Last active
January 5, 2020 06:33
-
-
Save pwntoken/6987f0c08d9d82ff7eb699d577943757 to your computer and use it in GitHub Desktop.
OSX Penetration Test Preferences Lab Setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# OSX for Pentesting (Mavericks/Yosemite) | |
# macOS Sierra shall be updated; | |
# This's a fork, folks - suck in the caffeine! | |
# http://pwntoken.github.io/ | |
#!/bin/sh | |
# Ask for the administrator password upfront | |
echo "Have you read through the script prior to running this? (y or n)" | |
read bcareful | |
if [ $bcareful == "y" ] | |
then | |
echo "Alright, lets get started. First, you'll need to give this script admin privileges (however, do not run as root)" | |
else | |
echo "Goodbye" | |
exit | |
fi | |
sudo -v | |
echo "and away we go!" | |
############################################################################### | |
# Add useful aliases to .bash_profile | |
############################################################################### | |
echo "Adding useful aliases to your .bash_profile..." | |
echo "alias chrome='open -a \"Google Chrome\"'" >> ~/.bash_profile | |
echo "alias atom='open -a \"Atom\"'" >> ~/.bash_profile # alternative to sublime | |
echo "alias attach=\"hdiutil attach\"" >> ~/.bash_profile # attach volume (useful for attaching an encrypted volume) | |
echo "alias listen=\"lsof -i TCP -n -P | grep LISTEN\"" >> ~/.bash_profile # show listening ports | |
############################################################################### | |
# Install osx command line tools | |
############################################################################### | |
xcode-select --install | |
############################################################################### | |
# Install Homebrew | |
############################################################################### | |
ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" | |
############################################################################### | |
# Install pentesting binaries with homebrew | |
############################################################################### | |
echo "Installing a few useful binaries" | |
bins=( | |
python # Update your python | |
nmap | |
hydra # Great tool for password attacks | |
ncrack # Alternative to hydra, supports RDP | |
john-jumbo | |
the_silver_searcher # A code searching tool similar to ack, with a focus on speed. | |
git # Update to a newer version of git | |
autojump # Great little tool for navigating directories via the command line, see https://github.com/joelthelion/autojump | |
) | |
brew install ${bins[@]} | |
############################################################################### | |
# Install useful apps with homebrew cask | |
############################################################################### | |
brew install caskroom/cask/brew-cask | |
apps=( | |
alfred | |
google-chrome | |
qlcolorcode # Quicklook plugin that handles source code with syntax highlighting | |
appcleaner | |
firefox | |
qlmarkdown # QuickLook generator for Markdown files | |
spotify # Everybody loves Spotify | |
flash # :D | |
iterm2 | |
caffeine # Keep your mac from going to sleep (when needed) | |
virtualbox | |
limechat | |
atom # Sublime-text alt | |
flux # Go easy on your eyes | |
qlstephen # Quicklook plugin for files without extensions (README, etc) | |
vlc | |
nvalt # Nice free note taking app | |
quicklook-json # Quicklook plugin for JSON files | |
) | |
echo "Installing apps via brew-cask..." | |
brew cask install --appdir="/Applications" ${apps[@]} | |
brew cask alfred link | |
brew cleanup | |
############################################################################### | |
# Install RVM to update and manage your version of ruby | |
############################################################################### | |
echo "Installing RVM, updating Ruby, and installing Bundler to manage gems" | |
curl -L https://get.rvm.io | bash -s stable | |
source ~/.bash_profile | |
rvm use ruby --install --default | |
gem install bundler | |
############################################################################### | |
# General UI/UX | |
############################################################################### | |
echo "" | |
echo "Hide the Time Machine, Volume, User, and Bluetooth icons" | |
for domain in ~/Library/Preferences/ByHost/com.apple.systemuiserver.*; do | |
defaults write "${domain}" dontAutoLoad -array \ | |
"/System/Library/CoreServices/Menu Extras/TimeMachine.menu" \ | |
"/System/Library/CoreServices/Menu Extras/Volume.menu" \ | |
"/System/Library/CoreServices/Menu Extras/User.menu" | |
done | |
defaults write com.apple.systemuiserver menuExtras -array \ | |
"/System/Library/CoreServices/Menu Extras/Bluetooth.menu" \ | |
"/System/Library/CoreServices/Menu Extras/AirPort.menu" \ | |
"/System/Library/CoreServices/Menu Extras/Battery.menu" \ | |
"/System/Library/CoreServices/Menu Extras/Clock.menu" | |
sudo chmod 600 /System/Library/CoreServices/Search.bundle/Contents/MacOS/Search | |
echo "" | |
echo "Disabling OS X Gate Keeper" | |
echo "(You'll be able to install any app you want from here on, not just Mac App Store apps)" | |
sudo spctl --master-disable | |
sudo defaults write /var/db/SystemPolicy-prefs.plist enabled -string no | |
defaults write com.apple.LaunchServices LSQuarantine -bool false | |
echo "" | |
echo "Increasing the window resize speed for Cocoa applications" | |
defaults write NSGlobalDomain NSWindowResizeTime -float 0.001 | |
echo "" | |
echo "Expanding the save panel by default" | |
defaults write NSGlobalDomain NSNavPanelExpandedStateForSaveMode -bool true | |
defaults write NSGlobalDomain PMPrintingExpandedStateForPrint -bool true | |
defaults write NSGlobalDomain PMPrintingExpandedStateForPrint2 -bool true | |
echo "" | |
echo "Automatically quit printer app once the print jobs complete" | |
defaults write com.apple.print.PrintingPrefs "Quit When Finished" -bool true | |
echo "" | |
echo "Disabling automatic termination of inactive apps" | |
defaults write NSGlobalDomain NSDisableAutomaticTermination -bool true | |
echo "" | |
echo "Saving to disk (not to iCloud) by default" | |
defaults write NSGlobalDomain NSDocumentSaveNewDocumentsToCloud -bool false | |
echo "" | |
echo "Reveal IP address, hostname, OS version, etc. when clicking the clock in the login window" | |
sudo defaults write /Library/Preferences/com.apple.loginwindow AdminHostInfo HostName | |
echo "" | |
echo "Check for software updates daily, not just once per week" | |
defaults write com.apple.SoftwareUpdate ScheduleFrequency -int 1 | |
echo "" | |
echo "Disable smart quotes and smart dashes as they’re annoying when typing code" | |
defaults write NSGlobalDomain NSAutomaticQuoteSubstitutionEnabled -bool false | |
defaults write NSGlobalDomain NSAutomaticDashSubstitutionEnabled -bool false | |
############################################################################### | |
# Trackpad, mouse, keyboard, Bluetooth accessories, and input | |
############################################################################### | |
echo "" | |
echo "Increasing sound quality for Bluetooth headphones/headsets" | |
defaults write com.apple.BluetoothAudioAgent "Apple Bitpool Min (editable)" -int 40 | |
echo "" | |
echo "Enabling full keyboard access for all controls (e.g. enable Tab in modal dialogs)" | |
defaults write NSGlobalDomain AppleKeyboardUIMode -int 3 | |
echo "" | |
echo "Disabling press-and-hold for keys in favor of a key repeat" | |
defaults write NSGlobalDomain ApplePressAndHoldEnabled -bool false | |
echo "" | |
echo "Setting a blazingly fast keyboard repeat rate (ain't nobody got time fo special chars while coding!)" | |
defaults write NSGlobalDomain KeyRepeat -int 0 | |
echo "" | |
echo "Disabling auto-correct" | |
defaults write NSGlobalDomain NSAutomaticSpellingCorrectionEnabled -bool false | |
echo "" | |
echo "Setting trackpad & mouse speed to a reasonable number" | |
defaults write -g com.apple.trackpad.scaling 2 | |
defaults write -g com.apple.mouse.scaling 2.5 | |
echo "" | |
echo "Turn off keyboard illumination when computer is not used for 5 minutes" | |
defaults write com.apple.BezelServices kDimTime -int 300 | |
############################################################################### | |
# Screen | |
############################################################################### | |
echo "" | |
echo "Requiring password immediately after sleep or screen saver begins" | |
defaults write com.apple.screensaver askForPassword -int 1 | |
defaults write com.apple.screensaver askForPasswordDelay -int 0 | |
echo "" | |
echo "Enabling subpixel font rendering on non-Apple LCDs" | |
defaults write NSGlobalDomain AppleFontSmoothing -int 2 | |
echo "" | |
echo "Enable HiDPI display modes (requires restart)" | |
sudo defaults write /Library/Preferences/com.apple.windowserver DisplayResolutionEnabled -bool true | |
############################################################################### | |
# Finder | |
############################################################################### | |
echo "" | |
echo "Showing icons for hard drives, servers, and removable media on the desktop" | |
defaults write com.apple.finder ShowExternalHardDrivesOnDesktop -bool true | |
echo "" | |
echo "Showing all filename extensions in Finder by default" | |
defaults write NSGlobalDomain AppleShowAllExtensions -bool true | |
echo "" | |
echo "Showing status bar in Finder by default" | |
defaults write com.apple.finder ShowStatusBar -bool true | |
echo "" | |
echo "Allowing text selection in Quick Look/Preview in Finder by default" | |
defaults write com.apple.finder QLEnableTextSelection -bool true | |
echo "" | |
echo "Displaying full POSIX path as Finder window title" | |
defaults write com.apple.finder _FXShowPosixPathInTitle -bool true | |
echo "" | |
echo "Disabling the warning when changing a file extension" | |
defaults write com.apple.finder FXEnableExtensionChangeWarning -bool false | |
echo "" | |
echo "Use column view in all Finder windows by default" | |
defaults write com.apple.finder FXPreferredViewStyle Clmv | |
echo "" | |
echo "Avoiding the creation of .DS_Store files on network volumes" | |
defaults write com.apple.desktopservices DSDontWriteNetworkStores -bool true | |
echo "" | |
echo "Disabling disk image verification" | |
defaults write com.apple.frameworks.diskimages skip-verify -bool true | |
defaults write com.apple.frameworks.diskimages skip-verify-locked -bool true | |
defaults write com.apple.frameworks.diskimages skip-verify-remote -bool true | |
echo "" | |
echo "Enabling snap-to-grid for icons on the desktop and in other icon views" | |
/usr/libexec/PlistBuddy -c "Set :DesktopViewSettings:IconViewSettings:arrangeBy grid" ~/Library/Preferences/com.apple.finder.plist | |
/usr/libexec/PlistBuddy -c "Set :FK_StandardViewSettings:IconViewSettings:arrangeBy grid" ~/Library/Preferences/com.apple.finder.plist | |
/usr/libexec/PlistBuddy -c "Set :StandardViewSettings:IconViewSettings:arrangeBy grid" ~/Library/Preferences/com.apple.finder.plist | |
############################################################################### | |
# Dock & Mission Control | |
############################################################################### | |
echo "" | |
echo "Setting the icon size of Dock items to 36 pixels for optimal size/screen-realestate" | |
defaults write com.apple.dock tilesize -int 36 | |
echo "" | |
echo "Speeding up Mission Control animations and grouping windows by application" | |
defaults write com.apple.dock expose-animation-duration -float 0.1 | |
defaults write com.apple.dock "expose-group-by-app" -bool true | |
echo "" | |
echo "Setting Dock to auto-hide and removing the auto-hiding delay" | |
defaults write com.apple.dock autohide -bool true | |
defaults write com.apple.dock autohide-delay -float 0 | |
defaults write com.apple.dock autohide-time-modifier -float 0 | |
############################################################################### | |
# Safari & WebKit | |
############################################################################### | |
echo "" | |
echo "Hiding Safari bookmarks bar by default" | |
defaults write com.apple.Safari ShowFavoritesBar -bool false | |
echo "" | |
echo "Hiding Safari sidebar in Top Sites" | |
defaults write com.apple.Safari ShowSidebarInTopSites -bool false | |
echo "" | |
echo "Disabling Safari thumbnail cache for History and Top Sites" | |
defaults write com.apple.Safari DebugSnapshotsUpdatePolicy -int 2 | |
echo "" | |
echo "Enabling Safari debug menu" | |
defaults write com.apple.Safari IncludeInternalDebugMenu -bool true | |
echo "" | |
echo "Making Safari search banners default to Contains instead of Starts With" | |
defaults write com.apple.Safari FindOnPageMatchesWordStartsOnly -bool false | |
echo "" | |
echo "Removing useless icons from Safari bookmarks bar" | |
defaults write com.apple.Safari ProxiesInBookmarksBar "()" | |
echo "" | |
echo "Allow hitting the Backspace key to go to the previous page in history" | |
defaults write com.apple.Safari com.apple.Safari.ContentPageGroupIdentifier.WebKit2BackspaceKeyNavigationEnabled -bool true | |
echo "" | |
echo "Enabling the Develop menu and the Web Inspector in Safari" | |
defaults write com.apple.Safari IncludeDevelopMenu -bool true | |
defaults write com.apple.Safari WebKitDeveloperExtrasEnabledPreferenceKey -bool true | |
defaults write com.apple.Safari "com.apple.Safari.ContentPageGroupIdentifier.WebKit2DeveloperExtrasEnabled" -bool true | |
echo "" | |
echo "Adding a context menu item for showing the Web Inspector in web views" | |
defaults write NSGlobalDomain WebKitDeveloperExtras -bool true | |
############################################################################### | |
# Terminal | |
############################################################################### | |
echo "" | |
echo "Enabling UTF-8 ONLY in Terminal.app and setting the Pro theme by default" | |
defaults write com.apple.terminal StringEncodings -array 4 | |
defaults write com.apple.Terminal "Default Window Settings" -string "Pro" | |
defaults write com.apple.Terminal "Startup Window Settings" -string "Pro" | |
############################################################################### | |
# Time Machine | |
############################################################################### | |
echo "" | |
echo "Preventing Time Machine from prompting to use new hard drives as backup volume" | |
defaults write com.apple.TimeMachine DoNotOfferNewDisksForBackup -bool true | |
echo "" | |
echo "Disabling local Time Machine backups" | |
hash tmutil &> /dev/null && sudo tmutil disablelocal | |
############################################################################### | |
# Messages # | |
############################################################################### | |
echo "" | |
echo "Disable smart quotes" | |
defaults write com.apple.messageshelper.MessageController SOInputLineSettings -dict-add "automaticQuoteSubstitutionEnabled" -bool false | |
echo "" | |
echo "Disable continuous spell checking" | |
defaults write com.apple.messageshelper.MessageController SOInputLineSettings -dict-add "continuousSpellCheckingEnabled" -bool false | |
############################################################################### | |
# Misc Additions | |
############################################################################### | |
echo "" | |
echo "Disable hibernation (speeds up entering sleep mode)" | |
sudo pmset -a hibernatemode 0 | |
echo "" | |
echo "Remove the sleep image file to save disk space" | |
sudo rm /Private/var/vm/sleepimage | |
echo "Creating a zero-byte file instead" | |
sudo touch /Private/var/vm/sleepimage | |
echo "and make sure it can't be rewritten" | |
sudo chflags uchg /Private/var/vm/sleepimage | |
echo "" | |
echo "Disable the sudden motion sensor as its not useful for SSDs" | |
sudo pmset -a sms 0 | |
echo "" | |
echo "Speeding up wake from sleep to 24 hours from an hour" | |
# http://www.cultofmac.com/221392/quick-hack-speeds-up-retina-macbooks-wake-from-sleep-os-x-tips/ | |
sudo pmset -a standbydelay 86400 | |
echo "" | |
echo "Disable annoying backswipe in Chrome" | |
defaults write com.google.Chrome AppleEnableSwipeNavigateWithScrolls -bool false | |
echo "" | |
echo "Generating db for the locate command" | |
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.locate.plist | |
source ~/.bash_profile | |
echo "Done!" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment