Tips On Building A Pentest Appliance
This article doesn’t cover HOW to build a pentest appliance virtual machine although it does link to another article that I followed. What I do cover here is after you’ve built a pentest appliance virtual machine in vmware, how to reduce the file size so that when you export it to OVA and give it to your customer it will be as small as possible. I started out with a 20 GB OVA file even though the disk usage was only 9 GB, and through the following steps I reduced it down to 4 GB.
A former coworker published instructions for building a pentest dropbox on a Raspberry Pi here. For my use case, I simply needed a Kali virtual machine which would automatically connect out to an OpenVPN server on startup. I skipped over the steps concerning wireless hardware and anything specific to the Raspberry Pi. My use case was not for a dropbox. I needed a virtual machine that I could give to a customer so that we could perform Internal network pentests and vulnerability scans remotely.
I export the vmware virtual machine to a single OVA file and provide the customer with a link to download. Once the customer imports the virtual machine on their network, the pentester connects to the VPN, then connects to the appliance over SSH. Despite the fact that I used a bare bones Kali installation and only installed the minimum required pentesting apps, my initial OVA file was 20 GB’s based on 9 GB’s of disk usage.
Note: If you’re going to be using Nessus Pro, don’t install it in advance. Do include the installer package on disk, but wait until the customer imports it and you connect over the VPN to perform the installation. A minimum Nessus Pro installation will take at least 9 GB of disk space.
After creating your virtual machine in vmware, follow these steps to reduce your size of your OVA files. All command are run on the virtual machine, not on the host.
Remove any uncessary packages: sudo apt-get autoremove
Defragment the disk: sudo e4defrag /
Ignore any errors. Some files can’t be defragmented.
Zero-fill all unused space so vmware knows it’s unused:
sudo dd if=/dev/zero of=zerofile bs=1M; sync; rm zerofile
Run the shrink operation:
sudo vmware-toolbox-cmd disk shrinkonly
Finally, export the virtual machine to an OVA file and you should have the smallest file size possible. These steps reduced my OVA file size by 80 percent.
