This is the presentation deck of the BHEU arsenal Cyber Range Demo

2. Cyber Range -SecDevOps@Cuse - Configuration
• Pre-REQ’s
• Terraform
• Vagrant
• Inspec
• S3 bucket
• Quota
• jq
• OSX vs. Windows

3. Cyber Range -SecDevOps@Cuse – User Stories
• Medium Post w/ Videos: Cyber Range - BlackHat Arsenal Medium Post
• Setting up the network w/ terraform
• Setting up the range w/ terraform
• Using Vagrant
• Logging into Kali (ssh / RDP / VNC)
• Logging into Commando (RDP)
• Logging into Tpot
• Logging into DefenderLab

4. Register your AWS Acct to Access AMIs
https://www.tfaforms.com/4729221
Initialize & Configure Setup Network / Make Cyber Range

5. Configuration – Install & Inspec w/ AWS profile
Note: setup w/ 4.10.4, current inspec version is 4.17+ (untested)

6. Makefile – Terraform Initialize
S3 Bucket Must Exist for Initialization

7. Cyber Range - SecDevOps@Cuse – Make Scenarios
• REGION=<us-east-1 / eu-west-2>
• Network
• Defender
• Offensive
• Security Intel / HoneyPot
• Full Lab

8. Cyber Range - SecDevOps@Cuse – Terraform
• Provide Setup / Destroy / State management
• Bad – no Shutdown
• Great for Admins / Educators

9. Cyber Range - SecDevOps@Cuse – VagrantFile
• Provide startup / shutdown capabilities
• Great for learners / Researchers – Not Admins
• YAML files
• ./yaml/aws.yaml
• ./yaml/vagrant.yaml

10. Kali Server --
• Vncserver (password=password)
• Default ec2-user not root (tools need perms)
• RDP (user/pass = root)
• Nessus Essentials (admin/admin)
• Git repos
• Refresh repo’s
• Review tools
• Local Docker Vulnerable containers:
• Websploit
• docker start $(docker ps -a -q -f status=exited)

11. Tpot --
• SSH: ssh -l tsec -p 64295 10.0.1.210 (user/pass = tsec)
• WEB: https://<ip>:64297 (user/pass = admin)
• ADMIN: https://<ip>:64294
• Bad – Issue with long-term instability