Table of Contents
- Dark Moon website
- Project description
- versions
- Install the project
- Install Pentest tool
- List of pentest tools
- List of linux commands
- Add programs
- Software launch mode
- Darkmoon in the Windows command line
- FAQs
- Screenshots
- Updates
- Privacy Policy (for Microsoft Store only)
- License
- Old documentation for Dark Moon 1.0.3
Project description
Dark Moon Cybersecurity is a GNU/Cygwin portable distribution dedicated to advanced security audits and security auditing with WSL’s independent Windows Linux tools.
Dark Moon Cybersecurity pre-onboards more than a hundred popular Linux tools dedicated to IT security and pentesting , developed since 2013 by Mehdi Boutayeb Ferkatou for Windows 10 and Windows Server 2016 integrating XFCE and Bash and for Windows 2000/XP/2003/2008/7/8, Windows Server 2008/2012/2012 R2 not integrating XFCE but integrating Bash
Dark Moon is the only embedded subsystem emulating POSIX functionalities thanks to the Cygwin.dll.
This project is the only Linux distribution independent of the Microsoft WSL (Windows Subsystem for Linux) to be deployed on the Microsoft Store today.
The Dark Moon subsystem is easy to install, you have nothing to configure beforehand as it is the case with the Linux subsystems available on the Microsoft store this strengthens the intuitive side of this software.
Dark Moon integrates a wide range of computer security tools from the Linux universe such as Vulnerability scanner, Network security toolkit, Framework security toolkit, Digital Forensics tools, Network monitoring security scanner & proxy tools, OSINT toolkit, Mapping tools and web scan, Password vulnerability management tools.
But also development tools (Nano, Vim...) compilers (gcc, g++....), interpreted languages (Python, Perl, Ruby...) and Unix administration tools without being limited.
For more information, visit: https://www.dark-moon.org/
versions
There are 2 versions of this software:- A console version running directly from cmd.exe:
- A version incorporating an XFCE 4 graphic environment
This version of Dark Moon is nomadic (portable), you can move the software directory anywhere, including on a USB drive or portable hard drive.
For example, you can consider installing and running an SSH server on your USB drive from Darkmoon.
For example, you can consider installing and running an SSH server on your USB drive from Darkmoon.
Install the project:
If you have downloaded the archive from Bitbucket, simply extract it and click on the "unix-compiled-files" directory and launch "DarkMoon-Cybersecurity.exe"
De-archiving and installation will be done without human intervention.
If you have downloaded the executable Setup, run it, a terminal window will open to extract cygwin packages and configuration files automatically, and will also generate the current user session.
If you downloaded Dark Moon from the Microsoft Store, the installation is also automated, a terminal window will also open to download the original setup and automatically install Dark Moon Cybersecurity
Install Pentest tool:
Step 1:
After installation, this terminal window will open:
.. Version 1.0.4...............By Mehdi Boutayeb - ASC .
* __...__ o
.--' __.=-.
| ./ .-' * o
-O- / / _ _
| / '''/ | __| |__ _ _ _| |__
| (@) -O- / _` / _` | '_| / /
| \ | \__,_\__,_|_| |_\_\
| \ _ __ ___ ___ _ _
| ___\ | ' \/ _ \/ _ \ ' \
* | . / ` |_|_|_\___/\___/_||_|
\ `~~\ *
\ \ Dark Moon GNU |
`\ `-.__ Version 1.0.4 -O-
* `--._ `--=. |
`---~~` *
* *
.. DARK MOON for Microsoft Windows(c). GNU licensed ..
.. COMP: Win32 CLI: Bash LIC GPLv2 For: WinNT .......
...........................................................
[1].Start an XFCE session
[2].Start terminal
[3].Enable Security auditing toolkit
[4].Exit DarkMoon
To run extract and install all pentest tools type "3"
Step 2:
When you select option n°3, a prevention message will open, to continue extracting pentest tools, type "Y"
Many pentest tools can generate security alerts since they can be used as hacking tools. When installing Pentest tools, Windows Defender may trigger alerts. We recommend to disable it, However, this will not affect the installation. Continue installation ? (Y/N):
List of pentest tools
Pentest Framework
Osint:
- Amass
- Androguard
- Androwarn
- CapTipper
- CMSmap
- Dnschef
- Dnsrecon
- Droopescan
- Dsniff
- Findmyhash
- Golismero
- Instarecon
- OWASP-Joomla
- PadBuster
- Sherlock
- Spiderfoot
- Sublist3r
- TekDefense-Automater
- TheHarvester ',
Mapping and Web Scan:
Vulnerability Scanner:
Network Monitor & Proxys:
- EttercapNG
- Hping
- Ngrep
- NetworkMiner
- Responder
- Wireshark
- Netcat
- TCP Dump
- Ipscan
- Nmap
- Snmpwalk
- Windump
System and Network Intrusion Tool:
Bruteforce:
System and Forensics Analysis Tool:
- 7zip
- Binwalk
- Radare2
- Dotdotpwn
- Dumpzilla
- Fimap
- Jad
- Jd-gui
- Ollydbg
- Pdf-parser
- Peepdf
- Pyew
- RATDecoders
- Rekall
- Sedoppkit
- Sslstrip
- Steghide
- Testsslserver
- Volatility
- Bulk_extractor
- Android-security
- Bytecode-viewer
- Dex2jar
- Jadx
- JavaSnoop
- Smali
- Pdfid
- Hashidentifier
- Snmpwalk
- Make-pdf
- Pidcat
- Impacket
List of linux commands
Here is the list of commands available on the terminal:
Voi job_spec [&] history [-c] [-d offset] [n] or hist>
(( expression )) if COMMANDS; then COMMANDS; [ elif C>
. filename [arguments] jobs [-lnprs] [jobspec ...] or jobs >
: kill [-s sigspec | -n signum | -sigs>
[ arg... ] let arg [arg ...]
[[ expression ]] local [option] name[=value] ...
alias [-p] [name[=value] ... ] logout [n]
bg [job_spec ...] mapfile [-d delim] [-n count] [-O or>
bind [-lpsvPSVX] [-m keymap] [-f file> popd [-n] [+N | -N]
break [n] printf [-v var] format [arguments]
builtin [shell-builtin [arg ...]] pushd [-n] [+N | -N | dir]
caller [expr] pwd [-LP]
case WORD in [PATTERN [| PATTERN]...)> read [-ers] [-a array] [-d delim] [->
cd [-L|[-P [-e]] [-@]] [dir] readarray [-n count] [-O origin] [-s>
command [-pVv] command [arg ...] readonly [-aAf] [name[=value] ...] o>
compgen [-abcdefgjksuv] [-o option] [> return [n]
complete [-abcdefgjksuv] [-pr] [-DE] > select NAME [in WORDS ... ;] do COMM>
compopt [-o|+o option] [-DE] [name ..> set [-abefhkmnptuvxBCHP] [-o option->
continue [n] shift [n]
coproc [NAME] command [redirections] shopt [-pqsu] [-o] [optname ...]
declare [-aAfFgilnrtux] [-p] [name[=v> source filename [arguments]
dirs [-clpv] [+N] [-N] suspend [-f]
disown [-h] [-ar] [jobspec ... | pid > test [expr]
echo [-neE] [arg ...] time [-p] pipeline
enable [-a] [-dnps] [-f filename] [na> times
eval [arg ...] trap [-lp] [[arg] signal_spec ...]
exec [-cl] [-a name] [command [argume> true
exit [n] type [-afptP] name [name ...]
export [-fn] [name[=value] ...] or ex> typeset [-aAfFgilnrtux] [-p] name[=v>
false ulimit [-SHabcdefiklmnpqrstuvxPT] [l>
fc [-e ename] [-lnr] [first] [last] o> umask [-p] [-S] [mode]
fg [job_spec] unalias [-a] name [name ...]
for NAME [in WORDS ... ] ; do COMMAND> unset [-f] [-v] [-n] [name ...]
for (( exp1; exp2; exp3 )); do COMMAN> until COMMANDS; do COMMANDS; done
function name { COMMANDS ; } or name > variables - Names and meanings of so>
getopts optstring name [arg] wait [-n] [id ...]
hash [-lr] [-p pathname] [-dt] [name > while COMMANDS; do COMMANDS; done
help [-dms] [pattern ...] { COMMANDS ; }
Voi job_spec [&] history [-c] [-d offset] [n] or hist>
(( expression )) if COMMANDS; then COMMANDS; [ elif C>
. filename [arguments] jobs [-lnprs] [jobspec ...] or jobs >
: kill [-s sigspec | -n signum | -sigs>
[ arg... ] let arg [arg ...]
[[ expression ]] local [option] name[=value] ...
alias [-p] [name[=value] ... ] logout [n]
bg [job_spec ...] mapfile [-d delim] [-n count] [-O or>
bind [-lpsvPSVX] [-m keymap] [-f file> popd [-n] [+N | -N]
break [n] printf [-v var] format [arguments]
builtin [shell-builtin [arg ...]] pushd [-n] [+N | -N | dir]
caller [expr] pwd [-LP]
case WORD in [PATTERN [| PATTERN]...)> read [-ers] [-a array] [-d delim] [->
cd [-L|[-P [-e]] [-@]] [dir] readarray [-n count] [-O origin] [-s>
command [-pVv] command [arg ...] readonly [-aAf] [name[=value] ...] o>
compgen [-abcdefgjksuv] [-o option] [> return [n]
complete [-abcdefgjksuv] [-pr] [-DE] > select NAME [in WORDS ... ;] do COMM>
compopt [-o|+o option] [-DE] [name ..> set [-abefhkmnptuvxBCHP] [-o option->
continue [n] shift [n]
coproc [NAME] command [redirections] shopt [-pqsu] [-o] [optname ...]
declare [-aAfFgilnrtux] [-p] [name[=v> source filename [arguments]
dirs [-clpv] [+N] [-N] suspend [-f]
disown [-h] [-ar] [jobspec ... | pid > test [expr]
echo [-neE] [arg ...] time [-p] pipeline
enable [-a] [-dnps] [-f filename] [na> times
eval [arg ...] trap [-lp] [[arg] signal_spec ...]
exec [-cl] [-a name] [command [argume> true
exit [n] type [-afptP] name [name ...]
export [-fn] [name[=value] ...] or ex> typeset [-aAfFgilnrtux] [-p] name[=v>
false ulimit [-SHabcdefiklmnpqrstuvxPT] [l>
fc [-e ename] [-lnr] [first] [last] o> umask [-p] [-S] [mode]
fg [job_spec] unalias [-a] name [name ...]
for NAME [in WORDS ... ] ; do COMMAND> unset [-f] [-v] [-n] [name ...]
for (( exp1; exp2; exp3 )); do COMMAN> until COMMANDS; do COMMANDS; done
function name { COMMANDS ; } or name > variables - Names and meanings of so>
getopts optstring name [arg] wait [-n] [id ...]
hash [-lr] [-p pathname] [-dt] [name > while COMMANDS; do COMMANDS; done
help [-dms] [pattern ...] { COMMANDS ; }
Voi job_spec [&] history [-c] [-d offset] [n] or hist>
(( expression )) if COMMANDS; then COMMANDS; [ elif C>
. filename [arguments] jobs [-lnprs] [jobspec ...] or jobs >
: kill [-s sigspec | -n signum | -sigs>
[ arg... ] let arg [arg ...]
[[ expression ]] local [option] name[=value] ...
alias [-p] [name[=value] ... ] logout [n]
bg [job_spec ...] mapfile [-d delim] [-n count] [-O or>
bind [-lpsvPSVX] [-m keymap] [-f file> popd [-n] [+N | -N]
break [n] printf [-v var] format [arguments]
builtin [shell-builtin [arg ...]] pushd [-n] [+N | -N | dir]
caller [expr] pwd [-LP]
case WORD in [PATTERN [| PATTERN]...)> read [-ers] [-a array] [-d delim] [->
cd [-L|[-P [-e]] [-@]] [dir] readarray [-n count] [-O origin] [-s>
command [-pVv] command [arg ...] readonly [-aAf] [name[=value] ...] o>
compgen [-abcdefgjksuv] [-o option] [> return [n]
complete [-abcdefgjksuv] [-pr] [-DE] > select NAME [in WORDS ... ;] do COMM>
compopt [-o|+o option] [-DE] [name ..> set [-abefhkmnptuvxBCHP] [-o option->
continue [n] shift [n]
coproc [NAME] command [redirections] shopt [-pqsu] [-o] [optname ...]
declare [-aAfFgilnrtux] [-p] [name[=v> source filename [arguments]
dirs [-clpv] [+N] [-N] suspend [-f]
disown [-h] [-ar] [jobspec ... | pid > test [expr]
echo [-neE] [arg ...] time [-p] pipeline
enable [-a] [-dnps] [-f filename] [na> times
eval [arg ...] trap [-lp] [[arg] signal_spec ...]
exec [-cl] [-a name] [command [argume> true
exit [n] type [-afptP] name [name ...]
export [-fn] [name[=value] ...] or ex> typeset [-aAfFgilnrtux] [-p] name[=v>
false ulimit [-SHabcdefiklmnpqrstuvxPT] [l>
fc [-e ename] [-lnr] [first] [last] o> umask [-p] [-S] [mode]
fg [job_spec] unalias [-a] name [name ...]
for NAME [in WORDS ... ] ; do COMMAND> unset [-f] [-v] [-n] [name ...]
for (( exp1; exp2; exp3 )); do COMMAN> until COMMANDS; do COMMANDS; done
function name { COMMANDS ; } or name > variables - Names and meanings of so>
getopts optstring name [arg] wait [-n] [id ...]
hash [-lr] [-p pathname] [-dt] [name > while COMMANDS; do COMMANDS; done
help [-dms] [pattern ...] { COMMANDS ; }
Add programs
You can add other programs with the following tools:
git wget setup-x86_64 (packages available on cygwin mirror sites are fully compatible with Darkmoon as it is emulated by cygwin dll)
Software launch mode
There are 2 versions of this software:- to run cmd type "cmd"
A console version running directly from cmd.exe:
.. Version 1.0.4...............By Mehdi Boutayeb - ASC .
* __...__ o
.--' __.=-.
| ./ .-' * o
-O- / / _ _
| / '''/ | __| |__ _ _ _| |__
| (@) -O- / _` / _` | '_| / /
| \ | \__,_\__,_|_| |_\_\
| \ _ __ ___ ___ _ _
| ___\ | ' \/ _ \/ _ \ ' \
* | . / ` |_|_|_\___/\___/_||_|
\ `~~\ *
\ \ Dark Moon GNU |
`\ `-.__ Version 1.0.4 -O-
* `--._ `--=. |
`---~~` *
* *
.. DARK MOON for Microsoft Windows(c). GNU licensed ..
.. COMP: Win32 CLI: Bash LIC GPLv2 For: WinNT .......
...........................................................
[1].Start an XFCE session
[2].Start terminal
[3].Enable Security auditing toolkit
[4].Exit DarkMoon
2
Admin@DESKTOP-70FKMR6 ~
$ cmd
Microsoft Windows [version 10.0.17134.885]
(c) 2018 Microsoft Corporation. Tous droits réservés.
C:\Darkmoon\home\Admin>
.. Version 1.0.4...............By Mehdi Boutayeb - ASC .
* __...__ o
.--' __.=-.
| ./ .-' * o
-O- / / _ _
| / '''/ | __| |__ _ _ _| |__
| (@) -O- / _` / _` | '_| / /
| \ | \__,_\__,_|_| |_\_\
| \ _ __ ___ ___ _ _
| ___\ | ' \/ _ \/ _ \ ' \
* | . / ` |_|_|_\___/\___/_||_|
\ `~~\ *
\ \ Dark Moon GNU |
`\ `-.__ Version 1.0.4 -O-
* `--._ `--=. |
`---~~` *
* *
.. DARK MOON for Microsoft Windows(c). GNU licensed ..
.. COMP: Win32 CLI: Bash LIC GPLv2 For: WinNT .......
...........................................................
[1].Start an XFCE session
[2].Start terminal
[3].Enable Security auditing toolkit
[4].Exit DarkMoon
2
Admin@DESKTOP-70FKMR6 ~
$ powershell
Windows PowerShell
Copyright (C) Microsoft Corporation. Tous droits réservés.
PS C:\Darkmoon\home\Admin>
Darkmoon in the Windows command line
Launch Bash and XFCE from cmd and powershell- To do this, type in the console:
cd %systemdrive%/Darkmoon
start_xfce
And to start a bash session, type this:
cd %systemdrive%/Darkmoon
start_bash
You can also choose to launch the menu by typing this on the console:
cd %systemdrive%/Darkmoon
Darkmoon
apt-cyg
Install and run cyg-apt:- Download apt-cyg with the wget command:
$ wget https://raw.githubusercontent.com/transcode-open/apt-cyg/master/apt-cyg
You will obtain this:
--2019-07-26 20:19:24-- https://raw.githubusercontent.com/transcode-open/apt-cyg/master/apt-cyg Résolution de raw.githubusercontent.com (raw.githubusercontent.com)… 151.101.120.133 Connexion à raw.githubusercontent.com (raw.githubusercontent.com)|151.101.120.133|:443… connecté. requête HTTP transmise, en attente de la réponse… 200 OK Taille : 13765 (13K) [text/plain] Sauvegarde en : « apt-cyg.1 » apt-cyg.1 100%[=================================================>] 13,44K --.-KB/s ds 0,03s 2019-07-26 20:19:25 (396 KB/s) — « apt-cyg.1 » sauvegardé [13765/13765]
After downloading cyg-apt, you need to do a CHMOD:
chmod +x apt-cyg
And finally, you will have to do a mv:
mv apt-cyg /usr/local/bin
Here are all the command arguments for apt-cyg:
$ apt-cyg
NAME
apt-cyg - package manager utility
SYNOPSIS
apt-cyg [operation] [options] [targets]
DESCRIPTION
apt-cyg is a package management utility that tracks installed packages on a
Cygwin system. Invoking apt-cyg involves specifying an operation with any
potential options and targets to operate on. A target is usually a package
name, file name, URL, or a search string. Targets can be provided as command
line arguments.
OPERATIONS
install
Install package(s).
remove
Remove package(s) from the system.
update
Download a fresh copy of the master package list (setup.ini) from the
server defined in setup.rc.
download
Retrieve package(s) from the server, but do not install/upgrade anything.
show
Display information on given package(s).
depends
Produce a dependency tree for a package.
rdepends
Produce a tree of packages that depend on the named package.
list
Search each locally-installed package for names that match regexp. If no
package names are provided in the command line, all installed packages will
be queried.
listall
This will search each package in the master package list (setup.ini) for
names that match regexp.
category
Display all packages that are members of a named category.
listfiles
List all files owned by a given package. Multiple packages can be specified
on the command line.
search
Search for downloaded packages that own the specified file(s). The path can
be relative or absolute, and one or more files can be specified.
searchall
Search cygwin.com to retrieve file information about packages. The provided
target is considered to be a filename and searchall will return the
package(s) which contain this file.
mirror
Set the mirror; a full URL to a location where the database, packages, and
signatures for this repository can be found. If no URL is provided, display
current mirror.
cache
Set the package cache directory. If a file is not found in cache directory,
it will be downloaded. Unix and Windows forms are accepted, as well as
absolute or regular paths. If no directory is provided, display current
cache.
OPTIONS
--nodeps
Specify this option to skip all dependency checks.
--version
Display version and exit.
FAQs
What is the difference between Darkmoon and Windows Subsystem for Linux (WSL 2)?
The Microsoft subsystem is a Linux kernel integrated with Windows however, WSL requires very low level virtualization to work.
WSL is not Open Source, it is a proprietary technology that only works on Windows 10.
The difference with Darkmoon is that the software is a port of Linux programs on Windows.
The development tools built into Darkmoon will build you a Windows executable, while WSL will build you a Linux executable.
It may happen that the resulting Linux executable will not run properly on WSL.
Also, unlike the WSL, you can run . exe and access all the files in the kernel, something that is not yet possible with WSL/Bash due to the security of Windows 10.
The last difference is that Darkmoon is a "portable" kernel, you can transport it to any folder or device that can run on versions prior to Windows 10
What is the difference between the Darkmoon version available on Github and the Microsoft Store ?
Darkmoon UWP (Microsoft Store) does not require any human intervention for the installation and everything is automated, from the moment the user clicks on "upload" to the moment XFCE launches.
With the Microsoft Store version, the user will run a Microsoft-approved version for Windows 10
The application will install on a predefined folder (%systemdrive/Linux).
With the Win32 version, the user can modify the installation program to install it in the installation directory of his choice.
Screenshots
Updates
| Versions | Date | Changes |
|---|---|---|
| 1.0.4 | 2023-09-30 | Added pentest tools, package refactoring, xfce portability, installer overhaul |
| 1.0.3 | 2019-06-29 | Added xfce4-session, gcc-objc, gcc-objc++ ,gcc-fortrangtk+,wget, tcl, rsync, perl, grep, OpenSSL |
| 1.0.2 | 2018-08-01 | Added C, C ++, Ada and Python compilers,OpenSSH,make, nano and vim, mc... |
| 1.0.1 | 2013-01-12 | DarkMoon created. |
Privacy Policy (for Microsoft Store only)
Darkmoon accesses the following features of your computer:- Mac & TCP IP address
- Access to the Internet
- Set of files present in the user session
- Can read & write on files create & delete files present in the user session.
- No data is collected by MBK Software, everything is processed locally on the user’s machine.
License
Code released under GNU License