tirsdag den 14. juli 2020 kl. 17.54.43 UTC+2 skrev jm:
>
> hi, 
>
> Has anyone written a guide to setting up a Kali vm in Qubes for 
> pen testing? 
>

I have Kali rolling installed and happy using it for CTF gaming and small 
stuff. I love Qubes and Kali together, but for reverse shell, etc. Andrew 
Douma wrote en evaluation some time ago, and recommended not using Qubes 
for pentesting.

https://medium.com/@securitystreak/living-with-qubes-os-r3-2-rc3-for-a-week-1a37e04c799e
https://medium.com/@securitystreak/buying-a-professional-penetration-testing-laptop-for-2017-6cd21e65dc2
https://medium.com/hackernoon/the-2017-pentester-guide-to-windows-10-privacy-security-cf734c510b8d
 

> I'm studying for the OSCP, and the Qubes firewall port forwarding 
> guide suggests a fragile and finicky setup that I'm reluctant to 
> rely on. Punching holes from sys-net to sys-firewall to vpn-vm to 
> an an appvm just to run `nc -nlvp 4444` seems... like a kludge, at 
> best. 
>
> Issue #4028 tracks this problem. 
>
> The alternatives seem to be 1) create a HVM with direct access 
> to hardware--no sys-net or firewall-vm--or 2) purchase a 
> dedicated laptop for this use case. 
>

Both suggestions are good, I believe.

Sincerely
Max

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/8998a7df-2182-47f5-ad12-e69107a9bab2o%40googlegroups.com.

Reply via email to