Tom Cappetta, profile picture
Uploaded byTom Cappetta
PPTX, PDF194 views

Cyber Range - Blackhat Europe 19 Arsenal

This document provides instructions for setting up a cyber range using tools like Terraform, Vagrant, and Inspec. It describes using Terraform to set up the network and range infrastructure, and using Vagrant to start and stop virtual machines like Kali Linux and Commando. It also provides details on accessing machines via SSH, RDP, and VNC after deployment and instructions for creating different scenario types in the range.

Embed presentation

Download to read offline
Cyber Range -SecDevOps@Cuse - Configuration • Pre-REQ’s • Terraform • Vagrant • Inspec • S3 bucket • Quota • jq • OSX vs. Windows
Cyber Range -SecDevOps@Cuse – User Stories • Medium Post w/ Videos: Cyber Range - BlackHat Arsenal Medium Post • Setting up the network w/ terraform • Setting up the range w/ terraform • Using Vagrant • Logging into Kali (ssh / RDP / VNC) • Logging into Commando (RDP) • Logging into Tpot • Logging into DefenderLab
Register your AWS Acct to Access AMIs https://www.tfaforms.com/4729221 Initialize & Configure Setup Network / Make Cyber Range
Configuration – Install & Inspec w/ AWS profile Note: setup w/ 4.10.4, current inspec version is 4.17+ (untested)
Makefile – Terraform Initialize S3 Bucket Must Exist for Initialization
Cyber Range - SecDevOps@Cuse – Make Scenarios • REGION=<us-east-1 / eu-west-2> • Network • Defender • Offensive • Security Intel / HoneyPot • Full Lab
Cyber Range - SecDevOps@Cuse – Terraform • Provide Setup / Destroy / State management • Bad – no Shutdown • Great for Admins / Educators
Cyber Range - SecDevOps@Cuse – VagrantFile • Provide startup / shutdown capabilities • Great for learners / Researchers – Not Admins • YAML files • ./yaml/aws.yaml • ./yaml/vagrant.yaml
Kali Server -- • Vncserver (password=password) • Default ec2-user not root (tools need perms) • RDP (user/pass = root) • Nessus Essentials (admin/admin) • Git repos • Refresh repo’s • Review tools • Local Docker Vulnerable containers: • Websploit • docker start $(docker ps -a -q -f status=exited)
Tpot -- • SSH: ssh -l tsec -p 64295 10.0.1.210 (user/pass = tsec) • WEB: https://<ip>:64297 (user/pass = admin) • ADMIN: https://<ip>:64294 • Bad – Issue with long-term instability

More Related Content

PDF
Cyber Range - An Open-Source Offensive / Defensive Learning Environment on AWS
byTom Cappetta
 
PDF
CoreOS @Codetalks Hamburg
byTimo Derstappen
 
PPTX
Building Python Development Station
byBasim Aly (JNCIP-SP, JNCIP-ENT)
 
PDF
David Steiman - Getting serious with private kubernetes clusters & cloud nati...
byCodemotion
 
PPTX
David Steiman - Getting serious with private kubernetes clusters & cloud nati...
byCodemotion
 
PPTX
Building cloud native network functions - outcomes from the gw-tester nsm imp...
byVictor Morales
 
PPTX
Building a Docker v1.12 Swarm cluster on ARM
byTeam Hypriot
 
PDF
Kubernetes Networking
byCJ Cullen
 
Cyber Range - An Open-Source Offensive / Defensive Learning Environment on AWS
byTom Cappetta
 
CoreOS @Codetalks Hamburg
byTimo Derstappen
 
Building Python Development Station
byBasim Aly (JNCIP-SP, JNCIP-ENT)
 
David Steiman - Getting serious with private kubernetes clusters & cloud nati...
byCodemotion
 
David Steiman - Getting serious with private kubernetes clusters & cloud nati...
byCodemotion
 
Building cloud native network functions - outcomes from the gw-tester nsm imp...
byVictor Morales
 
Building a Docker v1.12 Swarm cluster on ARM
byTeam Hypriot
 
Kubernetes Networking
byCJ Cullen
 

What's hot

PDF
Docker Networking – Running multi-host applications
byChristina Rasimus
 
PPTX
Big data and hadoop training - Session 5
byhkbhadraa
 
PPTX
Salting new ground one man ops from scratch
byJay Harrison
 
PDF
Openstack HA
byYong Luo
 
PPT
AWS migration: getting to Data Center heaven with AWS and Chef
byJuan Vicente Herrera Ruiz de Alejo
 
PDF
OpenStack Korea 2015 상반기스터디(devops) 스크립트로 오픈스택 설치하기 20150728
byjieun kim
 
PDF
20141102 VyOS 1.1.0 and NIFTY Cloud New Features
by雄也 日下部
 
PDF
Sfo17 109 containerized vn fs with data plane acceleration on arm platform
byLinaro
 
PDF
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
byOpen Source Consulting
 
PPTX
Understanding kube proxy in ipvs mode
byVictor Morales
 
PDF
Docker Meetup: Docker Networking 1.11, by Madhu Venugopal
byMichelle Antebi
 
PPTX
OFY-2015-Cloud-In-A-Day
bykbshiv
 
PDF
[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus
byOpenStack Korea Community
 
PDF
Kubernetes Networking
byGiragadurai Vallirajan
 
PPTX
Docker Online Meetup #29: Docker Networking is Now GA
byDocker, Inc.
 
PDF
See what happened with real time kvm when building real time cloud pezhang@re...
byLinuxCon ContainerCon CloudOpen China
 
PPTX
Docker Networking Overview
bySreenivas Makam
 
PPTX
Hybrid vFirewall ONAP use case
byVictor Morales
 
PDF
Scapy the packet 途中01
bysaba syake
 
PDF
Docker 1.12 networking deep dive
byMadhu Venugopal
 
Docker Networking – Running multi-host applications
byChristina Rasimus
 
Big data and hadoop training - Session 5
byhkbhadraa
 
Salting new ground one man ops from scratch
byJay Harrison
 
Openstack HA
byYong Luo
 
AWS migration: getting to Data Center heaven with AWS and Chef
byJuan Vicente Herrera Ruiz de Alejo
 
OpenStack Korea 2015 상반기스터디(devops) 스크립트로 오픈스택 설치하기 20150728
byjieun kim
 
20141102 VyOS 1.1.0 and NIFTY Cloud New Features
by雄也 日下部
 
Sfo17 109 containerized vn fs with data plane acceleration on arm platform
byLinaro
 
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
byOpen Source Consulting
 
Understanding kube proxy in ipvs mode
byVictor Morales
 
Docker Meetup: Docker Networking 1.11, by Madhu Venugopal
byMichelle Antebi
 
OFY-2015-Cloud-In-A-Day
bykbshiv
 
[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus
byOpenStack Korea Community
 
Kubernetes Networking
byGiragadurai Vallirajan
 
Docker Online Meetup #29: Docker Networking is Now GA
byDocker, Inc.
 
See what happened with real time kvm when building real time cloud pezhang@re...
byLinuxCon ContainerCon CloudOpen China
 
Docker Networking Overview
bySreenivas Makam
 
Hybrid vFirewall ONAP use case
byVictor Morales
 
Scapy the packet 途中01
bysaba syake
 
Docker 1.12 networking deep dive
byMadhu Venugopal
 

Similar to Cyber Range - Blackhat Europe 19 Arsenal

KEY
How I Learned to Stop Worrying and Love the Cloud - Wesley Beary, Engine Yard
bySV Ruby on Rails Meetup
 
PDF
Lessons learned and challenges faced while running Kubernetes at Scale
bySidhartha Mani
 
KEY
fog or: How I Learned to Stop Worrying and Love the Cloud (OpenStack Edition)
byWesley Beary
 
KEY
fog or: How I Learned to Stop Worrying and Love the Cloud
byWesley Beary
 
PDF
Open nebula froscon
byOpenNebula Project
 
PDF
Autoscaling OpenStack Natively with Heat, Ceilometer and LBaaS
byShixiong Shang
 
PPTX
Introduction to containers
byNitish Jadia
 
PDF
Sanger OpenStack presentation March 2017
byDave Holland
 
PPTX
Intro to the FIWARE Lab
byFIWARE
 
PPTX
Setting up your virtual infrastructure using FIWARE Lab Cloud
byFernando Lopez Aguilar
 
PDF
Don't Get Hacked on Hostile WiFi
byMackenzie Morgan
 
PDF
Lines of Defense - Securing your Kubernetes Clusters by Koray Oksay
byContainerDay Security 2023
 
PDF
Build cloud like Rackspace with OpenStack Ansible
byJirayut Nimsaeng
 
PDF
DOST: Ceph in a security critical OpenStack cloud
byDanny Al-Gaaf
 
PPTX
Setting up your virtual infrastructure using FIWARE Lab Cloud
byFernando Lopez Aguilar
 
PPTX
Docker Security Overview
bySreenivas Makam
 
PPTX
Machine learning in cybersecutiry
byVishwas N
 
PDF
Securing containers
bySathyajith Bhat
 
PPTX
Discovering OpenBSD on AWS
byLaurent Bernaille
 
PDF
Deploying kubernetes at scale on OpenStack
byVictor Palma
 
How I Learned to Stop Worrying and Love the Cloud - Wesley Beary, Engine Yard
bySV Ruby on Rails Meetup
 
Lessons learned and challenges faced while running Kubernetes at Scale
bySidhartha Mani
 
fog or: How I Learned to Stop Worrying and Love the Cloud (OpenStack Edition)
byWesley Beary
 
fog or: How I Learned to Stop Worrying and Love the Cloud
byWesley Beary
 
Open nebula froscon
byOpenNebula Project
 
Autoscaling OpenStack Natively with Heat, Ceilometer and LBaaS
byShixiong Shang
 
Introduction to containers
byNitish Jadia
 
Sanger OpenStack presentation March 2017
byDave Holland
 
Intro to the FIWARE Lab
byFIWARE
 
Setting up your virtual infrastructure using FIWARE Lab Cloud
byFernando Lopez Aguilar
 
Don't Get Hacked on Hostile WiFi
byMackenzie Morgan
 
Lines of Defense - Securing your Kubernetes Clusters by Koray Oksay
byContainerDay Security 2023
 
Build cloud like Rackspace with OpenStack Ansible
byJirayut Nimsaeng
 
DOST: Ceph in a security critical OpenStack cloud
byDanny Al-Gaaf
 
Setting up your virtual infrastructure using FIWARE Lab Cloud
byFernando Lopez Aguilar
 
Docker Security Overview
bySreenivas Makam
 
Machine learning in cybersecutiry
byVishwas N
 
Securing containers
bySathyajith Bhat
 
Discovering OpenBSD on AWS
byLaurent Bernaille
 
Deploying kubernetes at scale on OpenStack
byVictor Palma
 

Recently uploaded

PDF
Advanced SELinux Management - RHCSA (RH134).pdf
byLinuxCert Guru
 
PPTX
TechSprint WinterHack — Top 10 Teams Pitching Session we are excited for pit...
bybajpaitusharoffon678
 
PPTX
Introduction to Artificial Intelligence (AI).pptx
byammar414783
 
PDF
Rustici Software: eLearning standards in the age of AI
byRustici Software
 
PDF
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
 
PDF
How to build hackthon projects from ZERO!
byishantyadav1111
 
PDF
Track Phone Location via Number (2026)_ What Actually Works, What’s a Scam, a...
byEmily Woods
 
PPTX
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
PDF
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
PDF
Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]
byHaim Michael
 
PPTX
Retrieval Augmented Generation- The Synergistic Power of Prompt Engineering
bySemantic SEO BD
 
PPTX
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
PDF
Track Phone Location by Number (2026)_ What’s Actually Possible for Free (and...
byEmily Woods
 
PPTX
Introduction to Industrial-Arts Grade 8 ppt Lesson 1
byFSBTLEDNathanVince
 
PDF
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
PDF
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
PDF
Mesh WiFi Router: The Smart Solution for Fast, Seamless, Whole-Home Internet
byAeroMesh Systems
 
PDF
Configure and Manage Systemd Timers- RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
AI and Zero Trust: What it takes to do it right
byMark Simos
 
PDF
What Is the Azure AI Foundry and Why Does It Matter for Enterprises?
byjohncarterjn
 
Advanced SELinux Management - RHCSA (RH134).pdf
byLinuxCert Guru
 
TechSprint WinterHack — Top 10 Teams Pitching Session we are excited for pit...
bybajpaitusharoffon678
 
Introduction to Artificial Intelligence (AI).pptx
byammar414783
 
Rustici Software: eLearning standards in the age of AI
byRustici Software
 
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
 
How to build hackthon projects from ZERO!
byishantyadav1111
 
Track Phone Location via Number (2026)_ What Actually Works, What’s a Scam, a...
byEmily Woods
 
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]
byHaim Michael
 
Retrieval Augmented Generation- The Synergistic Power of Prompt Engineering
bySemantic SEO BD
 
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
Track Phone Location by Number (2026)_ What’s Actually Possible for Free (and...
byEmily Woods
 
Introduction to Industrial-Arts Grade 8 ppt Lesson 1
byFSBTLEDNathanVince
 
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
Mesh WiFi Router: The Smart Solution for Fast, Seamless, Whole-Home Internet
byAeroMesh Systems
 
Configure and Manage Systemd Timers- RHCSA (RH134).pdf
byLinuxCert Guru
 
AI and Zero Trust: What it takes to do it right
byMark Simos
 
What Is the Azure AI Foundry and Why Does It Matter for Enterprises?
byjohncarterjn
 

Cyber Range - Blackhat Europe 19 Arsenal

  • 2.
    Cyber Range -SecDevOps@Cuse- Configuration • Pre-REQ’s • Terraform • Vagrant • Inspec • S3 bucket • Quota • jq • OSX vs. Windows
  • 3.
    Cyber Range -SecDevOps@Cuse– User Stories • Medium Post w/ Videos: Cyber Range - BlackHat Arsenal Medium Post • Setting up the network w/ terraform • Setting up the range w/ terraform • Using Vagrant • Logging into Kali (ssh / RDP / VNC) • Logging into Commando (RDP) • Logging into Tpot • Logging into DefenderLab
  • 4.
    Register your AWSAcct to Access AMIs https://www.tfaforms.com/4729221 Initialize & Configure Setup Network / Make Cyber Range
  • 5.
    Configuration – Install& Inspec w/ AWS profile Note: setup w/ 4.10.4, current inspec version is 4.17+ (untested)
  • 6.
    Makefile – TerraformInitialize S3 Bucket Must Exist for Initialization
  • 7.
    Cyber Range -SecDevOps@Cuse – Make Scenarios • REGION=<us-east-1 / eu-west-2> • Network • Defender • Offensive • Security Intel / HoneyPot • Full Lab
  • 8.
    Cyber Range -SecDevOps@Cuse – Terraform • Provide Setup / Destroy / State management • Bad – no Shutdown • Great for Admins / Educators
  • 9.
    Cyber Range -SecDevOps@Cuse – VagrantFile • Provide startup / shutdown capabilities • Great for learners / Researchers – Not Admins • YAML files • ./yaml/aws.yaml • ./yaml/vagrant.yaml
  • 10.
    Kali Server -- •Vncserver (password=password) • Default ec2-user not root (tools need perms) • RDP (user/pass = root) • Nessus Essentials (admin/admin) • Git repos • Refresh repo’s • Review tools • Local Docker Vulnerable containers: • Websploit • docker start $(docker ps -a -q -f status=exited)
  • 11.
    Tpot -- • SSH:ssh -l tsec -p 64295 10.0.1.210 (user/pass = tsec) • WEB: https://<ip>:64297 (user/pass = admin) • ADMIN: https://<ip>:64294 • Bad – Issue with long-term instability