1. Prospect Summary
I used the 2022 M2 chip MacBook Air 13-inch. I have to say that it has really good battery life and is thin and light. At the beginning, I learned that the bottom layer of the M chip is the ARM architecture. I think it is acceptable. It is not used much in virtual machines. , but during subsequent use, I found that the neck was stuck. Then I changed to Lenovo R9000K. I carried it for a day at work and found that it was too heavy, so I changed to Xiaomi Book Pro16. When I was working, my colleagues said that the virtual machine might be a big problem in the back. I said it’s okay, just expand the memory. It turned out that it was onboard memory. I was too lazy to mess with it, so I just started using this machine: the 2019 MacBook Pro 16-inch. 64G + 4T + 8G video memory + i9 processor, directly equipped with the top configuration, there is no need to build a penetration testing environment.
2. Construction process
1. Install commonly used software
a. Must-install software
QQ, WeChat, DingTalk, Tencent Conference, Douyin, WPS, Kugou Music, Google Chrome, Baidu Netdisk, Kitty.
b. Productivity software
Picsee: Picture viewing tool.
Bob: Screenshot translation tool.
Notability, GoodNotes: note-taking software.
Parallels Desktop: Virtual machine software.
iSho Pro: Screenshot software.
Super right-click professional version: right-click expansion.
Magnet: window management tool.
Maccy: Clipboard tool.
Typora, Sublime Text: Text tool.
2. Safe environment
a.Homebrew
This must be installed, because I have problems accessing Github in my network environment, so I’ll post the installation link of Gitee.
Regular installation version (complete):
/bin/zsh -c "$(curl -fsSL https://gitee.com/cunkai/HomebrewCN/raw/master/Homebrew.sh)"
Fast installation version (lite):
bin/zsh -c "$(curl -fsSL https://gitee.com/cunkai/HomebrewCN/raw/master/Homebrew.sh)" speed
b.Terminal
The terminal I chose here is Iterm2.
There are many detailed tutorials on iterm installation and configuration tutorials online.
Please refer to the following link: https://zhuanlan.zhihu.com/p/550022490
c.Commonly used software
Here are some commonly used penetration testing tools, directly installed by dmg.
3. Script software
a. brew direct installation software
pyenv: Python multi-version management tool.
brew install pyenv
Insert picture description here
jenv: java management tool.
brew install jenv
The difference between jenv and pyenv is that pyenv can install python by itself, while jenv can only import installed java into it for management.
After brew is installed, import the configuration:
echo 'export PATH="$HOME/.jenv/bin:$PATH"' >> ~/.zshrc
echo 'eval "$(jenv init -)"' >> ~/.zshrc
Download the dmg from the official website and install it.
Find the path to java and add it using jenv.
namp
brew install nmap
sqlmap
brew install sqlmap
binwalk
brew install binwalk
masscan
brew install masscan
b.Other script tools
If brew does not come with some other tools, their execution commands can be written into zsh and can be called directly.
dirsearch
For example, the folder of dirsearch is as follows:
the execution command is
python3 dirsearch.py -参数
Then you can write it to zshrc:
Note: the py file requires an absolute path.
Example results:
The same applies to other scripting tools.
3. Afterwords
I have installed this much for now, and I will add more to the installation of which tools are used later.