tirsdag den 14. juli 2020 kl. 17.54.43 UTC+2 skrev jm: > > hi, > > Has anyone written a guide to setting up a Kali vm in Qubes for > pen testing? >
I have Kali rolling installed and happy using it for CTF gaming and small stuff. I love Qubes and Kali together, but for reverse shell, etc. Andrew Douma wrote en evaluation some time ago, and recommended not using Qubes for pentesting. https://medium.com/@securitystreak/living-with-qubes-os-r3-2-rc3-for-a-week-1a37e04c799e https://medium.com/@securitystreak/buying-a-professional-penetration-testing-laptop-for-2017-6cd21e65dc2 https://medium.com/hackernoon/the-2017-pentester-guide-to-windows-10-privacy-security-cf734c510b8d > I'm studying for the OSCP, and the Qubes firewall port forwarding > guide suggests a fragile and finicky setup that I'm reluctant to > rely on. Punching holes from sys-net to sys-firewall to vpn-vm to > an an appvm just to run `nc -nlvp 4444` seems... like a kludge, at > best. > > Issue #4028 tracks this problem. > > The alternatives seem to be 1) create a HVM with direct access > to hardware--no sys-net or firewall-vm--or 2) purchase a > dedicated laptop for this use case. > Both suggestions are good, I believe. Sincerely Max -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8998a7df-2182-47f5-ad12-e69107a9bab2o%40googlegroups.com.