1..fe8ed787 100644 --- a/managing-os/pentesting/kali.md +++ b/managing-os/pentesting/kali.md @@ -42,7 +42,7 @@ sudo apt-get dist-upgrade 1. Via Qubes VM Manager - ![Clone Debian Template](/attachment/wiki/Pentesting/Kali/clone-kali.png) + ![Clone Debian Template](/attachment/wiki/Kali/clone-kali.png) 2. Via command line @@ -116,7 +116,7 @@ Katoolin is a script (written in Python) which helps you to install Kali tools. kat > 1 ~~~ - ![Add Kali repositories and Update menu](/attachment/wiki/Pentesting/Kali/katoolin-add-update-repo-menu.png) + ![Add Kali repositories and Update menu](/attachment/wiki/Kali/katoolin-add-update-repo-menu.png) - select 'Add kali linux repositories' @@ -129,7 +129,7 @@ Katoolin is a script (written in Python) which helps you to install Kali tools. What do you want to do ?> 1 ~~~ - ![Add Kali repositories](/attachment/wiki/Pentesting/Kali/katoolin-add-repos-menu.png) + ![Add Kali repositories](/attachment/wiki/Kali/katoolin-add-repos-menu.png) - update Kali repositories diff --git a/managing-os/pentesting/ptf.md b/managing-os/pentesting/ptf.md index 43dd9643..96fd241f 100644 --- a/managing-os/pentesting/ptf.md +++ b/managing-os/pentesting/ptf.md @@ -67,7 +67,7 @@ PTF will put itself into `/usr/local/bin/ptf`. You can use `ptf` from now on. sudo ptf ~~~ - ![PTF start banner](/attachment/wiki/Pentesting/PTF/ptf-banner.png) + ![PTF start banner](/attachment/wiki/PTF/ptf-banner.png) 2. Show available modules (tools) From 8ce887cc0528c0ffa05e8223b77c83f6f75767f6 Mon Sep 17 00:00:00 2001 From: Jeepler Date: Wed, 15 Jun 2016 19:11:12 -0500 Subject: [PATCH 5/8] Warning for manual Kali linux installation added --- managing-os/pentesting/kali.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/managing-os/pentesting/kali.md b/managing-os/pentesting/kali.md index fe8ed787..20a04217 100644 --- a/managing-os/pentesting/kali.md +++ b/managing-os/pentesting/kali.md @@ -174,6 +174,8 @@ sudo apt-get autoremove 8 *manually* - Install tools +**Warning:** `kali-linux` and `kali-linux-full` does currently not work properly. Please use `Katoolin` or `PTF`. + 1. List available packages ~~~ From eb62b13c09ec10b0e993e607439b1457e18bcb66 Mon Sep 17 00:00:00 2001 From: Jeepler Date: Fri, 17 Jun 2016 10:47:33 -0500 Subject: [PATCH 6/8] linked pentesting --- doc.md | 1 + 1 file changed, 1 insertion(+) diff --git a/doc.md b/doc.md index c69d689e..32fe9a49 100644 --- a/doc.md +++ b/doc.md @@ -64,6 +64,7 @@ Managing Operating Systems within Qubes * [Templates: Ubuntu](/doc/templates/ubuntu/) * [Templates: Whonix](/doc/whonix/) * [How to Reinstall a TemplateVM](/doc/reinstall-template) + * [Pentesting](/doc/pentesting/) * [Pentesting: BlackArch](/doc/pentesting/blackarch/) * [Pentesting: Kali](/doc/pentesting/kali/) * [Pentesting: PTF](/doc/pentesting/ptf/) From c4dd8860fc81899ab7844081412755db67563a77 Mon Sep 17 00:00:00 2001 From: Jeepler Date: Fri, 17 Jun 2016 11:19:35 -0500 Subject: [PATCH 7/8] legal notice and general remainder --- managing-os/pentesting.md | 6 ++++++ managing-os/pentesting/blackarch.md | 8 ++++++++ managing-os/pentesting/kali.md | 8 ++++++++ managing-os/pentesting/ptf.md | 8 ++++++++ 4 files changed, 30 insertions(+) diff --git a/managing-os/pentesting.md b/managing-os/pentesting.md index 291a7a90..351618c5 100644 --- a/managing-os/pentesting.md +++ b/managing-os/pentesting.md @@ -4,6 +4,12 @@ title: Penetration Testing permalink: /doc/pentesting/ --- +**Legal notice:** + +The usage of penetration testing tools outside your own laboratory environment requires the permission of the organization you attack. Penetration testing without such a permission can have legal consequences. + +To avoid such legal conflicts please refer to the [Code of Ethics](https://www.eccouncil.org/Support/code-of-ethics). + Penetration Testing =================== diff --git a/managing-os/pentesting/blackarch.md b/managing-os/pentesting/blackarch.md index 2db1ebac..35377455 100644 --- a/managing-os/pentesting/blackarch.md +++ b/managing-os/pentesting/blackarch.md @@ -4,6 +4,14 @@ title: How to Create a BlackArch VM permalink: /doc/blackarch/ --- +**General Remainder:** + +- The installation scripts and provided tools may have bugs, be vulnerable to Man in the Middle (MitM) attacks or other vulnerabilities. + +- Adding additional repositories or tools for installing software extends your trust to those tool provider. + +Please keep in mind that using such a VM or VM's based on the template for security and privacy critical tasks is not recommended. + How to Create a BlackArch VM ============================ diff --git a/managing-os/pentesting/kali.md b/managing-os/pentesting/kali.md index 20a04217..90fd5a4d 100644 --- a/managing-os/pentesting/kali.md +++ b/managing-os/pentesting/kali.md @@ -4,6 +4,14 @@ title: How to create a Kali Linux VM permalink: /doc/kali/ --- +**General Remainder:** + +- The installation scripts and provided tools may have bugs, be vulnerable to Man in the Middle (MitM) attacks or other vulnerabilities. + +- Adding additional repositories or tools for installing software extends your trust to those tool provider. + +Please keep in mind that using such a VM or VM's based on the template for security and privacy critical tasks is not recommended. + How to Create a Kali Linux VM ============================= diff --git a/managing-os/pentesting/ptf.md b/managing-os/pentesting/ptf.md index 96fd241f..53ca68d5 100644 --- a/managing-os/pentesting/ptf.md +++ b/managing-os/pentesting/ptf.md @@ -4,6 +4,14 @@ title: How to create Penetration Testers Framework (PTF) VM permalink: /doc/ptf/ --- +**General Remainder:** + +- The installation scripts and provided tools may have bugs, be vulnerable to Man in the Middle (MitM) attacks or other vulnerabilities. + +- Adding additional repositories or tools for installing software extends your trust to those tool provider. + +Please keep in mind that using such a VM or VM's based on the template for security and privacy critical tasks is not recommended. + How to create Penetration Testers Framework (PTF) VM ==================================================== From 08d0d6a427ee40cbfcaf5b0f134ad6d7352fb3ea Mon Sep 17 00:00:00 2001 From: Jeepler Date: Fri, 17 Jun 2016 11:35:03 -0500 Subject: [PATCH 8/8] Qubes OS as hacking laboratory host --- managing-os/pentesting.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/managing-os/pentesting.md b/managing-os/pentesting.md index 351618c5..60452018 100644 --- a/managing-os/pentesting.md +++ b/managing-os/pentesting.md @@ -23,3 +23,11 @@ The following install instructions explain how to setup a penetration testing di - [BlackArch](/doc/blackarch/) - [Kali](/doc/kali/) - [PenTester Framework (PTF)](/doc/ptf/) + +Using Qubes OS to host a "hacking" laboratory +--------------------------------------------- + +Qubes OS is a hypervisor based operating system. Qubes OS can various operating systems such as Linux, Unix or Windows in parallel. Qubes OS can therefor be used to host your own "hacking" laboratory. + +- [Creating and Using HVM Domains](/doc/hvm-create/) +- [Templates](/doc/templates/)