This repository contains a number of Ansible playbooks (scripts for non-Ansible folks) that can be used to configure remote devices, install offensive security tools, and setup various types of infrastructure (phishing, web redirectors, mail servers, C2 servers).

Ansible is a "software provisioning, configuration management, and application-deployment tool." It runs on a Unix system, and can be used to remotely manage Unix and Windows systems. Ansible is only installed on the "Server" system, it does not install Ansible agents on the client/target systems.

These playbooks are meant to be modular, they can be used independently or in combination with each other. The playbooks might not be one size fits all, but thankfully Ansible is pretty easy to understand and you can easily swap, add, or remove tasks to fit your needs.

Ansible tasks use "modules" that are kind of like wrappers for OS commands, so the playbooks feel very much like writing a bash or batch script executing serial OS commands. If there isn't a module to do what you want you can just perform actions using the "command line."

Current Playbooks

secureSetup.yml

• Initial firewall rules
• Locks down SSH
• Implements SSH Keys
• Create unprivileged users
• Updates OS and packages

offensiveTools.yml

• Installs various tools, most from source
• Nessus, Metasploit, GoPhish, CobaltStrike, Impacket, CrackMapExec, Responder, EyeWitness, and more!
• Changes some default settings, like Cobalt Strike port
• Additional firewall rules

webRedirector.yml

• Installs Apache
• Generates LetsEncrypt SSL certs
• Configures Apache mod_rewrite
• Additional firewall rules

mailServer.yml

• Installs and configures Postfix
• Removes mail client IOCs from mail Headers
• SendGrid/Mailgun variants
• Additional firewall rules

goPhish.yml

• Builds from source
• Changes default ports
• Additional firewall rules

ghostPhish.yml

• IOCs removed from source code (ghostPhish.yml)
• Same as goPhish.yml