Anonymous pentesting is banned topic here.
Therefore I won’t go into how to anonymously run metasploit over Tor.
Scanning one’s own Whonix-Workstation from (virtual) internal LAN would be welcome.
- replace Whonix-Gateway VM (re-install or use a live DVD) with Debian (or anything, but Debian might be easier)
- set up network interface eth1 (see package whonix-gw-network-conf for inspiration)
- disable Whonix-Workstation firewall (or maybe not depending on what you’re testing)
- make sure you can ping Whonix-Workstation (so networking between the two VMs is even possible)
- run metasploit in previous VM that was Whonix-Gateway against Whonix-Workstation
Scanning one’s own Whonix-Gateway from (virtual) internal LAN would be welcome.
- understanding a bit of Anonymize Other Operating Systems would be useful
- set up a Custom-Whonix-Workstation (easiest probably Debian) as per Anonymize Other Operating Systems
- make sure networking is functional
- disable Whonix-Gateway firewall (or maybe not depending on what you’re testing)
- run metasploit in previous Whonix-Custom-Workstation against Whonix-Gateway
Untested.