Skip to content
4 changes: 3 additions & 1 deletion capabilities/network-ops/capability.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
schema: 1
name: network-ops
version: "2.1.6"
version: "2.1.7"
description: >
Network operations and Active Directory exploitation. Multi-agent
pipeline for autonomous red teaming with Nmap scanning, Netexec
Expand Down Expand Up @@ -43,6 +43,8 @@ checks:
command: "test -f /opt/DFSCoerce/dfscoerce.py"
- name: shadowcoerce
command: "test -f /opt/ShadowCoerce/shadowcoerce.py"
- name: rockyou-wordlist
command: "test -s /usr/share/wordlists/rockyou.txt"

keywords:
- network-ops
Expand Down
47 changes: 47 additions & 0 deletions capabilities/network-ops/scripts/install_coercion_tools.sh
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,53 @@ else
echo "[*] impacket already importable, skipping"
fi

# -- Wordlists for password cracking -----------------------------------------
WORDLIST_DIR="/usr/share/wordlists"
mkdir -p "$WORDLIST_DIR"

# rockyou — the standard wordlist for cracking (14M passwords)
if [ -s "$WORDLIST_DIR/rockyou.txt" ]; then
echo "[*] rockyou.txt already exists, skipping"
elif [ -f "$WORDLIST_DIR/rockyou.txt.gz" ]; then
echo "[+] Decompressing rockyou.txt.gz"
rm -f "$WORDLIST_DIR/rockyou.txt"
gunzip -k "$WORDLIST_DIR/rockyou.txt.gz" \
|| echo "[!] Failed to decompress rockyou.txt.gz (non-fatal)"
else
echo "[+] Downloading rockyou.txt"
curl -fsSL --retry 3 --connect-timeout 10 "https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt" \
-o "$WORDLIST_DIR/rockyou.txt" \
|| echo "[!] Failed to download rockyou.txt (non-fatal)"
Comment thread
mkultraWasHere marked this conversation as resolved.
fi

# Top 10k most common passwords — fast first-pass for spraying
# Non-fatal: wordlist download failures shouldn't block coercion script setup
if [ -s "$WORDLIST_DIR/10k-most-common.txt" ]; then
echo "[*] 10k-most-common.txt already exists, skipping"
else
echo "[+] Downloading SecLists 10k most common passwords"
Comment thread
mkultraWasHere marked this conversation as resolved.
curl -fsSL --retry 3 --connect-timeout 10 "https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/Common-Credentials/10k-most-common.txt" \
-o "$WORDLIST_DIR/10k-most-common.txt" \
|| echo "[!] Failed to download 10k-most-common.txt (non-fatal)"
Comment thread
mkultraWasHere marked this conversation as resolved.
fi

# OneRuleToRuleThemAll — hashcat rules that multiply wordlist effectiveness
# Combines rules from Hob0Rules, KoreLogic, NSA, and hashcat generated rules
# Non-fatal: rules dir may not be writable and that's OK
RULES_DIR="/usr/share/hashcat/rules"
if mkdir -p "$RULES_DIR" 2>&1; then
if [ -s "$RULES_DIR/OneRuleToRuleThemAll.rule" ]; then
echo "[*] OneRuleToRuleThemAll.rule already exists, skipping"
else
echo "[+] Downloading OneRuleToRuleThemAll hashcat rules"
curl -fsSL --retry 3 --connect-timeout 10 "https://raw.githubusercontent.com/NotSoSecure/password_cracking_rules/master/OneRuleToRuleThemAll.rule" \
-o "$RULES_DIR/OneRuleToRuleThemAll.rule" \
|| echo "[!] Failed to download OneRuleToRuleThemAll.rule (non-fatal)"
Comment thread
mkultraWasHere marked this conversation as resolved.
fi
else
echo "[!] Cannot create $RULES_DIR (non-fatal, skipping hashcat rules)"
fi

# -- Coercion scripts -------------------------------------------------------
REPOS=(
"https://github.com/topotam/PetitPotam /opt/PetitPotam"
Expand Down
Loading