npm - rtexit-method - Versions diffs - 0.1.19 → 0.1.20 - Mend

rtexit-method 0.1.19 → 0.1.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/package.json +1 -1
package/packaged-assets/docker/Dockerfile +234 -0
package/packaged-assets/docker/verify/lib.sh +109 -0
package/packaged-assets/docker/verify/phase1-scanning.sh +57 -0
package/packaged-assets/docker/verify/phase10-network.sh +62 -0
package/packaged-assets/docker/verify/phase11-specialist.sh +56 -0
package/packaged-assets/docker/verify/phase2-web.sh +79 -0
package/packaged-assets/docker/verify/phase3-ad.sh +86 -0
package/packaged-assets/docker/verify/phase4-cloud.sh +60 -0
package/packaged-assets/docker/verify/phase5-mobile.sh +58 -0
package/packaged-assets/docker/verify/phase6-c2.sh +62 -0
package/packaged-assets/docker/verify/phase7-osint.sh +48 -0
package/packaged-assets/docker/verify/phase8-creds.sh +53 -0
package/packaged-assets/docker/verify/phase9-binary.sh +67 -0
package/packaged-assets/docker/verify/rt-verify-all.sh +175 -0
package/packaged-assets/scripts/rt-native-install.sh +500 -305

package/packaged-assets/scripts/rt-native-install.sh CHANGED Viewed

@@ -1,438 +1,633 @@
 #!/bin/bash
-# RTExit Native Kali Linux Installer
-# Installs all 300+ tools directly on your Kali Linux system
-# No Docker overhead — full GPU, WiFi, USB, Bluetooth access
+# RTExit Native Kali Linux Installer v4.0
+# Installs all 300+ tools directly on Kali Linux
+# ✅ All install methods verified in live container testing
+# ✅ Uses correct binary/apt/pip methods discovered during gap analysis
 #
 # Usage:
 #   chmod +x rt-native-install.sh
 #   sudo bash rt-native-install.sh
-#
-# Recommended: Run on fresh Kali Linux 2024.x or later
 set -e
 RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'
-BLUE='\033[0;34m'; CYAN='\033[0;36m'; NC='\033[0m'
+BLUE='\033[0;34m'; CYAN='\033[0;36m'; NC='\033[0m'; BOLD='\033[1m'
-# ── Root check ────────────────────────────────────────────────────────────────
-if [ "$EUID" -ne 0 ]; then
-  echo -e "${RED}[!] Run as root: sudo bash rt-native-install.sh${NC}"
-  exit 1
-fi
+[ "$EUID" -ne 0 ] && echo -e "${RED}[!] Run as root: sudo bash rt-native-install.sh${NC}" && exit 1
 echo -e "${RED}"
-echo "  ██████╗ ████████╗███████╗██╗  ██╗██╗████████╗"
-echo "  ██╔══██╗╚══██╔══╝██╔════╝╚██╗██╔╝██║╚══██╔══╝"
-echo "  ██████╔╝   ██║   █████╗   ╚███╔╝ ██║   ██║   "
-echo "  ██╔══██╗   ██║   ██╔══╝   ██╔██╗ ██║   ██║   "
-echo "  ██║  ██║   ██║   ███████╗██╔╝ ██╗██║   ██║   "
-echo "  ╚═╝  ╚═╝   ╚═╝   ╚══════╝╚═╝  ╚═╝╚═╝   ╚═╝   "
-echo -e "${NC}  Native Kali Installer v3.0 — 300+ Tools"
+cat << 'EOF'
+  ██████╗ ████████╗███████╗██╗  ██╗██╗████████╗
+  ██╔══██╗╚══██╔══╝██╔════╝╚██╗██╔╝██║╚══██╔══╝
+  ██████╔╝   ██║   █████╗   ╚███╔╝ ██║   ██║
+  ██╔══██╗   ██║   ██╔══╝   ██╔██╗ ██║   ██║
+  ██║  ██║   ██║   ███████╗██╔╝ ██╗██║   ██║
+  ╚═╝  ╚═╝   ╚═╝   ╚══════╝╚═╝  ╚═╝╚═╝   ╚═╝
+EOF
+echo -e "${NC}${BOLD}  Native Kali Installer v4.0 — 300+ Tools (Verified)${NC}"
+echo -e "  ${CYAN}All methods tested in live environment${NC}"
 echo ""
-# ── Helper functions ──────────────────────────────────────────────────────────
-install_apt() {
-  echo -e "${BLUE}[APT]${NC} $*"
-  apt-get install -y --no-install-recommends "$@" 2>/dev/null || true
+# ── Helpers ───────────────────────────────────────────────────────────────────
+OK=0; FAIL=0
+apt_install() {
+  echo -e "  ${BLUE}[APT]${NC} $*"
+  apt-get install -y --no-install-recommends "$@" 2>/dev/null && OK=$((OK+1)) || FAIL=$((FAIL+1))
+}
+pip_install() {
+  echo -e "  ${BLUE}[PIP]${NC} $*"
+  pip3 install --no-cache-dir --break-system-packages "$@" 2>/dev/null && OK=$((OK+1)) || FAIL=$((FAIL+1))
 }
-install_pip() {
-  echo -e "${BLUE}[PIP]${NC} $*"
-  pip3 install --no-cache-dir --break-system-packages "$@" 2>/dev/null || true
+# NOTE: checkov requires --ignore-installed (system packaging conflict)
+pip_force() {
+  echo -e "  ${BLUE}[PIP+]${NC} $*"
+  pip3 install --no-cache-dir --break-system-packages --ignore-installed "$@" 2>/dev/null && OK=$((OK+1)) || FAIL=$((FAIL+1))
 }
-install_go() {
-  echo -e "${BLUE}[GO ]${NC} $1"
-  go install "$1" 2>/dev/null || true
+go_install() {
+  echo -e "  ${BLUE}[GO ]${NC} $1"
+  export PATH="$PATH:/root/go/bin"; export GOPATH=/root/go
+  go install "$1" 2>/dev/null && OK=$((OK+1)) || FAIL=$((FAIL+1))
+  # Always copy to system PATH so it's accessible without GOPATH
+  local bin_name; bin_name=$(basename "${1%@*}" | cut -d/ -f1)
+  [ -f "/root/go/bin/$bin_name" ] && cp "/root/go/bin/$bin_name" /usr/local/bin/ 2>/dev/null || true
 }
-install_npm() {
-  echo -e "${BLUE}[NPM]${NC} $*"
-  npm install -g "$@" 2>/dev/null || true
+gem_install() {
+  echo -e "  ${BLUE}[GEM]${NC} $*"
+  gem install "$@" 2>/dev/null && OK=$((OK+1)) || FAIL=$((FAIL+1))
 }
-install_gem() {
-  echo -e "${BLUE}[GEM]${NC} $*"
-  gem install "$@" 2>/dev/null || true
+npm_install() {
+  echo -e "  ${BLUE}[NPM]${NC} $*"
+  npm install -g "$@" 2>/dev/null && OK=$((OK+1)) || FAIL=$((FAIL+1))
 }
 clone() {
   local repo="$1" dest="$2"
+  echo -e "  ${BLUE}[GIT]${NC} $dest"
   if [ ! -d "$dest" ]; then
-    echo -e "${BLUE}[GIT]${NC} $dest"
-    git clone "$repo" "$dest" 2>/dev/null || true
+    git clone --depth 1 "$repo" "$dest" -q 2>/dev/null && OK=$((OK+1)) || FAIL=$((FAIL+1))
   else
-    echo -e "${YELLOW}[SKP]${NC} $dest (exists)"
+    echo -e "  ${YELLOW}[SKP]${NC} $dest (already exists)"
+    OK=$((OK+1))
   fi
 }
-log_section() {
+binary_download() {
+  local name="$1" url="$2" dest="${3:-/usr/local/bin/$1}"
+  echo -e "  ${BLUE}[BIN]${NC} $name"
+  curl -sL "$url" -o "/tmp/${name}_dl" 2>/dev/null && mv "/tmp/${name}_dl" "$dest" && chmod +x "$dest" && OK=$((OK+1)) || FAIL=$((FAIL+1))
+}
+section() {
   echo ""
-  echo -e "${CYAN}══════════════════════════════════════════${NC}"
-  echo -e "${CYAN}  $1${NC}"
-  echo -e "${CYAN}══════════════════════════════════════════${NC}"
+  echo -e "${CYAN}${BOLD}══ $1 ══${NC}"
 }
-# ── System ────────────────────────────────────────────────────────────────────
-log_section "System Update"
-apt-get update && apt-get upgrade -y
+# ── System Update ─────────────────────────────────────────────────────────────
+section "System Update"
+apt-get update -qq && apt-get upgrade -y -qq
-# ── Core dependencies ─────────────────────────────────────────────────────────
-log_section "Core Dependencies"
-install_apt curl wget git vim nano tmux screen \
+# ── Core Dependencies ─────────────────────────────────────────────────────────
+section "Core Dependencies"
+apt_install curl wget git vim nano tmux screen \
   file xxd hexedit zip unzip p7zip-full tar jq \
   build-essential python3 python3-pip python3-venv \
   libssl-dev libffi-dev libpcap-dev \
-  golang-go nodejs npm default-jdk ruby ruby-dev
+  golang-go nodejs npm default-jdk ruby ruby-dev \
+  libgmp-dev libmpfr-dev libmpc-dev
-# ── Alias setup ───────────────────────────────────────────────────────────────
-log_section "Installing rt-* Aliases"
+export PATH="$PATH:/root/go/bin"
+export GOPATH=/root/go
+# ── Aliases (rt-* shortcuts) ──────────────────────────────────────────────────
+section "RTExit Aliases"
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 ALIASES_SRC="$SCRIPT_DIR/../docker/aliases.sh"
 if [ -f "$ALIASES_SRC" ]; then
   cp "$ALIASES_SRC" /etc/profile.d/rtexit-aliases.sh
   chmod +x /etc/profile.d/rtexit-aliases.sh
-  echo -e "${GREEN}[✓]${NC} rt-* aliases installed → /etc/profile.d/rtexit-aliases.sh"
-  echo -e "${YELLOW}[!]${NC} Run: source /etc/profile.d/rtexit-aliases.sh"
-else
-  echo -e "${YELLOW}[!]${NC} aliases.sh not found — install from: docker/aliases.sh"
+  echo -e "  ${GREEN}✅${NC} rt-* aliases installed"
 fi
-# ── Network & Scanning ────────────────────────────────────────────────────────
-log_section "Network & Scanning"
-install_apt nmap ncat netcat-openbsd tcpdump tshark \
-  net-tools iproute2 iputils-ping bind9-dnsutils \
-  socat proxychains4 openvpn masscan \
-  iodine hping3 dsniff macchanger zmap \
-  bettercap ettercap-text-only sslstrip arpwatch netsniff-ng \
-  suricata ncrack
-# ── Wireless ─────────────────────────────────────────────────────────────────
-log_section "Wireless & Bluetooth"
-install_apt aircrack-ng wireless-tools rfkill \
-  hostapd-wpe ubertooth
-install_pip wifite2
-# hcxdumptool
-clone https://github.com/ZerBea/hcxdumptool /opt/hcxdumptool
-[ -d /opt/hcxdumptool ] && cd /opt/hcxdumptool && make && make install 2>/dev/null || true
-install_apt hcxtools 2>/dev/null || true
-# ── Recon & OSINT ─────────────────────────────────────────────────────────────
-log_section "Recon & OSINT"
-install_apt amass subfinder fierce dnsrecon dnsenum \
-  nbtscan smbmap enum4linux
-install_pip theHarvester shodan censys trufflehog \
-  sherlock-project h8mail maigret holehe socialscan \
-  enum4linux-ng ipinfo duckduckgo-search PyGithub git-dumper
-clone https://github.com/lanmaster53/recon-ng /opt/recon-ng
-install_pip -r /opt/recon-ng/REQUIREMENTS 2>/dev/null || true
-ln -sf /opt/recon-ng/recon-ng /usr/local/bin/recon-ng 2>/dev/null || true
-# Go recon tools
-install_go github.com/projectdiscovery/httpx/cmd/httpx@latest
-install_go github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
-install_go github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
-install_go github.com/projectdiscovery/naabu/v2/cmd/naabu@latest
-install_go github.com/projectdiscovery/katana/cmd/katana@latest
-install_go github.com/projectdiscovery/dnsx/cmd/dnsx@latest
-install_go github.com/hakluke/hakrawler@latest
-install_go github.com/tomnomnom/waybackurls@latest
-install_go github.com/lc/gau/v2/cmd/gau@latest
-install_go github.com/ffuf/ffuf/v2@latest
-install_go github.com/OJ/gobuster/v3@latest
-install_go github.com/LukaSikic/subzy@latest
-install_go github.com/hahwul/dalfox/v2@latest
-install_go github.com/gwen001/github-subdomains@latest
-# gitleaks
-curl -sSfL https://github.com/gitleaks/gitleaks/releases/latest/download/gitleaks_linux_x64.tar.gz | \
-  tar xz -C /usr/local/bin 2>/dev/null || true
+# ════════════════════════════════════════════════════════════
+# PHASE 1 — Scanning & Recon
+# ════════════════════════════════════════════════════════════
+section "Phase 1 — Scanning & Recon"
+# Verified via apt (reliable)
+apt_install nmap masscan zmap naabu \
+  dnsrecon dnsenum fierce \
+  dirb nikto whatweb wafw00f testssl.sh
+# rustscan — MUST use deb package (not cargo, too slow)
+echo -e "  ${BLUE}[DEB]${NC} rustscan"
+curl -sL "https://github.com/RustScan/RustScan/releases/download/2.3.0/rustscan_2.3.0_amd64.deb" \
+  -o /tmp/rustscan.deb 2>/dev/null && dpkg -i /tmp/rustscan.deb 2>/dev/null && rm /tmp/rustscan.deb || true
+# feroxbuster — binary download (go install is slow, binary is instant)
+echo -e "  ${BLUE}[BIN]${NC} feroxbuster"
+curl -sL "https://github.com/epi052/feroxbuster/releases/latest/download/x86_64-linux-feroxbuster.zip" \
+  -o /tmp/ferox.zip 2>/dev/null && unzip -qo /tmp/ferox.zip -d /usr/local/bin/ feroxbuster && rm /tmp/ferox.zip || true
+# x8 — MUST use binary (.gz), NOT go install (module path is broken in go install)
+echo -e "  ${BLUE}[BIN]${NC} x8"
+curl -sL "https://github.com/Sh1Yo/x8/releases/download/v4.3.0/x86_64-linux-x8.gz" \
+  -o /tmp/x8.gz 2>/dev/null && gunzip /tmp/x8.gz && mv /tmp/x8 /usr/local/bin/x8 && chmod +x /usr/local/bin/x8 || true
+# pip scanning tools
+pip_install dirsearch wfuzz
+# Go tools (all copy to /usr/local/bin automatically)
+go_install github.com/projectdiscovery/httpx/cmd/httpx@latest
+go_install github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
+go_install github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
+go_install github.com/projectdiscovery/naabu/v2/cmd/naabu@latest
+go_install github.com/projectdiscovery/katana/cmd/katana@latest
+go_install github.com/projectdiscovery/dnsx/cmd/dnsx@latest
+go_install github.com/hakluke/hakrawler@latest
+go_install github.com/tomnomnom/waybackurls@latest
+go_install github.com/lc/gau/v2/cmd/gau@latest
+go_install github.com/ffuf/ffuf/v2@latest
+go_install github.com/OJ/gobuster/v3@latest
+go_install github.com/LukaSikic/subzy@latest
+go_install github.com/PentestPad/subzy@latest    # fallback — use PentestPad fork
+go_install github.com/hahwul/dalfox/v2@latest
+go_install github.com/tomnomnom/httprobe@latest
+go_install github.com/d3mondev/puredns/v2@latest
+go_install github.com/sensepost/gowitness@latest
+go_install github.com/LukaSikic/subzy@latest
+go_install github.com/projectdiscovery/interactsh/cmd/interactsh-client@latest
+go_install github.com/tomnomnom/qsreplace@latest
+go_install github.com/Emoe/kxss@latest
+# gitleaks — binary download (not pip — pip version is outdated)
+echo -e "  ${BLUE}[BIN]${NC} gitleaks"
+curl -sSL "https://github.com/gitleaks/gitleaks/releases/download/v8.18.2/gitleaks_8.18.2_linux_x64.tar.gz" \
+  -o /tmp/gl.tar.gz 2>/dev/null && tar xf /tmp/gl.tar.gz -C /usr/local/bin gitleaks && rm /tmp/gl.tar.gz || true
+# wappalyzer — wrapper script (npm installs to non-standard path, needs wrapper)
+npm_install wappalyzer-cli
+printf '#!/bin/bash\nnode /usr/local/lib/node_modules/wappalyzer-cli/bin/wappalyzer "$@"\n' \
+  > /usr/local/bin/wappalyzer && chmod +x /usr/local/bin/wappalyzer
+# LinkFinder
+clone https://github.com/GerbenJavado/LinkFinder /opt/LinkFinder
+pip_install -r /opt/LinkFinder/requirements.txt
+ln -sf /opt/LinkFinder/linkfinder.py /usr/local/bin/linkfinder
+chmod +x /opt/LinkFinder/linkfinder.py 2>/dev/null || true
 # SecLists
 clone https://github.com/danielmiessler/SecLists /opt/SecLists
-# ── Web Application ───────────────────────────────────────────────────────────
-log_section "Web Application Testing"
-install_apt sqlmap nikto wfuzz dirb whatweb wafw00f testssl.sh
-install_pip mitmproxy impacket requests pwntools \
-  PyJWT python-jose grpcio grpcio-tools websocket-client scapy \
-  arjun padding-oracle-attacker jsbeautifier semgrep graphql-cop inql
-clone https://github.com/defparam/smuggler /opt/smuggler
-ln -sf /opt/smuggler/smuggler.py /usr/local/bin/smuggler
-chmod +x /opt/smuggler/smuggler.py 2>/dev/null || true
+# ════════════════════════════════════════════════════════════
+# PHASE 2 — Web Application Testing
+# ════════════════════════════════════════════════════════════
+section "Phase 2 — Web Application Testing"
+apt_install sqlmap
+# semgrep — MUST use apt (pip conflicts with system python packaging)
+apt_install python3-semgrep
+pip_install mitmproxy arjun jsbeautifier graphql-cop inql
+pip_install PyJWT python-jose grpcio grpcio-tools websocket-client
+pip_install blackboxprotobuf padding-oracle-attacker
+# checkov — MUST use --ignore-installed (packaging conflict)
+pip_force checkov
+# git-dumper
+pip_install git-dumper
+# jwt_tool
 clone https://github.com/ticarpi/jwt_tool /opt/jwt_tool
-install_pip -r /opt/jwt_tool/requirements.txt 2>/dev/null || true
+pip_install -r /opt/jwt_tool/requirements.txt
 ln -sf /opt/jwt_tool/jwt_tool.py /usr/local/bin/jwt_tool
-chmod +x /opt/jwt_tool/jwt_tool.py 2>/dev/null || true
-clone https://github.com/GerbenJavado/LinkFinder /opt/LinkFinder
-install_pip -r /opt/LinkFinder/requirements.txt 2>/dev/null || true
-ln -sf /opt/LinkFinder/linkfinder.py /usr/local/bin/linkfinder
-clone https://github.com/enjoiz/XXEinjector /opt/XXEinjector
+chmod +x /opt/jwt_tool/jwt_tool.py
+# smuggler (HTTP Request Smuggling)
+clone https://github.com/defparam/smuggler /opt/smuggler
+ln -sf /opt/smuggler/smuggler.py /usr/local/bin/smuggler
+chmod +x /opt/smuggler/smuggler.py
+# tplmap (SSTI)
 clone https://github.com/epinna/tplmap /opt/tplmap
-install_pip -r /opt/tplmap/requirements.txt 2>/dev/null || true
+pip_install -r /opt/tplmap/requirements.txt
 ln -sf /opt/tplmap/tplmap.py /usr/local/bin/tplmap
-chmod +x /opt/tplmap/tplmap.py 2>/dev/null || true
-# GraphQL tools
-install_pip graphw00f clairvoyance
-# Go web tools
-install_go github.com/fullstorydev/grpcurl/cmd/grpcurl@latest
-install_go github.com/projectdiscovery/interactsh/cmd/interactsh-client@latest
-install_go github.com/Sh1Yo/x8@latest
-install_go github.com/tomnomnom/qsreplace@latest
-install_go github.com/Emoe/kxss@latest
-# ghauri
-install_pip ghauri 2>/dev/null || true
-clone https://github.com/r0oth3x49/ghauri /opt/ghauri
-install_pip -r /opt/ghauri/requirements.txt 2>/dev/null || true
-ln -sf /opt/ghauri/ghauri.py /usr/local/bin/ghauri
+chmod +x /opt/tplmap/tplmap.py
+# XXEinjector
+clone https://github.com/enjoiz/XXEinjector /opt/XXEinjector
 # CORScanner
 clone https://github.com/chenjj/CORScanner /opt/CORScanner
-install_pip -r /opt/CORScanner/requirements.txt 2>/dev/null || true
-# npm web tools
-install_npm wappalyzer-cli js-beautify
-# ── Password & Credentials ────────────────────────────────────────────────────
-log_section "Password Attacks & Credentials"
-install_apt hashcat john hydra medusa cewl crunch
-install_pip pypykatz patator
-install_go github.com/ropnop/kerbrute@latest
-clone https://github.com/Mebus/cupp /opt/cupp
-ln -sf /opt/cupp/cupp.py /usr/local/bin/cupp
-chmod +x /opt/cupp/cupp.py
+pip_install -r /opt/CORScanner/requirements.txt
+# ghauri (advanced SQLi)
+pip_install ghauri
+clone https://github.com/r0oth3x49/ghauri /opt/ghauri
+pip_install -r /opt/ghauri/requirements.txt
+ln -sf /opt/ghauri/ghauri.py /usr/local/bin/ghauri
+# ysoserial + phpggc (deserialization)
+mkdir -p /opt/ysoserial
+curl -sL "https://github.com/frohoff/ysoserial/releases/latest/download/ysoserial-all.jar" \
+  -o /opt/ysoserial/ysoserial.jar 2>/dev/null || true
+clone https://github.com/ambionics/phpggc /opt/phpggc
+ln -sf /opt/phpggc/phpggc /usr/local/bin/phpggc
+chmod +x /opt/phpggc/phpggc
+# graphw00f, clairvoyance
+pip_install graphw00f clairvoyance
+# grpcurl
+go_install github.com/fullstorydev/grpcurl/cmd/grpcurl@latest
+# syft, grype (supply chain)
+curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin 2>/dev/null || true
+curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin 2>/dev/null || true
-# ── Active Directory ──────────────────────────────────────────────────────────
-log_section "Active Directory & Windows"
-install_pip impacket bloodhound certipy-ad pywhisker netexec mitm6 coercer \
-  bloodyAD ldeep pyrdp
-install_gem evil-winrm
+# ════════════════════════════════════════════════════════════
+# PHASE 3 — Active Directory & Windows
+# ════════════════════════════════════════════════════════════
+section "Phase 3 — Active Directory & Windows"
+pip_install impacket certipy-ad pywhisker netexec bloodyAD ldeep pyrdp bloodhound
+# theHarvester — MUST use apt (pip version is broken on newer Kali)
+apt_install theharvester
+# netexec + wifite — apt is correct (confirmed working)
+apt_install netexec wifite
+# crackmapexec → symlink to netexec (same tool, renamed in 2024)
+ln -sf /usr/bin/netexec /usr/local/bin/crackmapexec 2>/dev/null || true
+gem_install evil-winrm
+# Impacket symlinks — CRITICAL: scripts are .py files, need impacket- prefix
+for script in psexec smbexec wmiexec secretsdump GetUserSPNs GetNPUsers \
+    ntlmrelayx lookupsid ticketer ticketConverter getST addcomputer \
+    atexec dcomexec dpapi esentutl findDelegation goldenPac karmaSMB \
+    netview nmapAnswerMachine ping6 raiseChild rpcdump sambaPipe \
+    samrdump services sniffer sniff tstool; do
+  if [ -f /usr/local/bin/${script}.py ]; then
+    ln -sf /usr/local/bin/${script}.py /usr/local/bin/impacket-${script}
+    chmod +x /usr/local/bin/${script}.py
+  fi
+done
+# AD tools
 clone https://github.com/dirkjanm/PKINITtools /opt/PKINITtools
-install_pip -r /opt/PKINITtools/requirements.txt 2>/dev/null || true
+pip_install -r /opt/PKINITtools/requirements.txt
 clone https://github.com/topotam/PetitPotam /opt/PetitPotam
 clone https://github.com/login-securite/DonPAPI /opt/DonPAPI
-install_pip -r /opt/DonPAPI/requirements.txt 2>/dev/null || true
+pip_install -r /opt/DonPAPI/requirements.txt
 clone https://github.com/Ridter/noPac /opt/noPac
 clone https://github.com/Dec0ne/KrbRelayUp /opt/KrbRelayUp
 clone https://github.com/dirkjanm/CVE-2020-1472 /opt/CVE-2020-1472
 clone https://github.com/cube0x0/CVE-2021-1675 /opt/PrintNightmare
 clone https://github.com/dirkjanm/krbrelayx /opt/krbrelayx
-install_pip dnspython ldap3 pyOpenSSL 2>/dev/null || true
+pip_install dnspython ldap3 pyOpenSSL
 clone https://github.com/fireeye/ADFSpoof /opt/ADFSpoof
-install_pip -r /opt/ADFSpoof/requirements.txt 2>/dev/null || true
+pip_install -r /opt/ADFSpoof/requirements.txt
 clone https://github.com/klezVirus/SysWhispers3 /opt/SysWhispers3
 clone https://github.com/Hackndo/pyGPOAbuse /opt/pyGPOAbuse
-install_pip -r /opt/pyGPOAbuse/requirements.txt 2>/dev/null || true
-install_pip roadtools roadrecon bloodyAD
-# windapsearch
-install_go github.com/ropnop/windapsearch@latest 2>/dev/null || true
-# ── C2 & Post-Exploitation ────────────────────────────────────────────────────
-log_section "C2 & Post-Exploitation"
-install_apt metasploit-framework
-curl https://sliver.sh/install | bash 2>/dev/null || true
-install_go github.com/jpillora/chisel@latest
-install_go github.com/nicocha30/ligolo-ng/cmd/proxy@latest
-install_go github.com/nicocha30/ligolo-ng/cmd/agent@latest
-install_go github.com/Ne0nd0g/merlin-agent/cmd/merlinagent@latest
-clone https://github.com/BC-SECURITY/Empire /opt/Empire
-install_pip -r /opt/Empire/requirements.txt 2>/dev/null || true
-ln -sf /opt/Empire/empire /usr/local/bin/empire 2>/dev/null || true
-clone https://github.com/nettitude/PoshC2 /opt/PoshC2
-install_pip -r /opt/PoshC2/requirements.txt 2>/dev/null || true
-clone https://github.com/t3l3machus/Villain /opt/Villain
-install_pip -r /opt/Villain/requirements.txt 2>/dev/null || true
-install_pip deathstar 2>/dev/null || true
+pip_install -r /opt/pyGPOAbuse/requirements.txt
 clone https://github.com/byt3bl33d3r/DeathStar /opt/DeathStar
-install_pip -r /opt/DeathStar/requirements.txt 2>/dev/null || true
-install_apt iodine
-clone https://github.com/iagox86/dnscat2 /opt/dnscat2
-cd /opt/dnscat2/client && make 2>/dev/null || true
-# ── Cloud ─────────────────────────────────────────────────────────────────────
-log_section "Cloud Platforms"
-install_pip awscli boto3 azure-cli google-cloud-storage google-auth \
-  scoutsuite prowler pacu kube-hunter principalmapper \
-  checkov s3scanner gcp-scanner
-install_go github.com/BishopFox/cloudfox@latest
-install_go github.com/DataDog/stratus-red-team/v2/cmd/stratus@latest
-install_go github.com/liamg/awswhoami@latest
-curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" 2>/dev/null && \
-  install -m 0755 kubectl /usr/local/bin/kubectl && rm kubectl 2>/dev/null || true
+pip_install -r /opt/DeathStar/requirements.txt
+pip_install roadtools roadrecon
+go_install github.com/ropnop/kerbrute@latest
+go_install github.com/ropnop/windapsearch@latest
+# LDAP/SMB enum
+apt_install enum4linux nbtscan smbmap smbclient ldap-utils
+pip_install enum4linux-ng
+# Responder, Coercer, Mitm6
+apt_install responder
+pip_install mitm6 coercer bloodyAD ldeep
+# pyrdp
+pip_install pyrdp
+# ════════════════════════════════════════════════════════════
+# PHASE 4 — Cloud
+# ════════════════════════════════════════════════════════════
+section "Phase 4 — Cloud"
+pip_install awscli boto3 google-cloud-storage google-auth \
+  scoutsuite prowler kube-hunter principalmapper \
+  checkov s3scanner
+# azure-cli
+pip_install azure-cli 2>/dev/null || \
+  curl -sL https://aka.ms/InstallAzureCLIDeb | bash 2>/dev/null || true
+# enumerate-iam (AWS)
 clone https://github.com/andresriancho/enumerate-iam /opt/enumerate-iam
-install_pip -r /opt/enumerate-iam/requirements.txt 2>/dev/null || true
+pip_install -r /opt/enumerate-iam/requirements.txt
 ln -sf /opt/enumerate-iam/enumerate-iam.py /usr/local/bin/enumerate-iam
-chmod +x /opt/enumerate-iam/enumerate-iam.py 2>/dev/null || true
+chmod +x /opt/enumerate-iam/enumerate-iam.py
+# azcopy
+curl -sSL "https://aka.ms/downloadazcopy-v10-linux" | tar xz --strip-components=1 -C /usr/local/bin/ 2>/dev/null || true
+# kubectl
+curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" 2>/dev/null \
+  && install -m 0755 kubectl /usr/local/bin/kubectl && rm kubectl || true
 # kubectx + kubens
 clone https://github.com/ahmetb/kubectx /opt/kubectx
 ln -sf /opt/kubectx/kubectx /usr/local/bin/kubectx
-ln -sf /opt/kubectx/kubens /usr/local/bin/kubens 2>/dev/null || true
-install_go github.com/aquasecurity/kube-bench@latest
+ln -sf /opt/kubectx/kubens /usr/local/bin/kubens
+# kube-bench, helm
+go_install github.com/aquasecurity/kube-bench@latest
 curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash 2>/dev/null || true
-# azcopy
-curl -sSL "https://aka.ms/downloadazcopy-v10-linux" | tar xz --strip-components=1 -C /usr/local/bin/ 2>/dev/null || true
-# cloud_enum
+# Go cloud tools
+go_install github.com/BishopFox/cloudfox@latest
+go_install github.com/DataDog/stratus-red-team/v2/cmd/stratus@latest
+go_install github.com/liamg/awswhoami@latest
+go_install github.com/projectdiscovery/cloudlist/cmd/cloudlist@latest
+# Container tools
+go_install github.com/cdk-team/CDK/cmd/cdk@latest
+go_install github.com/brompwnie/botb@latest
+curl -sSL https://github.com/stealthcopter/deepce/releases/latest/download/deepce \
+  -o /usr/local/bin/deepce && chmod +x /usr/local/bin/deepce 2>/dev/null || true
+curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin 2>/dev/null || true
+curl -sSfL https://raw.githubusercontent.com/wagoodman/dive/main/get-dive.sh | sh 2>/dev/null || true
+# cloud_enum, Pacu
 clone https://github.com/initstring/cloud_enum /opt/cloud_enum
-install_pip -r /opt/cloud_enum/requirements.txt 2>/dev/null || true
+pip_install -r /opt/cloud_enum/requirements.txt
+pip_install pacu
+# ════════════════════════════════════════════════════════════
+# PHASE 5 — Mobile Testing
+# ════════════════════════════════════════════════════════════
+section "Phase 5 — Mobile Testing"
+apt_install apktool dex2jar android-tools-adb mono-complete mono-utils
-# ── Mobile ────────────────────────────────────────────────────────────────────
-log_section "Mobile Testing"
-install_apt apktool dex2jar android-tools-adb
-clone https://github.com/skylot/jadx /opt/jadx_src 2>/dev/null || true
+# jadx — download zip (NOT apt — apt version is old)
 mkdir -p /opt/jadx
-curl -sSL "https://github.com/skylot/jadx/releases/latest/download/jadx-1.5.0.zip" \
-  -o /tmp/jadx.zip 2>/dev/null && \
-  unzip -q /tmp/jadx.zip -d /opt/jadx && \
+curl -sSL "https://github.com/skylot/jadx/releases/download/v1.5.0/jadx-1.5.0.zip" \
+  -o /tmp/jadx.zip 2>/dev/null && unzip -qo /tmp/jadx.zip -d /opt/jadx && \
   ln -sf /opt/jadx/bin/jadx /usr/local/bin/jadx && \
-  ln -sf /opt/jadx/bin/jadx-gui /usr/local/bin/jadx-gui && \
-  rm /tmp/jadx.zip 2>/dev/null || true
-install_pip frida-tools objection apkleaks drozer \
-  reFlutter hermes-dec hbctool doldrums androguard \
-  "qrcode[pil]" Pillow lz4
-install_npm apk-mitm js-beautify
-install_apt mono-complete mono-utils 2>/dev/null || true
+  ln -sf /opt/jadx/bin/jadx-gui /usr/local/bin/jadx-gui && rm /tmp/jadx.zip || true
 # uber-apk-signer
 mkdir -p /opt/uber-apk-signer
 curl -sSL "https://github.com/patrickfav/uber-apk-signer/releases/download/v1.3.0/uber-apk-signer-1.3.0.jar" \
   -o /opt/uber-apk-signer/uber-apk-signer.jar 2>/dev/null || true
-echo '#!/bin/bash\nexec java -jar /opt/uber-apk-signer/uber-apk-signer.jar "$@"' \
+printf '#!/bin/bash\nexec java -jar /opt/uber-apk-signer/uber-apk-signer.jar "$@"\n' \
   > /usr/local/bin/uber-apk-signer && chmod +x /usr/local/bin/uber-apk-signer
-# frida-server setup script
-cat > /usr/local/bin/setup-frida-server << 'SCRIPT'
+# Frida tools
+pip_install frida-tools objection apkleaks drozer
+# reFlutter, hermes, cross-platform
+pip_install reFlutter hermes-dec hbctool doldrums androguard "qrcode[pil]" Pillow lz4
+# apk-mitm
+npm_install apk-mitm js-beautify
+# setup-frida-server script
+cat > /usr/local/bin/setup-frida-server << 'FSCRIPT'
 #!/bin/bash
 FRIDA_VER=$(python3 -c "import frida; print(frida.__version__)" 2>/dev/null || pip3 show frida | grep Version | awk '{print $2}')
 ARCH=$(adb shell getprop ro.product.cpu.abi 2>/dev/null | tr -d '\r')
 case $ARCH in
   arm64-v8a) A="arm64" ;; armeabi-v7a) A="arm" ;;
-  x86_64) A="x86_64" ;; x86) A="x86" ;; *) echo "Unknown arch: $ARCH"; exit 1 ;;
+  x86_64) A="x86_64" ;; x86) A="x86" ;; *) echo "Unknown: $ARCH"; exit 1 ;;
 esac
-echo "[*] Frida $FRIDA_VER | arch: $A"
 wget -q "https://github.com/frida/frida/releases/download/${FRIDA_VER}/frida-server-${FRIDA_VER}-android-${A}.xz" -O /tmp/frida-server.xz
 unxz /tmp/frida-server.xz && mv /tmp/frida-server "/tmp/frida-server-${A}"
 adb push "/tmp/frida-server-${A}" /data/local/tmp/frida-server
 adb shell chmod 755 /data/local/tmp/frida-server
-echo "[+] Done. Start: adb shell /data/local/tmp/frida-server &"
-SCRIPT
+echo "[+] Start: adb shell /data/local/tmp/frida-server &"
+FSCRIPT
 chmod +x /usr/local/bin/setup-frida-server
-# ── Binary Analysis & RE ──────────────────────────────────────────────────────
-log_section "Binary Analysis & Reverse Engineering"
-install_apt gdb radare2 ltrace strace binutils patchelf nasm yara \
-  binutils-multiarch sleuthkit
-install_pip pwntools floss capstone keystone-engine unicorn \
+# drozer agent
+mkdir -p /opt/drozer
+curl -sSL "https://github.com/WithSecureLabs/drozer/releases/latest/download/drozer-agent.apk" \
+  -o /opt/drozer/drozer-agent.apk 2>/dev/null || true
+# TheFatRat
+clone https://github.com/Screetsec/TheFatRat /opt/TheFatRat
+chmod +x /opt/TheFatRat/fatrat 2>/dev/null || true
+# ════════════════════════════════════════════════════════════
+# PHASE 6 — C2 & Post-Exploitation
+# ════════════════════════════════════════════════════════════
+section "Phase 6 — C2 & Post-Exploitation"
+apt_install metasploit-framework iodine
+curl https://sliver.sh/install | bash 2>/dev/null || true
+go_install github.com/jpillora/chisel@latest
+go_install github.com/nicocha30/ligolo-ng/cmd/proxy@latest
+go_install github.com/nicocha30/ligolo-ng/cmd/agent@latest
+go_install github.com/Ne0nd0g/merlin-agent/cmd/merlinagent@latest
+clone https://github.com/BC-SECURITY/Empire /opt/Empire
+pip_install -r /opt/Empire/requirements.txt
+ln -sf /opt/Empire/empire /usr/local/bin/empire 2>/dev/null || true
+clone https://github.com/nettitude/PoshC2 /opt/PoshC2
+pip_install -r /opt/PoshC2/requirements.txt
+clone https://github.com/t3l3machus/Villain /opt/Villain
+pip_install -r /opt/Villain/requirements.txt
+clone https://github.com/iagox86/dnscat2 /opt/dnscat2
+cd /opt/dnscat2/client && make 2>/dev/null || true; cd /
+# Payload generation
+clone https://github.com/optiv/ScareCrow /opt/ScareCrow
+cd /opt/ScareCrow && go build -o /usr/local/bin/ScareCrow . 2>/dev/null || true; cd /
+clone https://github.com/sevagas/macro_pack /opt/macro_pack
+pip_install donut-shellcode
+go_install github.com/Binject/go-donut/cmd/godonuts@latest
+# ════════════════════════════════════════════════════════════
+# PHASE 7 — OSINT & Intelligence
+# ════════════════════════════════════════════════════════════
+section "Phase 7 — OSINT & Intelligence"
+pip_install shodan censys h8mail holehe maigret socialscan \
+  spiderfoot ipinfo duckduckgo-search PyGithub
+clone https://github.com/lanmaster53/recon-ng /opt/recon-ng
+pip_install -r /opt/recon-ng/REQUIREMENTS
+ln -sf /opt/recon-ng/recon-ng /usr/local/bin/recon-ng
+clone https://github.com/m8sec/CrossLinked /opt/CrossLinked
+pip_install -r /opt/CrossLinked/requirements.txt
+pip_install sherlock-project
+go_install github.com/gwen001/github-subdomains@latest
+# ════════════════════════════════════════════════════════════
+# PHASE 8 — Passwords & Credentials
+# ════════════════════════════════════════════════════════════
+section "Phase 8 — Passwords & Credentials"
+apt_install hashcat john hydra medusa cewl crunch ncrack
+clone https://github.com/Mebus/cupp /opt/cupp
+ln -sf /opt/cupp/cupp.py /usr/local/bin/cupp
+chmod +x /opt/cupp/cupp.py
+pip_install pypykatz patator
+# Crypto libraries
+pip_install pycryptodome hashpumpy cryptography sympy gmpy2 ecdsa
+# ════════════════════════════════════════════════════════════
+# PHASE 9 — Binary Analysis & RE
+# ════════════════════════════════════════════════════════════
+section "Phase 9 — Binary Analysis & RE"
+apt_install gdb radare2 ltrace strace binutils patchelf nasm \
+  yara binutils-multiarch sleuthkit
+pip_install pwntools floss capstone keystone-engine unicorn \
   ropgadget ropper angr yara-python
+# pwndbg
 clone https://github.com/pwndbg/pwndbg /opt/pwndbg
-cd /opt/pwndbg && ./setup.sh 2>/dev/null || true
+cd /opt/pwndbg && ./setup.sh 2>/dev/null || true; cd /
+# GEF
 bash -c "$(curl -sSL https://gef.blah.cat/sh)" 2>/dev/null || true
-clone https://github.com/Yara-Rules/rules /opt/yara-rules
 # Ghidra
 if ! command -v ghidra &>/dev/null; then
   curl -sSL "https://github.com/NationalSecurityAgency/ghidra/releases/latest/download/ghidra_11.1_PUBLIC_20240607.zip" \
     -o /tmp/ghidra.zip 2>/dev/null && \
     unzip -q /tmp/ghidra.zip -d /opt && \
-    ln -sf /opt/ghidra_*/ghidraRun /usr/local/bin/ghidra && \
+    ln -s /opt/ghidra_*/ghidraRun /usr/local/bin/ghidra && \
     rm /tmp/ghidra.zip 2>/dev/null || true
 fi
-# ── Crypto ────────────────────────────────────────────────────────────────────
-log_section "Cryptography"
-install_apt libgmp-dev libmpfr-dev libmpc-dev
-install_pip pycryptodome hashpumpy cryptography sympy ecdsa gmpy2
+# YARA rules
+clone https://github.com/Yara-Rules/rules /opt/yara-rules
-# ── Fuzzing ───────────────────────────────────────────────────────────────────
-log_section "Fuzzing"
-install_apt afl++
-install_pip boofuzz
+# Fuzzing
+apt_install afl++
 clone https://gitlab.com/akihe/radamsa /opt/radamsa
-cd /opt/radamsa && make 2>/dev/null && ln -sf /opt/radamsa/bin/radamsa /usr/local/bin/radamsa 2>/dev/null || true
+cd /opt/radamsa && make 2>/dev/null && ln -sf /opt/radamsa/bin/radamsa /usr/local/bin/radamsa || true; cd /
+pip_install boofuzz
+# Forensics
+apt_install foremost dc3dd testdisk bulk-extractor exiftool
+clone https://github.com/volatilityfoundation/volatility3 /opt/volatility3
+pip_install -r /opt/volatility3/requirements.txt
+ln -sf /opt/volatility3/vol.py /usr/local/bin/vol
+# ════════════════════════════════════════════════════════════
+# PHASE 10 — Network & WiFi
+# ════════════════════════════════════════════════════════════
+section "Phase 10 — Network & WiFi"
+apt_install tcpdump tshark bettercap ettercap-text-only dsniff \
+  sslstrip hping3 proxychains4 macchanger socat \
+  responder aircrack-ng wireless-tools rfkill \
+  hostapd-wpe ubertooth ncrack \
+  sipvicious rtpbreak pjsua suricata \
+  arpwatch netsniff-ng
+apt_install hcxtools 2>/dev/null || true
+# hcxdumptool (compile from source — apt version may be outdated)
+clone https://github.com/ZerBea/hcxdumptool /opt/hcxdumptool
+cd /opt/hcxdumptool && make && make install 2>/dev/null || true; cd /
-# ── Social Engineering & Phishing ────────────────────────────────────────────
-log_section "Social Engineering & Phishing"
-clone https://github.com/trustedsec/social-engineer-toolkit /opt/setoolkit
-install_pip -r /opt/setoolkit/requirements.txt 2>/dev/null || true
-install_pip o365spray
-clone https://github.com/ustayready/CredSniper /opt/CredSniper
-install_pip -r /opt/CredSniper/requirements.txt 2>/dev/null || true
-clone https://github.com/ryhanson/phishery /opt/phishery
-wget -q "https://github.com/gophish/gophish/releases/download/v0.12.1/gophish-v0.12.1-linux-64bit.zip" \
-  -O /tmp/gophish.zip 2>/dev/null && \
+# wifite via apt (confirmed working, pip version has issues)
+apt_install wifite
+pip_install mitm6 mitmproxy scapy bleak pyserial pyModbusTCP
+clone https://github.com/lgandx/PCredz /opt/PCredz
+# GoPhish
+curl -sL "https://github.com/gophish/gophish/releases/download/v0.12.1/gophish-v0.12.1-linux-64bit.zip" \
+  -o /tmp/gophish.zip 2>/dev/null && \
   unzip -q /tmp/gophish.zip -d /opt/gophish && \
   chmod +x /opt/gophish/gophish && \
   ln -s /opt/gophish/gophish /usr/local/bin/gophish && \
   rm /tmp/gophish.zip 2>/dev/null || true
-install_go github.com/kgretzky/evilginx2@latest 2>/dev/null || true
-# ── Hardware & IoT ────────────────────────────────────────────────────────────
-log_section "Hardware & IoT"
-install_apt openocd flashrom avrdude minicom screen
-install_pip bleak pyserial pyModbusTCP
-# ── Steganography ─────────────────────────────────────────────────────────────
-log_section "Steganography"
-install_apt steghide sox binwalk exiftool
-install_pip stegoveritas
-install_gem zsteg
-# ── VoIP ─────────────────────────────────────────────────────────────────────
-log_section "VoIP"
-install_apt sipvicious rtpbreak pjsua 2>/dev/null || true
-install_pip sipvicious 2>/dev/null || true
-# ── Supply Chain & IaC ────────────────────────────────────────────────────────
-log_section "Supply Chain & IaC"
-install_pip checkov
-curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin 2>/dev/null || true
-curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin 2>/dev/null || true
-install_go github.com/aquasecurity/trivy@latest 2>/dev/null || true
-curl -sSfL https://raw.githubusercontent.com/wagoodman/dive/main/get-dive.sh | sh 2>/dev/null || true
-# ── Container & Kubernetes ────────────────────────────────────────────────────
-log_section "Container & Kubernetes"
-install_go github.com/cdk-team/CDK/cmd/cdk@latest
-curl -sSL https://github.com/stealthcopter/deepce/releases/latest/download/deepce \
-  -o /usr/local/bin/deepce && chmod +x /usr/local/bin/deepce 2>/dev/null || true
-install_go github.com/brompwnie/botb@latest
-install_pip kube-hunter
+go_install github.com/kgretzky/evilginx2@latest
-# ── OSINT Specialized ─────────────────────────────────────────────────────────
-log_section "OSINT Specialized"
-install_pip spiderfoot ghunt crosslinked
-clone https://github.com/m8sec/CrossLinked /opt/CrossLinked
-install_pip -r /opt/CrossLinked/requirements.txt 2>/dev/null || true
+# ════════════════════════════════════════════════════════════
+# PHASE 11 — Specialist
+# ════════════════════════════════════════════════════════════
+section "Phase 11 — Specialist"
+# Social Engineering
+clone https://github.com/trustedsec/social-engineer-toolkit /opt/setoolkit
+pip_install -r /opt/setoolkit/requirements.txt
+pip_install o365spray
+clone https://github.com/ryhanson/phishery /opt/phishery
+clone https://github.com/ustayready/CredSniper /opt/CredSniper
+pip_install -r /opt/CredSniper/requirements.txt
+# Hardware/IoT
+apt_install openocd flashrom avrdude minicom screen steghide sox binwalk exiftool
+gem_install zsteg
+pip_install stegoveritas
-# ── AI/LLM Security ───────────────────────────────────────────────────────────
-log_section "AI/LLM Security"
-install_pip garak openai anthropic langchain transformers
-install_npm promptfoo
+# AI/LLM
+pip_install garak openai anthropic langchain transformers
+npm_install promptfoo
-# ── Purple Team ───────────────────────────────────────────────────────────────
-log_section "Purple Team"
+# OSINT specialized
+pip_install ghunt
+# Purple Team
 clone https://github.com/redcanaryco/atomic-red-team /opt/atomic-red-team
 clone https://github.com/mitre/caldera /opt/caldera
-install_pip -r /opt/caldera/requirements.txt 2>/dev/null || true
+pip_install -r /opt/caldera/requirements.txt
-# ── Nuclei Templates ─────────────────────────────────────────────────────────
-log_section "Nuclei Templates"
+# Nuclei templates
 nuclei -update-templates 2>/dev/null || true
-# ── PATH & Environment ────────────────────────────────────────────────────────
-log_section "Environment Setup"
-cat >> /etc/profile.d/rtexit-env.sh << 'EOF'
+# ════════════════════════════════════════════════════════════
+# FINAL — PATH & Environment
+# ════════════════════════════════════════════════════════════
+section "Final Setup"
+# Copy ALL Go binaries to system PATH (ensures everything accessible)
+cp /root/go/bin/* /usr/local/bin/ 2>/dev/null || true
+# Environment variables
+cat > /etc/profile.d/rtexit-env.sh << 'ENVEOF'
 export PATH="$PATH:/root/go/bin:/usr/local/bin:/opt/rtexit/scripts"
 export SECLISTS='/opt/SecLists'
 export GOPATH='/root/go'
-EOF
+ENVEOF
 chmod +x /etc/profile.d/rtexit-env.sh
-# ── Summary ───────────────────────────────────────────────────────────────────
+# Summary
 echo ""
-echo -e "${GREEN}════════════════════════════════════════════${NC}"
-echo -e "${GREEN}  RTExit Native Install Complete!${NC}"
-echo -e "${GREEN}════════════════════════════════════════════${NC}"
+echo -e "${GREEN}${BOLD}════════════════════════════════════════════${NC}"
+echo -e "${GREEN}${BOLD}  RTExit Native Install Complete!${NC}"
+echo -e "${GREEN}${BOLD}════════════════════════════════════════════${NC}"
+echo ""
+echo -e "  ${CYAN}Install results:${NC}"
+echo -e "  ${GREEN}✅ Successful: $OK${NC}"
+echo -e "  ${RED}❌ Failed:     $FAIL${NC}"
 echo ""
 echo -e "  ${CYAN}Next steps:${NC}"
 echo -e "  1. source /etc/profile.d/rtexit-aliases.sh"
 echo -e "  2. source /etc/profile.d/rtexit-env.sh"
-echo -e "  3. rt-verify   ← check all tools"
-echo -e "  4. rt-help     ← start your engagement"
-echo ""
-echo -e "  ${YELLOW}GPU hashcat:${NC} hashcat with --opencl-device-types 1,2"
-echo -e "  ${YELLOW}WiFi:${NC}        airmon-ng start wlan0"
-echo -e "  ${YELLOW}Bluetooth:${NC}   hciconfig hci0 up"
+echo -e "  3. bash \$(dirname \$0)/verify/rt-verify-all.sh --quick"
 echo ""