Welcome to FLARE-VM – a collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a virtual machine (VM).
FLARE-VM was designed to solve the problem of reverse engineering tool curation and relies on two main technologies: Chocolatey and Boxstarter.
Chocolatey is a Windows-based Nuget package management system, where a “package” is essentially a ZIP file containing PowerShell installation scripts that download and configure a specific tool.
Boxstarter leverages Chocolatey packages to automate the installation of software and create repeatable, scripted Windows environments.
FLARE-VM should ONLY be installed on a virtual machine. The VM should satisfy the following requirements:
PowerShell
prompt as administratorinstaller.ps1
to your Desktop: (New-Object net.webclient).DownloadFile('https://raw.githubusercontent.com/mandiant/flare-vm/main/install.ps1',"$([Environment]::GetFolderPath("Desktop"))\install.ps1")
Unblock-File .\install.ps1
Set-ExecutionPolicy Unrestricted -Force
Set-ExecutionPolicy Unrestricted -Scope CurrentUser -Force
. To view execution policies for all scopes, execute Get-ExecutionPolicy -List
.\install.ps1
.\install.ps1 -password <password>
.\install.ps1 -password <password> -noWait -noGui
.\install.ps1 -customConfig <config.xml> -password <password> -noWait -noGui
host-only
networking mode and take a VM snapshotFor more information click here.
Starship is a powerful, minimal, and highly customizable cross-shell prompt designed to enhance the terminal…
Lemmy is an innovative, open-source platform designed for link aggregation and discussion, providing a decentralized…
The latest release of ImHex v1.37.0 introduces a host of exciting features and improvements, enhancing…
Ghauri is a cutting-edge, cross-platform tool designed to automate the detection and exploitation of SQL…
Writing tools have become indispensable for individuals looking to enhance their writing efficiency, accuracy, and…
PatchWerk is a proof-of-concept (PoC) tool designed to clean NTDLL syscall stubs by patching syscall…