Exegol Hacking Framework Setup

Last Updated: 7-27-2025

Exegol is a containerized penetration testing environment built with Docker, Git, and Python that can be installed on Windows, Linux, and Mac. It comes preloaded with the same level of tooling you’d get from a Kali or Parrot install, along with some convenient ease-of-use features like an extensive, pre-populated command history and a solid set of custom BloodHound Cypher queries.

I’ve tried running Kali and Parrot inside Docker containers on both Linux and Mac. While they almost worked, there were too many obstacles to overcome to make them truly usable. Exegol solves all of those issues, making it fully feasible to perform a penetration test from within a Docker container, which also makes post-engagement cleanup simple and ensures you’re working in a clean, isolated environment for each client engagement, with no risk of data or tool overlap between tests.

I’ve run Exegol inside an Ubuntu 22 VM, on a 2015 MacBook Pro running Ubuntu 22 as the main OS, and on a Mac M2 running macOS. Installation in all cases was mostly hassle-free by following the documentation.

If you’re not running Linux on bare metal, it’s recommended to create a Linux VM on your Mac or Windows system. With a fix I have below for keyboard issues with RDP clients, I have been able to use Exegol without issue on Mac silicon.

Before installing Exegol, installation of git, zsh, curl, tmux, vim, and python3-pip was required for my Ubuntu host. Below are the configurations I typically run when setting up a new machine.

Either run the following as individual commands or save them as a script.

#!/bin/bash
sudo apt install git zsh curl tmux vim python3-pip
sh -c "$(curl -fsSL https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"

# Make sure the shell is set to zsh
sudo chsh -s /usr/bin/zsh
source ~/.zshrc

Save that as initial-setup.sh and then run:

chmod u+x initial-setup.sh
./initial-setup.sh

Exegol requires Python 3, which is typically pre-installed on most systems these days. If it’s missing, you’ll need to install it before proceeding.

The tmux configuration I use and instructions for installing that can be found here .

Install zsh plugins, aliases and custom vim setup

These are my personal preferences. Follow the same procedure as a above saving the following as a script or running as individual commands.

#!/bin/bash
# from https://gist.github.com/dogrocker/1efb8fd9427779c827058f873b94df95
git clone https://github.com/zsh-users/zsh-autosuggestions.git /home/$USER/.oh-my-zsh/custom/plugins/zsh-autosuggestions

git clone https://github.com/zsh-users/zsh-syntax-highlighting.git /home/$USER/.oh-my-zsh/custom/plugins/zsh-syntax-highlighting

# add (zsh-autosuggestions zsh-syntax-highlighting tmux git-prompt) to .zshrc
sed -i -e 's/plugins=(git)/plugins=(zsh-autosuggestions zsh-syntax-highlighting tmux git-prompt)/g' ~/.zshrc
# tmux and git-prompt are pre-installed with oh my zsh.

# change the OMZ theme 
sed -i -e 's/ZSH_THEME="robbyrussell"/ZSH_THEME="mikeh"/g' ~/.zshrc

echo "alias la='ls -lah'" >> ~/.zshrc

# vim setup
git clone --depth=1 https://github.com/amix/vimrc.git ~/.vim_runtime
sh ~/.vim_runtime/install_awesome_vimrc.sh

Occasionally, some of the above commands need to be re-run or files need to be edited directly, but most of the time those scripts run without error. You’ll need to restart your VM or computer for all changes to take effect.

As I mentioned, I have installed Exegol on Mac Silicon with no problems using Docker Desktop. Any GUI applications launched from within Exegol worked fine via XQuartz with the exception of RDP clients like xfreerdp and remmina. To get your keyboard working within RDP sessions, run the following command from the XQuartz terminal.

setxkbmap -rules base -model macintosh_old -layout us

Below are all the commands I ran to install docker, add my user to the docker group and then begin installation of Exegol from source.

#!/bin/bash
curl -fsSL "https://get.docker.com/" -o get-docker.sh
sh get-docker.sh

sudo usermod -aG docker $(id -u -n)
newgrp

Restart your vm or computer.

In the following script, make sure to change the username used in the chown command.

#!/bin/bash
cd /opt
sudo git clone "https://github.com/ThePorgs/Exegol"
sudo chown -R gregscharf:gregscharf ./Exegol  # that should be your user not gregscharf
sudo ln -s "$(pwd)/exegol.py" "/usr/local/bin/exegol"

The proceeding commands should be run by themselves and not in a script.

Exegol’s Python dependences need to be installed inside a Python virtual environment on Mac and most newer Linux installs. In my install of Ubuntu, the package I needed was named python3.12-venv.

sudo apt install python3.12-venv

Change to the Exegol directory in /opt and install Exegol’s required Python packages.

cd /opt/Exegol

python3 -m venv env

source env/bin/activate

python3 -m pip install --user --requirement "./requirements.txt"

exegol install

Adding custom configurations and tools

To make any custom tools or scripts available inside your Exegol containers, copy those to ~/.exegol/my-resources/bin.

cp /opt/linux-scripts/pspy64 ~/.exegol/my-resources/bin/

My instructions for installing and running Burp Suite Professional can be found here .

tmux, zsh and vim setup

All of your custom config files need to be added to the following directories.

~/.exegol/my-resources/setup/tmux
~/.exegol/my-resources/setup/vim
~/.exegol/my-resources/setup/zsh

Those directories are mapped to /opt/myresources/setup/* inside of running containers.

When copying configuration files over to the ~/.exegol/my-resources/ directory, the . needs to be removed from the filename, for example:

sudo cp ~/.tmux.conf ~/.exegol/my-resources/setup/tmux/tmux.conf

After adding my tmux config file, tmux would start a bash shell rather than the default zsh. This only occurred on the Ubuntu VM installation and not on the Mac installation. If you encounter the same issue, start an Exegol container using -e SHELL=/usr/bin/zsh, which properly sets the SHELL environment variable inside the container.

exegol start HTB-VPN nightly -cwd --vpn "~/Dev/tryhackme/gregscharf.ovpn" -e SHELL=/usr/bin/zsh

Adding my custom Vim configuration and plugins is show below.

sudo cp ~/.vimrc ~/.exegol/my-resources/setup/vim/vimrc
sudo cp -r ~/.vim_runtime ~/.exegol/my-resources/setup/vim/

Final thoughts

There’s usually a bit of a learning curve when adopting a new framework or workflow, but performing offensive security engagements with Exegol turned out to be a seamless transition.

Note that Exegol has recently moved to a paid model. According to their licensing, you’ll need to purchase a Pro license ($30/month) to use it in professional engagements. It’s still free to use in labs, CTFs, and other non-commercial settings.

Additional highlights:

• All GUI applications spawned from within the Exegol container ran seamlessly.
• Kali has recently ugpraded its version of Postgresql, which breaks the original version of Bloodhound, so Exegol is a great option for continued usage of classic Bloodhound.
• The Exegol developers added a lot of useful, custom Cypher Queries to the installed version of Bloodhound.
• Unlike earlier versions of Exegol, Ghidra and Burp Suite Community Edition now start up without requiring any further configuration.
• Exegol comes with a pre-populated command shell history that has the syntax for just about any command you might want to run. Crtl+r and then typing the start of a command will bring up a scroll-able list of matching syntax as you type.
• Firefox is installed by default and can be started by running firefox &> /dev/null & from the command line. Additionally, extensions for FoxyProxy, Wappalyzer and Dark Reader are already installed.
• There’s a functioning version of Python 2 installed. Kali has completely removed Python 2. This is useful as there are times an old exploit script written in Python 2 might need to be run.
• Unlike creating VMs from scratch, your custom configuration and tools will be present in any new Exegol container you create.