windows-binaries

The windows-binaries package offers a curated set of Windows executables designed specifically for penetration testing scenarios. These tools are intended for use during security assessments targeting Windows environments, enabling testers to perform tasks that require native Windows binaries.

Key binaries include chisel for tunneling, ligolo-ng for proxying and agent operations, netcat (nc.exe), plink.exe for SSH tunneling, wget.exe for file downloads, and whoami.exe for identity enumeration. Additional tools like enumplus, mbenum, nbtenum for enumeration, exe2bat.exe for conversion, fgdump and klogger.exe for credential dumping, fport for port scanning, radmin.exe and vncviewer.exe for remote administration are also provided.

This package is part of the broader windows-resources collection, which expands to include directories for more advanced tools like mimikatz, powersploit, and others. Installed size is 5.53 MB with dependencies on kali-defaults.

The package installs pre-compiled Windows executables (32-bit, amd64, arm64 variants where applicable) into /usr/share/windows-resources/binaries. These are native Windows PE files that can be transferred to and executed on Windows targets during pentests for tasks like tunneling (chisel, ligolo-ng), enumeration (enumplus, mbenum), credential access (fgdump, klogger), and remote control (plink, vncviewer). Symbolic links point to common-binary directories for version-specific binaries like chisel_1.11.3 and ligolo-ng_0.8.3.