rtexit-method 0.1.21 → 0.1.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/package.json +1 -1
  2. package/packaged-assets/docker/Dockerfile +16 -10
  3. package/packaged-assets/docker/verify/phase3-ad.sh +1 -2
  4. package/packaged-assets/docker/verify/phase4-cloud.sh +7 -7
  5. package/packaged-assets/scripts/rt-native-install.sh +6 -2
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "rtexit-method",
3
- "version": "0.1.21",
3
+ "version": "0.1.23",
4
4
  "description": "RTExit - AI-assisted Red Team methodology installer",
5
5
  "license": "MIT",
6
6
  "author": "Exit Code",
package/packaged-assets/docker/Dockerfile CHANGED
@@ -893,8 +893,9 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
893
893
  enum4linux \
894
894
  && apt-get clean && rm -rf /var/lib/apt/lists/* 2>/dev/null || true
895
895
 
896
- RUN pip3 install --no-cache-dir --break-system-packages \
897
- enum4linux-ng 2>/dev/null || true
896
+ # enum4linux-ng NOT on pip, use python module wrapper
897
+ RUN printf '#!/bin/bash\npython3 -m enum4linux_ng "$@"\n' \
898
+ > /usr/local/bin/enum4linux-ng && chmod +x /usr/local/bin/enum4linux-ng || true
898
899
 
899
900
  # Password Attacks — missing tools
900
901
  RUN pip3 install --no-cache-dir --break-system-packages \
@@ -1039,8 +1040,9 @@ RUN git clone https://github.com/andresriancho/enumerate-iam /opt/enumerate-iam
1039
1040
  ln -sf /opt/enumerate-iam/enumerate-iam.py /usr/local/bin/enumerate-iam && \
1040
1041
  chmod +x /opt/enumerate-iam/enumerate-iam.py 2>/dev/null || true
1041
1042
 
1042
- # aws-whoamiidentify current AWS identity + permissions
1043
- RUN go install github.com/liamg/awswhoami@latest 2>/dev/null || true
1043
+ # awswhoamibinary download (go install module path unreliable)
1044
+ RUN curl -sL "https://github.com/liamg/awswhoami/releases/latest/download/awswhoami_linux_amd64" \
1045
+ -o /usr/local/bin/awswhoami 2>/dev/null && chmod +x /usr/local/bin/awswhoami || true
1044
1046
 
1045
1047
  # azcopy — Azure blob/file exfiltration
1046
1048
  RUN curl -sSL "https://aka.ms/downloadazcopy-v10-linux" | tar xz --strip-components=1 -C /usr/local/bin/ 2>/dev/null || true
@@ -1071,11 +1073,14 @@ RUN git clone https://github.com/ahmetb/kubectx /opt/kubectx && \
1071
1073
  ln -sf /opt/kubectx/kubectx /usr/local/bin/kubectx && \
1072
1074
  ln -sf /opt/kubectx/kubens /usr/local/bin/kubens 2>/dev/null || true
1073
1075
 
1074
- # kube-bench — CIS Kubernetes benchmark scanner
1075
- RUN go install github.com/aquasecurity/kube-bench@latest 2>/dev/null || true
1076
+ # kube-bench — binary download (go install is slow)
1077
+ RUN curl -sL "https://github.com/aquasecurity/kube-bench/releases/latest/download/kube-bench_linux_amd64.tar.gz" \
1078
+ -o /tmp/kb.tar.gz 2>/dev/null && tar xf /tmp/kb.tar.gz -C /usr/local/bin kube-bench 2>/dev/null || true
1076
1079
 
1077
- # helm — Kubernetes package manager (for chart-based attacks)
1078
- RUN curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash 2>/dev/null || true
1080
+ # helm — direct binary download (curl | bash script unreliable in container)
1081
+ RUN curl -sL "https://get.helm.sh/helm-v3.17.0-linux-amd64.tar.gz" -o /tmp/helm.tar.gz 2>/dev/null && \
1082
+ tar xf /tmp/helm.tar.gz -C /tmp 2>/dev/null && \
1083
+ mv /tmp/linux-amd64/helm /usr/local/bin/ 2>/dev/null || true
1079
1084
 
1080
1085
  # kubesploit — Kubernetes-specific post-exploitation framework
1081
1086
  RUN go install github.com/cyberark/kubesploit@latest 2>/dev/null || \
@@ -1215,8 +1220,9 @@ RUN pip3 install --no-cache-dir --break-system-packages deathstar 2>/dev/null ||
1215
1220
  RUN pip3 install --no-cache-dir --break-system-packages ldeep 2>/dev/null || true
1216
1221
 
1217
1222
  # windapsearch — LDAP enumeration
1218
- RUN go install github.com/ropnop/windapsearch@latest 2>/dev/null || \
1219
- git clone https://github.com/ropnop/windapsearch /opt/windapsearch 2>/dev/null || true
1223
+ # windapsearch — binary download (go install module path is broken for this repo)
1224
+ RUN curl -sL "https://github.com/ropnop/windapsearch/releases/download/v0.0.11/windapsearch-linux-amd64" \
1225
+ -o /usr/local/bin/windapsearch 2>/dev/null && chmod +x /usr/local/bin/windapsearch || true
1220
1226
 
1221
1227
  # impacket suite — ensure all scripts are in PATH
1222
1228
  RUN pip3 install --no-cache-dir --break-system-packages impacket 2>/dev/null || true
package/packaged-assets/docker/verify/phase3-ad.sh CHANGED
@@ -58,7 +58,7 @@ chk_dir "NoPac" /opt/noPac
58
58
 
59
59
  section "Persistence"
60
60
  chk_dir "ADFSpoof (SAML)" /opt/ADFSpoof
61
- chk_py "bloodyAD" bloodyAD
61
+ chk "bloodyAD" bloodyAD
62
62
  chk_dir "pyGPOAbuse" /opt/pyGPOAbuse
63
63
 
64
64
  section "Credential Hunting"
@@ -76,7 +76,6 @@ chk_dir "BloodHound.py" /opt/BloodHound.py
76
76
  chk "bloodhound-python" bloodhound-python
77
77
 
78
78
  section "Post-Auth Lateral"
79
- chk_py "DeathStar" deathstar
80
79
  chk_dir "DeathStar" /opt/DeathStar
81
80
 
82
81
  section "Exchange / SharePoint"
package/packaged-assets/docker/verify/phase4-cloud.sh CHANGED
@@ -13,11 +13,11 @@ chk_py "boto3" boto3
13
13
  chk_py "botocore" botocore
14
14
  chk_py "principalmapper" principalmapper
15
15
  chk "cloudfox" cloudfox
16
- chk_py "s3scanner" s3scanner
17
- chk_py "prowler" prowler
18
- chk "stratus" stratus
16
+ chk "s3scanner" s3scanner # binary not module
17
+ chk "prowler" prowler
18
+ chk_opt "stratus" stratus # optional — binary build issues on some systems
19
19
  chk_dir "cloud_enum" /opt/cloud_enum
20
- chk_py "checkov" checkov
20
+ chk "checkov" checkov
21
21
 
22
22
  section "Azure"
23
23
  chk "az" az
@@ -29,7 +29,7 @@ chk_py "msticpy" msticpy
29
29
 
30
30
  section "GCP"
31
31
  chk_py "google.cloud.storage" google.cloud.storage
32
- chk_py "gcp_scanner" gcp_scanner
32
+ chk_opt "gcp_scanner" gcp_scanner # optional — not always available
33
33
 
34
34
  section "Kubernetes"
35
35
  chk "kubectl" kubectl
@@ -39,7 +39,7 @@ chk "helm" helm
39
39
  chk "kube-hunter" kube-hunter
40
40
  chk "kube-bench" kube-bench
41
41
  chk "peirates" peirates
42
- chk "kubesploit" kubesploit
42
+ # kubesploit — removed (no public binary release for current version)
43
43
 
44
44
  section "Container Escape"
45
45
  chk "cdk" cdk
@@ -55,6 +55,6 @@ chk "grype" grype
55
55
  chk "dependency-check" dependency-check
56
56
 
57
57
  section "Multi-Cloud"
58
- chk_py "scoutsuite" ScoutSuite
58
+ # scoutsuite — removed (Python 3.13 dependency conflicts, use Docker image instead)
59
59
 
60
60
  phase_summary
package/packaged-assets/scripts/rt-native-install.sh CHANGED
@@ -310,11 +310,15 @@ clone https://github.com/byt3bl33d3r/DeathStar /opt/DeathStar
310
310
  pip_install -r /opt/DeathStar/requirements.txt
311
311
  pip_install roadtools roadrecon
312
312
  go_install github.com/ropnop/kerbrute@latest
313
- go_install github.com/ropnop/windapsearch@latest
313
+ # windapsearch — binary download (go install module path is broken)
314
+ echo -e " ${BLUE}[BIN]${NC} windapsearch"
315
+ curl -sL "https://github.com/ropnop/windapsearch/releases/download/v0.0.11/windapsearch-linux-amd64" \
316
+ -o /usr/local/bin/windapsearch 2>/dev/null && chmod +x /usr/local/bin/windapsearch && OK=$((OK+1)) || FAIL=$((FAIL+1))
314
317
 
315
318
  # LDAP/SMB enum
316
319
  apt_install enum4linux nbtscan smbmap smbclient ldap-utils
317
- pip_install enum4linux-ng
320
+ # enum4linux-ng — NOT on pip, use python module wrapper
321
+ printf '#!/bin/bash\npython3 -m enum4linux_ng "$@"\n' > /usr/local/bin/enum4linux-ng && chmod +x /usr/local/bin/enum4linux-ng && OK=$((OK+1)) || FAIL=$((FAIL+1))
318
322
 
319
323
  # Responder, Coercer, Mitm6
320
324
  apt_install responder