Pentestbox security and annonimity

Have installed pentestbox, works great. No issues with working as an alternative to vboxing with Kali and using windows as host.
Was wondering about how to solve annonimity and security issues with a windows based system that are easily solved with Linux based system.
Any advice on annonimity/security solutions for Windows or at least while operating with pentestbox.

1 Like

Now let’s be clear,Linux is outstanding Windows in term of anonymity and safety.If you correctly setup your VM,Chances to get hacked are so small
And there are tons of ways you can torify your traffic on Linux

Tho i dont really recommend using Windows as a host machine,i would recommend either using a Linux host system and a guest Linux system “Tails as host and Kali as a guest” for maximum security,Or the best solution is going to be a Raspberry pi 3,A pocket-size PC,But yeah,the hardware is crap,If you mess up you can just destroy it and buy a new one for 30$

@MoNsTeR please tell me if there are any flaws in this post :slight_smile:


@Anonym I do agree with you as far as using Linux as a host machine also with setups as you described will work fine. @Schmoe With the setup you have currently I would recommend using a VPN on your host machine. Then setup a Whonix-Gateway on another VirtualBox. Then proceed to direct your traffic from your PentestBox through the Whonix-Gateway to your Windows host system which is running a VPN for the network and you should be fine.

1 Like

@Anonym thanks for the reply.
I have vms with my Kali all set up. My security and annonimity there is falry well set up. Tho VMs are slow-er to boot, run etc, as you of course know.
Actually the main reason for the question was falling into pentestboxs update and my curiosity of its use, as many of my other stuff (not security) is in windows. I have a Kali in dual boot, but for practice, training, ctfs blah blah, it would be nice to see how secure I could get pentestbox, as windows is so insecure. Just for trys. I love my Kali :heart: but to go to my dual or or my VM has its slows, when the pbox may offer a native option.

Also I have a working burp pro on the windows that I cannot get going on my Kali. (already opened a thread for that), so a native ptest option exited me. But I may eventually drop it as it makes the windows more insecure because of having to kill firewalls, antivirus and that, which makes me uncomfortable.

Sorry for the blah,

1 Like

@MoNsTeR Noted. Thanks
Have looked into all you have mentioned, honestly got halfway to setting up whonix, then decided against for now, as I am not active. I’m just self training and trying to build some knowledge. a massive elevation of self security is not necessary right now, though I have made plenty of notes to refer and implement when I feel I can actually serve a purpose, with enough knowledge to step out.
Original thread question was just to find out pboxs limitations/ usefulness or unusefulness.
Thanks for you help .
Hope you have any ideas

This is my mindset

"The greatest trick the devil has ever come with was convincing the world he didn’t exist "

You should always care about your own security before attacking,Even when footprinting,never let your guard down.This is the reason why Anonymous leaders got caught,They wanted to outstand everyone while forgetting that the 14 eyes were watching :wink:



Best quote ever!!

Honestly, my self security alarm bells were clanging with the regards to pentestbox and it’s required security shutdowns before installation.

Was hoping it would be a good alternative.

In its operations it seems to be a nice idea, but it’s security other than playing at home on my own network doesn’t present itself as a good alternative for the field.
Unless I find a secure operation of it, I think I will drop it and use what I know to be secure.

Shame VMs are not faster.
Shame duals are not easily interbootable faster between them.

A tool is a tool for a tools job eh, and never the twain should meet.
Don’t use a scalpel as a hammer, if you need a hammer :blush:

1 Like

Well put, “very true quote” for mindset, and good job calling out other issues as seen.

1 Like

People don’t normally like my answer to this.
Uninstall it.