[go: up one dir, main page]
Scribd
Upload
727 views78 pages

Docs - Ninjutsu OS

Docs - Ninjutsu OS

Uploaded by

rishshris
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
727 views78 pages

Docs - Ninjutsu OS

Docs - Ninjutsu OS

Uploaded by

rishshris
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 78

Home Community Download Tools Documentation Guide FAQ Donate About  

docs
Documentation (Updated 17/05/2020)

An important part of any operating system is documentation, the technical manuals which describe the operation and
Hasan use of programs.
Cyber Security Specialist
As part of its efforts to create a high-quality operating system, the Ninjutsu Project is making every effort to provide
PO ST C AT EGO RIES TAGS
all of its users with proper documentation in an easily accessible form.
1 0 0 The documentation is a continuous work in progress, and all Ninjutsu users are invited to contribute to the creation
and translation process of this portal.
Follow

    

R4

LINKS

Ninjutsu Box github.com

R5

R EC EN T

2020-04-18
What -Is-Ninjutsu-OS

R6

A R C H I V ES

April 2020 1

R7

C ATA L O GU E Screen

1 Documentation (Updated 17/05/2020)

2 What is Ninjutsu Project?


What is Ninjutsu Project?
2.1 Features Ninjutsu is Penetration testing/Red Teaming distribution based on Windows focused on Penetration Testing, Red
Teaming,Security Auditing , Malware analysis and Android Penetration Testing.
3 Downloading Ninjutsu Project
It includes a full portable arsenal for security experts, but it also includes pre-configured and installed Android
4 Where to Get Official Ninjutsu Project Images
Pentesting Integrated Environmental, In addition, protect your privacy by tweak and customize Windows 10, disable
5 Verifying Your Downloaded Ninjutsu Image
the collection services/Apps to improving your anonymity/performance.

5.1.1 Useing third-party tools : Ninjutsu contains more than 800 tools that are geared towards various information security tasks, such as Penetration
Testing, Red Teaming, Malware analysis, Android Penetration Testing, and Reverse Engineering. Ninjutsu is created
5.2 Linux
and customize by Hasan Al-Qawzai (Information security expert) .
5.3 MacOS
Ninjutsu Project was released on the 08th May, 2020.
6 User Guide

7 Getting Started Features


Windows 10 Pre-Installed Penetration Testing, Red Teaming, and Android Security Testing Integrated Environment.
7.1.1 Minimum System Requirements :
More than 800 penetration testing tools.
8 Installing Ninjutsu as Main OS in Your Computer/Laptop : Free and Open source Tools.
Prefills the commandline.
8.1.1 Download :
Terminal with many useful features.
9 Dual boot Windows 10,8,7 with Ninjutsu OS Customize Windows 10 with powerful tweak and optimize.
Protect your privacy by tweak and customize Windows 10.
9.1.1 Minimum Requirements :
Disable many of the annoying features built into windows.
10 How To Install Ninjutsu OS in VMware Workstation : Unwanted Windows components removal.

11 How To Install Ninjutsu OS in Oracle VM VirtualBox : Remove/Disable many Windows programs and services.

12 Improve your privacy setup Simple dnscrypt + VPN :

13 Installing Docker for Windows and install Kali lunix :


Downloading Ninjutsu Project
13.1.1 1. Enable Hyper-V on Windows 10
IMPORTANT! Never download Ninjutsu images from anywhere other than the official sources. Always be sure to verify
13.1.2 2. Enable Intel VT-x or AMD virtualization the MD5/SHA256 checksums of the file you’ve downloaded against our official values. It would be easy for a malicious
13.1.3 Installing Docker entity to modify a Ninjutsu Project installation to contain exploits or malware and host it unofficially.

13.1.4 Now how do you know if Docker is


working? Where to Get Official Ninjutsu Project Images
13.1.5 Install Kali Linux from Docker

13.1.6 Install Parrot on Ninjutsu OS :


The Ninjutsu Project images are available both as directly downloadable .iso files or via .torrent files.
13.1.7 Install single tools SimplyEmail on
Ninjutsu OS :

13.1.8 Install CTF TOOLS on :


Verifying Your Downloaded Ninjutsu Image
13.1.9 Kali Linux

13.1.10 Parrot ##Why do I need to do this?

13.1.11 Metasploit framework Before you run Ninjutsu OS, or install it to your hard disk, you want to be very sure that what you’ve got actually is
13.1.12 Sqlmap Ninjutsu OS, and not an imposter. Ninjutsu is a professional penetration testing and red teaming toolkit. As a
13.1.13 W3AF vulnerability scanner professional penetration tester, having absolute confidence in the integrity of your tools is critical: if your tools aren’t
trustworthy, your investigations won’t be trustworthy, either.
13.1.14 Amass

13.1.15 sherlock
Windows
13.1.16 Remove Docker containers
 

R8 1 Ex : CertUtil -hashfile <File Nme> MD5


2 CertUtil -hashfile Ninjutsu-v1.0.iso MD5

Screen

Useing third-party tools :

1- Download the Checksum Calculator http://www.checksumcalculator.com/

2- Run the executable, checksumcalculator_setup.exe.

3- Follow the prompts to install the program.

4- Open the Checksum Calculator Click the Browse next to the file box and browse to the file you want to check. Select
“Ninjutsu-v1.0.iso” file.

5- Select the type of Checksum you are calculating, By default, the Checksum is set to MD5

6- Click the Calculate button.


Screen

Linux
 

1 md5sum Ninjutsu-v1.0.iso
2
3 sha256sum Ninjutsu-v1.0.iso

MacOS
 

1 md5 Ninjutsu-v1.0.iso
2
3 shasum -a 256 Ninjutsu-v1.0.iso

User Guide

Getting Started
Minimum System Requirements :
CPU : Intel/AMD Dual core Processor
RAM : 2 GB of RAM DDR3/DDR4
Storage : 60 GB of Hard drive space
Installing Ninjutsu as Main OS in Your Computer/Laptop :
To install Ninjutsu OS on your computer or laptop you need :

Verify your partition scheme


USB flash 32 GB
Ninjutsu OS ISO
Storage : 60 GB of Hard drive space (Minimum) (Ninjutsu OS will take 53 GB from total storage available)
Rufus software (Download from https://rufus.ie )

Before you start to format your machine check your disk partition scheme

IMPORTANT! Don’t forget your laptop it’s include your original windows installation, it’s called recovery mode or
windows reset factory , so don’t do this tutorial if you don’t want lose ur recovery windows, I recommend you use
PartitionMagic to check ur disk before starting format

You can view this information in the DIsk Management tool incldued with Windows. To access it, right-click the Start
menu or press Windows Key+X and select “Disk Management.” You can also press Windows Key+R to open the Run
dialog, type “diskmgmt.msc” into the box, and press Enter.

Screen

Select Disk Management


Screen
Screen

Locate the disk you want to check in the Disk Management window. Right-click it and select “Properties.”

Click over to the “Volumes” tab. To the right of “Partition style,” you’ll see either “Master Boot Record (MBR)” or “GUID
Partition Table (GPT),” depending on which the disk is using.
Screen

Download software Rufus and plugin ur USB FLASH

Open Software Rufus

Screen

In our example we are going to create a bootable USB stick “GPT” containing the Ninjutsu OS , Don’t be a blindly follow
the lesson, maybe your laptop/computer is MBR , so be careful

Now we finished create bootable USB stick , After that restart your computer and boot from USB.

Use internet resource to find How to Boot from USB on Windows


Screen
Screen
Screen
Screen

warning Now be careful I don’t want you format wrong drive and lose your data

Press shift + F10 to open cmd prompt

Then type the following command:

 

1 Diskpart
2 List vol
3 Dir d:\
Screen
Screen
Screen
Screen
Screen
Screen
Screen

The installation finished congratulations

After installation maybe you will getting random slowdown to your windows 10, so I recommend you to update drivers,
you can use Driver Booster 7 to update and tweak your laptop

Download :
https://www.iobit.com/en/driver-booster.php

Dual boot Windows 10,8,7 with Ninjutsu OS


we are going to explain everything in detail how to install Ninjutsu OS as second boot with your main windows 10,8,7

Minimum Requirements :

1- Ninjutsu OS Image

2- Empty drive partition in your machine with 55 GB (Minimum) (Ninjutsu OS will take 53 GB from total storage
available)

in our example , I’m going to install Ninjutsu OS on drive partition E:


you only need to define where you want to install other operating system (Ninjutsu OS) in your Laptop/Computer

You can view this information in the DIsk Management tool incldued with Windows. To access it, right-click the Start
menu or press Windows Key+X and select “Disk Management.” You can also press Windows Key+R to open the Run
dialog, type “diskmgmt.msc” into the box, and press Enter.
Screen

if you don’t have empty drive partition to install Ninjutsu OS , you have to create drive partition and format it , in my
tutorial

drive partition windows 10

Step 1: Right-click one hard disk partition and select “Shrink Volume”.
Screen

Step 2: Enter the amount of space you want to shrink in MB as shown below then click on the “Shrink” button.

Screen

Step 3: Right-click on the unallocated space and select “New Simple Volume”.
Screen

Step 5: You’ll now enter the New Simple Volume Wizard interface by clicking “Next” and specify a volume size.
Screen

Step 6: Assign Drive Letter or Path, then format the partition into the default file system NTFS. Click “Finish” to
complete creating a new partition in Windows 10.
Screen

We are going to explain how to install and use two windows edtion in the same computer/laptop :

 

1 C:\ ------------> Windows 10 , 8 or 7


2 E:\ ------------> Ninjutsu OS
3 D:\ ------------> Ninjutsu OS Image

To install Ninjutsu os type the following command:

 

1 dism /Apply-Image /ImageFile:D:\Sources\install.wim /Index:1 /ApplyDir:E:\


Screen

now wait until Ninjutso OS deploy in your drive E

Next step , add deployed Windows on drive E: to Windows boot menu, use following command:

 

1 bcdboot E:\Windows

Screen

Now write this command to check defult profile and currnet profile windows

BCDEdit is a command-line tool for managing Boot Configuration Data (BCD).

BCD files provide a store that is used to describe boot applications and boot application settings.

BCDEdit can be used for a variety of purposes, including creating new stores, modifying existing stores, adding boot
menu options, and so on.

You’ll need administrative privileges to use BCDEdit to modify BCD

open your cmd as administrator

 

1 bcdedit
Boot Options Identifiers :

 

1 {default} device partion E: (Ninjutso OS)


2
3 {current} device partion C: (your current system )

Screen

Now we need to change the boot description , When deployed, the new OS has ID {default}. To rename it, give it a
better description, use following command:

 

1 bcdedit /set {default} description "Ninjutsu OS"


2 bcdedit /set {current} description Windows 10 Pro"

Screen

Screen
Screen

How To Install Ninjutsu OS in VMware Workstation :


Screen

Screen
Screen

Screen
Screen

Screen
Screen
Screen

Screen
Screen
Screen
Screen
Screen
Screen
Screen
Screen

Screen
How To Install Ninjutsu OS in Oracle VM VirtualBox :

Screen
Screen

Screen
Screen

Screen
Screen

Screen
Screen

Screen
Screen
Screen
Screen
Screen
Screen
Screen
Screen

Screen
Screen

Improve your privacy setup Simple dnscrypt + VPN :

what is the information may be disclosed to government/ISP provider when you browsing Internet? And what’s the
solution!

In the normal use of the Internet, the information you need to take care of:

1. MAC address
2. DNS requests
3. Site or service address even in TLS connection
4. The IP address of the site or service
5. Unencrypted information

1. MAC address :

This Mac address can track your positions.It is best to have a different MAC address each time you connect to the
Internet. You can use a variety of tools, but in Windows 10, you can enable it:

Turn On or Off Random Hardware MAC Addresses for Wi-Fi in Windows 10


Screen

another way to change your MAC address by use software such as

MAC Address Scanner 5.0 https://www.majorgeeks.com/files/details/mac_address_scanner.html


MacMakeup 2.2.3.5 https://www.majorgeeks.com/files/details/mac_makeup.html

2- DNS requests

Normally, even if you use 1.1.1.1, your DNS requests can be easily heard. Only if you use DNSCrypt or other encrypted
items, your DNS requests will not be heard.

You can use SimpleDNScrypt , follow up to the pictures shown below


Screen
Screen
Screen

3- Site or service address even in TLS connection :

The addresses of the sites you visit will be transmitted in plain text via SNI, which is audible. You can only use a proxy
or a valid VPN to solve this problem.

4- IP address of the site or service:

Many sites have dedicated servers. Donating an IP address is equal to donating a site address. As before, you can only
use a proxy or a valid VPN to solve this problem.

5- Unencrypted information :
Unencrypted information needs no explanation and you should use a VPN. But there is still a big problem! What
happens if you accidentally and unintentionally disconnect your VPN?
Some of your sensitive information will be disclosed! To prevent this from happening, your VPN must have Kill-Switch
functionality

follow up to the pictures shown below

Screen
Screen

Screen
Screen

Screen
Screen

Installing Docker for Windows and install Kali lunix :


One of the big problems when doing pentesting or security tests is having all the tools. Docker helps you to have
environments where we can have different tools without having to fight with different libraries or dependencies that
need certain tools.

Now Using Docker to run Cyber Security Tools is becoming more and more popular.

To use docker in your computer you have to :

1. Enable Hyper-V , The Ninjutsu OS has been enabled “Hyper-V” by default.


2. Enable Intel VT-X/AMD Virtualization on VMware/VirtualBox and PC

You should be aware that Docker requires VT-X/AMD-v virtual hardware extension to be enabled before you can run any
container.

Depending on your computer, you may need to reboot and enable it in your BIOS.

You can check if VT-X/AMD-v is enabled by running systeminfo from the command prompt.
 

1 systeminfo

1. Enable Hyper-V on Windows 10

Screen

2. Enable Intel VT-x or AMD virtualization


To enable Intel VT-X & AMD virtualization, open VMware and select the virtual machine you want to enable Intel/AMd
virtualization for, then click on Edit virtual machine settings.
Screen

2. Now select the Processors option and you’ll see the Intel VT-X & AMD Virtualization enabling option beside and
mark it if you want. Also, you can let the virtualization engine by default(Automatic), the automatic option uses the
three options there when required and disable them when they aren’t needed.
Screen

Enable Intel VT-x/AMD Virtualization on VirtualBox


Screen

2. Here, select the System tab and select Acceleration tab then you can see and enable Intel VT-x or AMD
virtualization and click Ok.
Screen

Enable Intel VT-x/AMD Virtualization on your computer/Laptop

Please follow the motherboard/Laptop guide to enable Intel VT-x/AMD Virtualization from Bios
Screen

So now after enable Intel VT-x or AMD virtualization in your Vmware/VirtualBox and PC

Installing Docker
You can download Docker for Windows with:

 

1 choco install docker-desktop

Screen
You should restart your laptop after you install Docker.

Now how do you know if Docker is working?


Open a new command prompt and type:

 

1 docker ps

If everything works as expected, you should see an empty list of containers running.

Install Kali Linux from Docker


We all already know kali Linux and it has a great variety of tools that are useful to carry out different tasks, but we also
have a docker to use kali.

Setting up a Kali Linux Docker Image :

 

1 docker pull kalilinux/kali-rolling


2 docker run -t -i kalilinux/kali-rolling /bin/bash

Screen

Now I’m going to install Metasploit , nmap and sqlmap on Kali Linux image

 
1 apt-get update && apt-get install metasploit-framework nmap sqlmap

Screen
Screen

How to Remove Docker Containers Kali Lunix from your PC :

You can get a list of all containers by passing the -a flag to the docker container ls command:

 

1 docker container ls -a

The output should look something like this:

 

1 C:\Users\Administrator\Desktop>docker container ls -a
2 CONTAINER ID IMAGE COMMAND CREATED STATUS
3 2e89361f5005 kalilinux/kali-rolling "/bin/bash" 54 minutes ago Exited (130) 1 s

Once you know the CONTAINER ID of the containers you want to delete, pass it to the docker container rm command.
For example, to remove the first two containers listed in the output above run:

 

1 docker container rm 2e89361f5005

Other method and example how to remove docker image :

 

1 # docker ps -a
2 docker ps -a
3 CONTAINER ID IMAGE COMMAND CREATED STATUS
d1c01c8eb336 ubuntu:14.04 "/bin/bash" 5 seconds ago Exited (0) 3 seco
4
df7834f86c78 debian:stable "/bin/bash" 10 seconds ago Up 9 seconds
5
9bdd9d49a75b mongo:3 "/entrypoint.sh mong 18 minutes ago Up 18 minutes
6
774b02c9c51a oraclelinux:7 "/bin/bash" 27 minutes ago Up 27 minutes
7

 

1 docker rm --force debian


2 docker rm --force mongodb
3 docker rm --force ubuntu
Screen

To check the size of docker images :

 

1 C:\Users\Administrator\Desktop>docker image ls
2 REPOSITORY TAG IMAGE ID CREATED SIZE
3 ctfd/ctfd latest ba8fec4b9a20 2 days ago 500MB
ctfwiki/ctf-wiki latest a4ad75128371 5 days ago 195MB
4
kalilinux/kali-rolling latest d88b418fb1f9 6 days ago 114MB
5
parrotsec/security latest 35cfd692bb97 2 weeks ago 4.71GB
6
pyaillet/ctf-tools latest f57c8c381e52 6 months ago 992MB
7 simplysecurity/simplyemail latest 58c90bda30f4 2 years ago 684MB
8

Install Parrot on Ninjutsu OS :


Here the Repositories of Parrot https://hub.docker.com/u/parrotsec

you can install different tools without having to fight with different libraries or dependencies

 

1 docker pull parrotsec/security


2 docker run -ti --network host parrotsec/security
Screen

Install single tools SimplyEmail on Ninjutsu OS :


 

1 docker pull simplysecurity/simplyemail


2 docker run -ti simplysecurity/simplyemail -h
3 docker run -ti simplysecurity/SimplyEmail.py -all -e cybersyndicates.com
or in verbose
4
5
docker run -ti simplysecurity/SimplyEmail.py -all -v -e cybersyndicates.com
6
or in verbose and no "Scope"
7
8 docker run -ti simplysecurity/SimplyEmail.py -all -v -e cybersyndicates.com -s
9
10 or with email verification
11
12 docker run -ti simplysecurity/SimplyEmail.py -all -v -verify -e cybersyndicates.com
13
or with email verification & Name Creation
14
15
docker run -ti simplysecurity/SimplyEmail.py -all -v -verify -n -e cybersyndicates.com
16
17 or json automation
18
19 docker run -ti simplysecurity/SimplyEmail.py -all -e cybersyndicates.com --json cs-json.txt
20
21
Screen

Screen

Install CTF TOOLS on :


 
1 docker pull zardus/ctf-tools
2 docker run -ti zardus/ctf-tools

Screen

Screen

Other Useful Docker Images :

https://hub.docker.com/r/aaaguirrep/pentest

Kali Linux
 

1 docker pull kalilinux/kali-rolling


2 docker run -t -i kalilinux/kali-rolling /bin/bash
Parrot
 

1 docker pull parrotsec/parrot-core


2 docker run -t -i parrotsec/parrot-core /bin/bash

Metasploit framework
 

1 docker pull remnux/metasploit


2 docker run -t -i remnux/metasploit /bin/bash

Sqlmap
 

1 docker pull paoloo/sqlmap


2 docker run -it paoloo/sqlmap --url http://localhost

W3AF vulnerability scanner


 

1 docker pull andresriancho/w3af


2 docker run -t -i kalilinux/kali-rolling /bin/bash

Amass
 

1 docker build -t amass https://github.com/OWASP/Amass.git


2 docker run -v OUTPUT_DIR_PATH:/.config/amass/ amass enum --list

sherlock
 

1 docker build -t mysherlock-image .


2 docker run --rm -t mysherlock-image user123
3 docker run --rm -t -v "$PWD/results:/opt/sherlock/results" mysherlock-image -o /opt/sherlock/results/

Docker Notes

List Docker CLI commands

 
1 docker
2 docker container --help

Display Docker version and info

 

1 docker --version
2 docker version
3 docker info

Searching a Docker Image

 

1 docker search [search term]


2 docker search pentest
3 docker search centos

Build Docker image from Dockerfile

 

1 docker build -t <image name>:<tag> <file path of Dockerfile>


2
3 Options:
-t option to specify tag or name of the image (If tag is not specified, the default value of 'latest'
4
5
Ex : docker build -t nginx .
6

Execute Docker image

 

1 docker run hello-world

List Docker images

 

1 docker images
2 docker image ls
3
Options:
4
--quiet option to only show the image ID
5
--filter option to filter out images based on certain conditions (ie --filter=dangling=true)
6

 

1 docker ps -a # Lists containers (and tells you which images they are spun from)
2 docker rm <container_id> # Removes a container
3 docker rmi <image_id> # Removes an image
docker rmi -f <image_id> # Forces removal of image even if it is referenced in multiple repositorie
4
5 # i.e. same image id given multiple names/tags
6 # Will still fail if there is a docker container referencing image

List Docker containers (running, all, all in quiet mode)

 

1 docker container ls
2 docker container ls --all
3 docker container ls -aq

Remove Docker images

 

1 docker rmi {image-id || image-name}

Remove Docker containers

 

1 docker rm {container-id} (no need to enter all id)

Facebook Tw itter Print Email Pinterest Gmail LinkedIn Email App

Tumblr More

R1

L I K E T H I S A R T I C L E? SU P P O R T T H E A U T H O R W I T H

 Paypal  Buy me a coffee  Patreon

R2

Comments
What do you think?
8 Responses

Upvote Funny Love

Surprised Sad

Comments Community 🔒 Privacy Policy  Ava

 Recommend t Tweet f Share Sort by Best

Start the discussion…

Be the first to comment.

R3

© 2020 Hasan  Powered by Hexo & Icarus

You might also like