Exegol : A Kali Light Base With Few Useful Additional Tools

Exegol is a fully configured kali light base with a few useful additional tools (~50), a few useful resources (scripts and binaries for privesc, credential theft etc.) and some configuration (oh-my-zsh, history, aliases, colourized output for some tools).

It can be used in pentest engagements and BugBounty. Exegol’s original fate was to be a ready-to-hack docker in case of emergencies during engagements. It is now an environment my team and I use in day to day engagements.

Quick Start

The project is on Docker Hub, you don’t need to clone this git.

  • First set the following aliases in your bashrc/zshrc/whateverrc.

alias exegol-update=’docker pull nwodtuhs/exegol’
alias exegol-build=’docker build –tag nwodtuhs/exegol /PATH/TO/Exegol/’
alias exegol-run=’docker run –interactive –tty –detach –network host –volume /PATH/TO/Exegol/shared-volume:/share –name exegol nwodtuhs/exegol’
alias exegol-shell=’docker exec -it exegol zsh’
alias exegol-stop=’docker stop exegol && docker rm exegol’

  • Then pull : docker pull nwodtuhs/exegol
  • Then run the docker and get a shell : exegol-run && exegol-shell
  • Stop it when you’re done : exegol-stop

Also Read – Invoker : Penetration Testing Utility

Pre-requisites

Docker is needed here if you want to run Exegol in a docker (intended). You can also use the install.sh in order to deploy Exegol elsewhere but I don’t guarantee it’ll work. (That being said I don’t guarantee anything bro)

Need a quick install of docker & docker-compose? Check this out (intended for kali users but I guess it could work on any other Debian based system)

sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add –
echo ‘deb [arch=amd64] https://download.docker.com/linux/debian buster stable’ | sudo tee /etc/apt/sources.list.d/docker.list
sudo apt-get update
sudo apt-get install -y docker-ce docker-ce-cli containerd.io
sudo curl -L “https://github.com/docker/compose/releases/download/1.25.3/docker-compose-$(uname -s)-$(uname -m)” -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
sudo curl -L https://raw.githubusercontent.com/docker/compose/1.25.3/contrib/completion/bash/docker-compose -o /etc/bash_completion.d/docker-compose
sudo groupadd docker
sudo usermod -aG docker $USER

Install (from Docker Hub)

It can be long, pull exegol before needing it.

docker pull nwodtuhs/exegol

Install (from GitHub)

The build can be long, build exegol before needing it.

git clone https://github.com/ShutdownRepo/Exegol
cd Exegol
docker build –tag exegol

Usage

I personnaly use these aliases to go fast (very fast)

alias exegol-update=’docker pull nwodtuhs/exegol’
alias exegol-build=’docker build –tag nwodtuhs/exegol /PATH/TO/Exegol/’
alias exegol-run=’docker run –interactive –tty –detach –network host –volume /PATH/TO/Exegol/shared-volume:/share –name exegol nwodtuhs/exegol’
alias exegol-shell=’docker exec -it exegol zsh’
alias exegol-stop=’docker stop exegol && docker rm exegol’

  • Update the docker : exegol-update
  • Run the docker : exegol-run
  • Get a shell when exegol is up and running (it is possible to pop multiple shells) : exegol-shell
  • Stop exegol : exegol-stop

Tools

The tools installed in Exegol are mostly installed from sources in order to have the latest version when deploying Exegol. Some of the tools can be found in a complete kali install though. Some installs are made with go, pip, apt, gem etc. The installs are not perfect but hey, it works! You will find most of the tools in /opt/tools. Some of the tools:

Useful Resources

In addition to the many tools pre-installed and configured for some, you will find many useful pre-fetched resources like scripts and binaries in /opt/resources. There some pre-EoP enumeration scripts (EoP: Escalation of Privileges) and other useful binaries like Rubeus or mimikatz.

R K

Recent Posts

Understanding the Model Context Protocol (MCP) and How It Works

Introduction to the Model Context Protocol (MCP) The Model Context Protocol (MCP) is an open…

19 hours ago

The file Command – Quickly Identify File Contents in Linux

While file extensions in Linux are optional and often misleading, the file command helps decode what a…

1 day ago

How to Use the touch Command in Linux

The touch command is one of the quickest ways to create new empty files or update timestamps…

1 day ago

How to Search Files and Folders in Linux Using the find Command

Handling large numbers of files is routine for Linux users, and that’s where the find command shines.…

1 day ago

How to Move and Rename Files in Linux with the mv Command

Managing files and directories is foundational for Linux workflows, and the mv (“move”) command makes it easy…

1 day ago

How to Create Directories in Linux with the mkdir Command

Creating directories is one of the earliest skills you'll use on a Linux system. The mkdir (make…

1 day ago