Last active December 5, 2023 14:16
CommandoVM **install.ps1** MOD
# Installation Script
param (
[string]$password = "",
[string]$pkg_url = $null,
[string]$pkg_file = ".\pkg.json",
[bool]$nochecks = $false
$gLogFile = "C:\Install_Packages.log"
function Set-EnvironmentVariableWrap([string] $key, [string] $value) {
Set the environment variable for all process, user and system wide scopes
True on success | False on error
try {
[Environment]::SetEnvironmentVariable($key, $value)
[Environment]::SetEnvironmentVariable($key, $value, 1)
[Environment]::SetEnvironmentVariable($key, $value, 2)
$rc = $true
catch {
$rc = $false
function ConvertFrom-Json([object] $item) {
Convert a JSON string into a hash table
Convert a JSON string into a hash table, without any validation
[hashtable] or $null
Add-Type -Assembly system.web.extensions
$ps_js = New-Object system.web.script.serialization.javascriptSerializer
try {
$result = $ps_js.DeserializeObject($item)
catch {
$result = $null
# Cast dictionary to hashtable
[hashtable] $result
function ConvertTo-Json([object] $data) {
Convert a hashtable to a JSON string
Convert a hashtable to a JSON string, without any validation
[string] or $null
Add-Type -Assembly system.web.extensions
$ps_js = New-Object system.web.script.serialization.javascriptSerializer
#The comma operator is the array construction operator in PowerShell
try {
$result = $ps_js.Serialize($data)
catch {
$result = $null
function Import-JsonFile {
Load a hashtable from a JSON file
[hashtable] or $null
param([string] $path)
try {
$json = Get-Content $path
$result = ConvertFrom-Json $json
catch {
$result = $null
function Make-InstallerPackage($PackageName, $TemplateDir, $packages) {
Make a new installer package
Make a new installer package named installer. This package uses the custom packages.json file specified by the user.
User can then call "Install-BoxStarterPackage installer" using the local repo.
$PackageDir = Join-Path $BoxStarter.LocalRepo $PackageName
if (Test-Path $PackageDir) {
Remove-Item -Recurse -Force $PackageDir
$Tmp = [System.IO.Path]::GetTempFileName()
Write-Host -ForegroundColor Green "packages file is" + $tmp
ConvertTo-Json @{"packages" = $packages } | Out-File -FilePath $Tmp
if ([System.IO.Path]::IsPathRooted($TemplateDir)) {
$ToolsDir = Join-Path $TemplateDir "tools"
else {
$Here = Get-Location
$ToolsDir = Join-Path (Join-Path $Here $TemplateDir) "tools"
$Dest = Join-Path $ToolsDir "packages.json"
Move-Item -Force -Path $Tmp -Destination $Dest
New-BoxstarterPackage -Name $PackageName -Description "My Own Instalelr" -Path $ToolsDir
function installBoxStarter() {
Install BoxStarter on the current system
Install BoxStarter on the current system. Returns $true or $false to indicate success or failure. On
fresh windows 7 systems, some root certificates are not installed and updated properly. Therefore,
this funciton also temporarily trust all certificates before installing BoxStarter.
# Try to install BoxStarter as is first, then fall back to be over trusing only if this step fails.
try {
iex ((New-Object System.Net.WebClient).DownloadString('')); get-boxstarter -Force
return $true
catch {
# Allows current PowerShell session to trust all certificates
# Also a good find:
try {
Add-Type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
catch {
Write-Debug "Failed to add new type"
try {
$AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
catch {
Write-Debug "Failed to find SSL type...1"
try {
$AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls'
catch {
Write-Debug "Failed to find SSL type...2"
$prevSecProtocol = [System.Net.ServicePointManager]::SecurityProtocol
$prevCertPolicy = [System.Net.ServicePointManager]::CertificatePolicy
Write-Host "[+] Installing Boxstarter"
# Become overly trusting
[System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
# download and instal boxstarter
iex ((New-Object System.Net.WebClient).DownloadString('')); get-boxstarter -Force
# Restore previous trust settings for this PowerShell session
# Note: SSL certs trusted from installing BoxStarter above will be trusted for the remaining PS session
[System.Net.ServicePointManager]::SecurityProtocol = $prevSecProtocol
[System.Net.ServicePointManager]::CertificatePolicy = $prevCertPolicy
return $true
function Load-Packages {
param([string] $pkgPath)
Write-Host $pkgPath
try {
$json = Get-Content $pkgPath -ErrorAction Stop
$packages = ConvertFrom-Json $json
catch {
return $null
return $packages
function Install-Package {
param([hashtable] $pkg)
$name = $
$pkgargs = $pkg.args
try {
$is64Only = $pkg.x64Only
catch {
$is64Only = $false
if ($is64Only) {
if (Get-OSArchitectureWidth -Compare 64) {
# pass
else {
Write-Warning "[!] Not installing $name on x86 systems"
return $true
if ($pkgargs -eq $null) {
$args = $globalCinstArgs
else {
$args = $pkgargs, $globalCinstArgs -Join " "
if ($args) {
Write-Warning "[!] Installing using host choco.exe! Errors are ignored. Please check to confirm $name is installed properly"
Write-Warning "[!] Executing: iex choco upgrade $name $args"
$rc = iex "choco upgrade $name $args"
# Write-Host $rc
else {
$rc = iex "choco upgrade $name $args"
# Write-Host $rc
# if ($([System.Environment]::ExitCode) -ne 0 -And $([System.Environment]::ExitCode) -ne 3010) {
# Write-Host "ExitCode: $([System.Environment]::ExitCode)"
# return $false
# }
if ( ($rc | Select-String 'Failures') -ne $null) {
Write-Host "error when run [ choco upgrade $name $args ] debug info:"
Write-Host "===================================================================================`n" -ForegroundColor Yellow
Write-Host ($rc | Out-String ) -ForegroundColor Red
Write-Host "`n===================================================================================" -ForegroundColor Yellow
return $false
return $true
Function Write-Log {
[Parameter(Mandatory = $False)]
[ValidateSet("INFO", "WARN", "ERROR", "FATAL", "DEBUG")]
$Level = "INFO",
[Parameter(Mandatory = $True)]
$Stamp = (Get-Date).toString("yyyy/MM/dd HH:mm:ss")
$Line = "$Stamp $Level $Message"
#If($logfile) {
#Add-Content $logfile -Value $Line
If ($gLogFile) {
Add-Content $gLogFile -Value $Line
Write-Output $Line
Else {
Write-Output $Line
Function Set-WallPaper {
Applies a specified wallpaper to the current user's desktop
Provide the exact path to the image
Provide wallpaper style (Example: Fill, Fit, Stretch, Tile, Center, or Span)
Set-WallPaper -Image "C:\Wallpaper\Default.jpg"
Set-WallPaper -Image "C:\Wallpaper\Background.jpg" -Style Fit
param (
[parameter(Mandatory = $True)]
# Provide path to image
# Provide wallpaper style that you would like applied
[parameter(Mandatory = $False)]
[ValidateSet('Fill', 'Fit', 'Stretch', 'Tile', 'Center', 'Span')]
$WallpaperStyle = Switch ($Style) {
"Fill" { "10" }
"Fit" { "6" }
"Stretch" { "2" }
"Tile" { "0" }
"Center" { "0" }
"Span" { "22" }
If ($Style -eq "Tile") {
New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name WallpaperStyle -PropertyType String -Value $WallpaperStyle -Force
New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name TileWallpaper -PropertyType String -Value 1 -Force
Else {
New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name WallpaperStyle -PropertyType String -Value $WallpaperStyle -Force
New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name TileWallpaper -PropertyType String -Value 0 -Force
Add-Type -TypeDefinition @"
using System;
using System.Runtime.InteropServices;
public class Params
public static extern int SystemParametersInfo (Int32 uAction,
Int32 uParam,
String lpvParam,
Int32 fuWinIni);
$UpdateIniFile = 0x01
$SendChangeEvent = 0x02
$fWinIni = $UpdateIniFile -bor $SendChangeEvent
$ret = [Params]::SystemParametersInfo($SPI_SETDESKWALLPAPER, 0, $Image, $fWinIni)
# Main #
# For debug save current ps session to log file Start-Transcript -Path Install_Log.txt
# .\install.ps1
# then stop log with Stop-Transcript
Write-Host " ===================================================================="
Write-Host "`n"
Write-Host " __________ pentest env __________"
Write-Host "`n"
Write-Host " ===================================================================="
# Check to make sure script is run as administrator
Write-Host "[+] Checking if script is running as administrator.."
$currentPrincipal = New-Object Security.Principal.WindowsPrincipal( [Security.Principal.WindowsIdentity]::GetCurrent() )
if (-Not $currentPrincipal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
Write-Host "`t[ERR] Please run this script as administrator`n" -ForegroundColor Red
Write-Host "`n`t`tthis is not the way`n" -ForegroundColor Red
Read-Host "Press any key to continue"
else {
Start-Sleep -Milliseconds 500
Write-Host "`tthis is the way" -ForegroundColor Cyan
Start-Sleep -Milliseconds 500
if ($nochecks -eq $true) {
$defender = Get-Service -Name WinDefend
if ($defender.Status -eq "Running") {
Write-Host "[!] Windows Defender is running! ctrl+c to stop script..." -ForegroundColor Yellow
Start-Sleep -Milliseconds 5000
Write-Host "[i] Continuing..."
if ($nochecks -eq $false) {
# Check to make sure Tamper Protection is off
# This setting is not able to be changed via command line or via scripts
Write-Host "[+] Checking to make sure Windows Defender Tamper Protection is disabled"
if (Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows Defender\Features" -Name "TamperProtection") {
if ($(Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows Defender\Features" -Name "TamperProtection").TamperProtection -ne 0) {
Write-Host "[!] Please disable Windows Defender Tamper Protection and retry install." -ForegroundColor Red
Write-Host "`t[+] Hint:" -ForegroundColor Yellow
Write-Host "[-] Do you need to change this setting? Y/N " -ForegroundColor Yellow -NoNewline
$response = Read-Host
if ($response -eq "Y") {
Write-Host "[*] Exiting..." -ForegroundColor Red
Write-Host "`tContinuing..." -ForegroundColor Green
else {
Write-Host "`tTamper Protection is off, looks good." -ForegroundColor Green
# Check to make sure Defender is disabled
Write-Host "[+] Checking if Windows Defender service is running.."
$defender = Get-Service -Name WinDefend
if ($defender.Status -eq "Running") {
Write-Host "[+] Windows Defender service is running, and now add exlusion path ..."
Add-MpPreference -ExclusionPath 'C:\'
Set-MpPreference -DisableBehaviorMonitoring $true
Set-MpPreference -DisableRealtimeMonitoring $true
Set-MpPreference -DisableArchiveScanning $true
Set-MpPreference -DisableBehaviorMonitoring $true
Set-MpPreference -DisableIntrusionPreventionSystem $true
Set-MpPreference -DisableIOAVProtection $true
Set-MpPreference -DisableRemovableDriveScanning $true
Set-MpPreference -DisableBlockAtFirstSeen $true
Set-MpPreference -DisableScanningMappedNetworkDrivesForFullScan $true
Set-MpPreference -DisableScanningNetworkFiles $true
Set-MpPreference -DisableScriptScanning $true
Set-MpPreference -DisableRealtimeMonitoring $true
else {
Start-Sleep -Milliseconds 500
Write-Host "`tLooks good" -ForegroundColor Cyan
Start-Sleep -Milliseconds 500
# Check to make sure host is supported
Write-Host "[+] Checking to make sure Operating System is compatible"
if ((Get-WmiObject -class Win32_OperatingSystem).Version -eq "6.1.7601") {
Write-Host "Windows 7 is no longer supported. Do you want to continue install? Y/N" -ForegroundColor Yellow
$response = Read-Host
if ($response -ne "Y") {
## Windows 10 Versions/Build Numbers
# 21H1 19043
# 20H2 19042
# 2004 (TBD) 19041
# 1909 (November 2019 Update) 18363
# 1903 (May 2019 Update) 18362
# 1809 (October 2018 Update) 17763
# 1803 (April 2018 Update) 17134
$osversion = (Get-WmiObject -class Win32_OperatingSystem).BuildNumber
$valid_versions = @(18363, 18361, 17763, 17134, 19041, 19042, 19043)
if ($osversion -notin $valid_versions) {
Write-Host "`t[ERR] Windows version $osversion is not has not been tested, please use Windows 10 version 1803, 1809, 1903, 1909, 2004, 20H2, or 21H1." -ForegroundColor Yellow
Write-Host "[-] Do you still wish to proceed? Y/N " -ForegroundColor Yellow -NoNewline
$response = Read-Host
if ($response -ne "Y") {
else {
Write-Host "`tWindows build $osversion supported." -ForegroundColor Green
#Check to make sure host has enough disk space
Write-Host "[+] Checking if host has enough disk space"
$disk = Get-PSDrive C
Start-Sleep -Seconds 1
if (-Not (($disk.used + $ / 1GB -gt 58.8)) {
Write-Host "`t[ERR] This install requires a minimum 60 GB hard drive, please increase hard drive space to continue`n" -ForegroundColor Red
Read-Host "Press any key to continue"
else {
Write-Host "`t> 60 GB hard drive. looks good" -ForegroundColor Green
# Prompt user to remind them to install now
Write-Host "[-] Lets do it rightnow? Y/N " -ForegroundColor Yellow -NoNewline
$response = Read-Host
if ($response -ne "Y") {
Write-Host "[+] Exiting..." -ForegroundColor Red
Write-Host "`tContinuing..." -ForegroundColor Green
# Get user credentials for autologin during reboots
Write-Host "[+] Getting user credentials ..."
Set-ItemProperty "HKLM:\SOFTWARE\Microsoft\PowerShell\1\ShellIds" -Name "ConsolePrompting" -Value $True
if ([string]::IsNullOrEmpty($password)) {
$cred = Get-Credential $env:username
else {
$spasswd = ConvertTo-SecureString -String $password -AsPlainText -Force
$cred = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList $env:username, $spasswd
Write-Host "`n[+] Beginning Install...`n" -ForegroundColor Green
Write-Host "[+] Installing Boxstarter"
$rc = installBoxStarter
if ( -Not $rc ) {
Write-Host "[ERR] Failed to install BoxStarter"
Read-Host " Press ANY key to continue..."
exit 1
# Boxstarter options
$Boxstarter.RebootOk = $true # Allow reboots?
$Boxstarter.NoPassword = $false # Is this a machine with no login password?
$Boxstarter.AutoLogin = $true # Save my password securely and auto-login after a reboot
# Set-BoxstarterConfig -NugetSources ""
if ([System.Environment]::OSVersion.Version.Major -eq 10) {
# ---------- Preconfig ----------
iex "choco install -y shutup10"
if ( (Get-Command curl.exe -ErrorAction SilentlyContinue).Source -eq $null) {
iex "choco install -y curl"
iex "refreshenv"
Write-Host "[+] Plz tweak first with Shutup10 ..."
iex "OOSU10"
# Prompt user to remind them to take a snapshot
Write-Host "[-] May I continue? Y/N " -ForegroundColor Yellow -NoNewline
$response = Read-Host
if ($response -ne "Y") {
exit 1
Write-Host "`tContinuing..." -ForegroundColor Green
# ---------- Installer ----------
# Basic system setup
Update-ExecutionPolicy Unrestricted
# Import Boxstart Lib
Import-Module "$($Boxstarter.BaseDir)\Boxstarter.Chocolatey\Boxstarter.Chocolatey.psd1"
Import-Module "$($Boxstarter.BaseDir)\Boxstarter.Common\boxstarter.common.psd1"
Set-WindowsExplorerOptions -EnableShowProtectedOSFiles -EnableShowFileExtensions -EnableShowHiddenFilesFoldersDrives
Disable-ComputerRestore -Drive ${Env:SystemDrive}
Set-ItemProperty 'HKLM:\SYSTEM\CurrentControlSet\Control\FileSystem' -Name 'LongPathsEnabled' -Value 1
# Chocolatey setup
Write-Host "Initializing chocolatey"
iex "choco feature enable -n allowGlobalConfirmation"
iex "choco feature enable -n allowEmptyChecksums"
# Tweak power options to prevent installs from timing out
& powercfg -change -monitor-timeout-ac 0 | Out-Null
& powercfg -change -monitor-timeout-dc 0 | Out-Null
& powercfg -change -disk-timeout-ac 0 | Out-Null
& powercfg -change -disk-timeout-dc 0 | Out-Null
& powercfg -change -standby-timeout-ac 0 | Out-Null
& powercfg -change -standby-timeout-dc 0 | Out-Null
& powercfg -change -hibernate-timeout-ac 0 | Out-Null
& powercfg -change -hibernate-timeout-dc 0 | Out-Null
# Tips for GFW
Write-Host "[-] Maybe you should configure the system agent now before continuing? Y/N " -ForegroundColor Yellow -NoNewline
$response = Read-Host
if ($response -ne "Y") {
exit 1
# Now install packages
$json = Load-Packages $pkg_file
if ($json -eq $null -Or $json.packages -eq $null) {
Write-Host "Packages property not found! Exiting"
exit 1
$packages = $json.packages
foreach ($pkg in $packages) {
$name = $
if (-Not $(Test-Path $(Join-Path $Env:ProgramData "chocolatey\lib\$name"))) {
Write-Log "INFO" "Attempting install of $name"
$rc = Install-Package $pkg
if ($rc) {
Write-Log "INFO" "Install of $name finished successfully"
else {
Write-Log "ERROR" "Failed to install $name"
# Now install eget
if ( (Get-Command go.exe -ErrorAction SilentlyContinue).Source -ne $null) {
# curl.exe -LJO
go.exe install
# Now install some pentest tool from github with eget
# Metasploit
Write-Host "[-] Do you want to install Metasploit Framework ? Y/N " -ForegroundColor Yellow -NoNewline
$response = Read-Host
if ($response -eq "Y") {
iwr -useb -outfile 'metasploitframework-latest.msi'
# msiexec.exe /i metasploitframework-latest.msi.msi /l*v C:\msf_install_log.txt /qn
Write-Host "[+] Has the Metasploit installed? Y/N " -ForegroundColor Yellow -NoNewline
$response = Read-Host
if ($response -ne "Y") {
exit 1
# Jabba -> Java Version Manager
Write-Host "[-] Do you want to install Jabba ? Y/N " -ForegroundColor Yellow -NoNewline
$response = Read-Host
if ($response -eq "Y") {
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Invoke-Expression (
Invoke-WebRequest -UseBasicParsing
# BurpSuite Pro
Write-Host "[-] Do you want to install Burpsuite ? Y/N " -ForegroundColor Yellow -NoNewline
$response = Read-Host
if ($response -eq "Y") {
#$burp_download_url = ""
$burp_save_path = "C:\Tools\Burpsuite"
#New-Item -ItemType directory $burp_save_path -Force
#iwr -useb $burp_download_url -outfile "$burp_save_path\burpsuite_pro_v2022.2.jar"
$crack_download_url = ""
$burp_filename = ""
#iwr -useb $crack_download_url -outfile "$burp_filename"
if ((Test-Path $burp_filename) -eq $true) {
Remove-Item $burp_filename -Force
curl.exe $crack_download_url -o $burp_filename
Expand-Archive $burp_filename -DestinationPath $burp_save_path
# ---------- Config ----------
# Custom Powershell with fzf & winfetch
Install-PackageProvider -Name NuGet -Force
Install-Module -Name PSFzf -Force
New-Item -Path $profile -Type File -Force
Add-Content -Path $profile -Value 'winfetch.exe'
Add-Content -Path $profile -Value 'Import-Module PSFzf'
Add-Content -Path $profile -Value "Set-PsFzfOption -PSReadlineChordProvider 'Ctrl+t' -PSReadlineChordReverseHistory 'Ctrl+r'"
Install-Module -Name OpenHere
Import-Module -Name OpenHere
Set-OpenHereShortcut -ShortcutType:WindowsPowerShell
# Remove Windows10 Shits --->
# irm | iex
irm | iex
# Explore config
$o = new-object -com shell.application
# Change Wallpaper
$wallpaperPath = "$($env:USERPROFILE)\Pictures\wallpaper.jpg"
iwr -useb -outfile $wallpaperPath
Set-WallPaper -Image $wallpaperPath
# Install scoop in the last
Write-Host "[-] Do you want to install Scoop ? Y/N " -ForegroundColor Yellow -NoNewline
$response = Read-Host
if ($response -eq "Y") {
iwr -useb -outfile 'scoop_install.ps1'
try {
.\scoop_install.ps1 -RunAsAdmin
Start-Sleep -Milliseconds 1000
scoop bucket add extras
catch {
Write-Host "An error occurred:"
Write-Host $_.ScriptStackTrace
Write-Host "[*] Done ! Have Fun :) check log ---> $gLogFile" -ForegroundColor Green
$UserPath = "$($env:USERPROFILE)\Desktop\InstallOK.txt"
Set-Content -Path $UserPath -Value 'Hello, Pentester'
exit 0
"packages": [
{"name": "vcredist-all"},
{"name": "dotnet3.5"},
{"name": "dotnet3.5"},
{"name": "dotnet4.6.2"},
{"name": "dotnet4.7.2"},
{"name": "git"},
{"name": "jre8"},
{"name": "wireshark"},
{"name": "firefox"},
{"name": "tor-browser"},
{"name": "python3"},
{"name": "golang"},
{"name": "x64dbg.portable"},
{"name": "die"},
{"name": "pestudio"},
{"name": "adexplorer"},
{"name": "rsat"},
{"name": "tortoisesvn"},
{"name": "sysinternals"},
{"name": "nmap"},
{"name": "SublimeText4"},
{"name": "dnspy"},
{"name": "telnet"},
{"name": "7zip"},
{"name": "winscp"},
{"name": "vnc-viewer"},
{"name": "hashcheck"},
{"name": "dbeaver"},
{"name": "sqlserver-cmdlineutils"},
{"name": "fiddler"},
{"name": "everything"},
{"name": "traffic-monitor"},
{"name": "geekuninstaller"},
{"name": "v2rayn"},
{"name": "clash-for-windows"},
{"name": "proxifier"},
{"name": "neo4j-community"},
{"name": "fzf"},
{"name": "winfetch"},
{"name": "jetbrainstoolbox"},
{"name": "visualstudio2019community"}
