Note
This is a Bash script that automates the setup of a professional hacking environment for Kali Linux using the tiled window manager bspwm and is forked from r1v3sc repository.
Important
Major Security & Quality Improvements
- π Security Hardened: Fixed critical command injection vulnerabilities
- π§ͺ Fully Tested: 144 automated tests with continuous integration
- π Updated Dependencies: LSD v1.2.0, Go v1.23.5, latest packages
- β Modern Compatibility: Migrated from deprecated tools to modern alternatives
- π Professional Documentation: 1000+ lines of test documentation
π View detailed changelog
- β
Fixed command injection vulnerabilities in
whichSystem.py - β Added proper variable quoting in all shell functions
- β Improved input validation and error handling
- β 40 dedicated security tests ensure ongoing protection
- β
Migrated from deprecated
ifconfigto modernipcommand - β
Rewrote
checkupdatesscript for apt-based systems - β Auto-detection of primary network interface
- β Fixed wallpaper directory path expansion
- β LSD updated to v1.2.0 (from v1.1.5)
- β Go updated to v1.23.5 (from v1.23.0)
- β Added missing zsh plugins (syntax-highlighting, autosuggestions)
- β 73 unit tests for setup.sh components
- β 40 security-focused tests
- β 31 integration tests
- β GitHub Actions CI/CD with 7 automated jobs
- β 90%+ code coverage
# Update your system
sudo apt update
sudo apt upgrade -y
# 1. Clone the repository
git clone https://github.com/4ndymcfly/4ndy-bspwm
cd 4ndy-bspwm
# 2. Execute the setup script
./setup.sh
# 3. Reboot and select bspwm as window manager
Tip
After the script finishes, you'll be prompted to restart. Once rebooted, select bspwm as the window manager and log in.
πΈ View more screenshots
Expand shortcuts section β¬
| Shortcut | Action |
|---|---|
| Super + Enter | Open terminal (kitty) |
| Super + W | Close window |
| Super + D | Open Rofi launcher |
| Super + Arrow Keys | Navigate between windows |
| Super + 1-0 | Switch to workspace 1-10 |
| Shortcut | Action |
|---|---|
| Super + T | Tile mode |
| Super + M | Monocle mode (full without bar) |
| Super + F | Fullscreen mode |
| Super + S | Floating mode |
| Shortcut | Action |
|---|---|
| Super + Shift + 1-0 | Move window to workspace |
| Super + Alt + Arrows | Resize window (floating) |
| Super + Ctrl + Arrows | Move window (floating) |
| Shortcut | Action |
|---|---|
| Super + Shift + F | Firefox (workspace 3) |
| Super + Shift + B | Burpsuite (workspace 9) |
| Shortcut | Action |
|---|---|
| Super + Alt + R | Restart bspwm |
| Super + Alt + Q | Logout |
| Ctrl + Alt + L | Lock screen |
| Ctrl + Shift + ββ | Volume control |
| Ctrl + Shift + M | Mute/unmute |
| Shortcut | Action |
|---|---|
| Ctrl + Shift + Enter | New split window |
| Ctrl + Shift + T | New tab |
| Ctrl + Shift + W | Close tab/window |
| Ctrl + Shift + Z | Zoom current pane |
| Ctrl + Arrows | Navigate between panes |
| Ctrl + Shift + C/V | Copy/Paste |
| F1 / F2 | Copy/Paste buffer A |
| F3 / F4 | Copy/Paste buffer B |
- WM: bspwm - Tiling window manager
- Hotkey Daemon: sxhkd - Keyboard shortcuts
- Bar: polybar - Status bar
- Compositor: picom - Window compositor
- Launcher: rofi - Application launcher
- Terminal: kitty - GPU-accelerated terminal
- Shell: zsh - Advanced shell
- Framework: Oh My Zsh - Zsh configuration
- Theme: Powerlevel10k - Beautiful prompt
- Syntax Highlighting: zsh-syntax-highlighting
- Autosuggestions: zsh-autosuggestions
- File Manager: thunar
- Screen Locker: i3lock-fancy
- Screenshot: flameshot
- Wallpaper: feh
- Browser: Firefox
- Fonts: Iosevka & Hack Nerd Fonts
| Tool | Version | Description |
|---|---|---|
| lsd | v1.2.0 | Modern ls replacement |
| Go | v1.23.5 | Programming language |
| Neovim | Latest | Hyperextensible text editor |
| Docker | Latest | Container platform |
| Tool | Description |
|---|---|
| nuclei | Vulnerability scanner |
| gobuster | Directory/DNS fuzzer |
| dirsearch | Web path scanner |
| ligolo-ng | Advanced tunneling tool |
| rustscan | Fast port scanner (Docker) |
| arsenal | Pentest command cheatsheet |
| cupp | Password profiler |
- SecLists - Security wordlists
- RockyYou - Password list
Tip
Click on any IP address in Polybar (VPN, Target, LAN) to automatically copy it to clipboard!
Tip
A comprehensive collection of aliases and functions has been added to streamline your pentesting workflow. Check .zshrc for details.
π View example aliases
# Penetration Testing
mkt # Create nmap/content/exploits directories
settarget # Set target IP for polybar display
scanNmap # Automated nmap scan with OS detection
extractPorts # Extract open ports from nmap output
# Network Tools
smbshare # Quick SMB server setup
geoip # IP geolocation lookup
# Development
cat -> batcat # Syntax highlighting for files
ls -> lsd # Modern ls with icons and colors
πΌοΈ View all wallpapers
This project includes a comprehensive test suite to ensure reliability and security.
- β 73 Unit Tests - Core functionality validation
- β 40 Security Tests - Vulnerability prevention
- β 31 Integration Tests - End-to-end workflows
- β 7 CI/CD Jobs - Automated quality checks
# Install Bats (testing framework)
sudo apt install bats
# Run all tests
./tests/run_tests.sh
# Run specific test suite
bats tests/test_setup.bats # Unit tests
bats tests/test_security.bats # Security tests
bats tests/test_integration.bats # Integration tests
Every commit is automatically tested via GitHub Actions:
- π Code syntax validation
- π Security vulnerability scanning
- π§ͺ 144 automated tests
- π¦ Dependency version validation
- β Quality assurance checks
View test results: GitHub Actions
For detailed testing documentation, see tests/README.md
- Keyboard Shortcuts - Complete keyboard shortcuts reference (English)
- Keyboard Shortcuts - Complete keyboard shortcuts reference (Spanish)
- Quick Start Guide - Get testing in 5 minutes
- Full Test Documentation - Comprehensive testing guide
- Test Summary - Detailed test overview
Contributions are welcome! Whether it's:
- π Bug reports
- β¨ Feature requests
- π§ Code improvements
- π Documentation updates
Please feel free to open an issue or submit a pull request.
- Fork the repository
- Create a feature branch
- Make your changes
- Run the test suite (
./tests/run_tests.sh) - Ensure all tests pass
- Submit a pull request
Security is a top priority. This project:
- β Regularly audited for vulnerabilities
- β Uses modern, secure coding practices
- β Includes 40 dedicated security tests
- β Follows principle of least privilege
Found a security issue? Please report it privately via GitHub Security Advisories.
This project is licensed under the MIT License - see the LICENSE file for details.
- Original Creator: r1vs3c - For the initial auto-bspwm script
- Fork Maintainer: 4ndymcfly - Extended features and security improvements
- Polybar Themes: adi1090x
- Community: All contributors who help improve this project
If you find this project useful, please consider:
- β Starring the repository
- π Reporting bugs
- π‘ Suggesting new features
- π Contributing code
Happy Hacking! π
Made with β€οΈ for the cybersecurity community