• Stars
    star
    122
  • Rank 290,361 (Top 6 %)
  • Language
    HTML
  • License
    MIT License
  • Created over 3 years ago
  • Updated almost 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.

Overview

Cyber Range deployment of HELK and Velociraptor! Automated terraform deployment of one system running HELK + Velociraptor server with one registered Windows endpoint in Azure or AWS. A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small HELK + Velociraptor R&D lab.

Use Cases

  • EDR Testing lab
  • Penetration Testing lab
  • SIEM / Threat Hunting / DFIR / Live Response lab with HELK + Velociraptor [1, 2]
  • Data Science research with HELK server, Jupyter notebooks
  • Detection Engineering research with Mordor [3, 4]

Documentation

Please see the full documentation for details and getting started with installation.

Full Documentation Site

More Repositories

1

Awesome-CloudSec-Labs

Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
1,321
star
2

PurpleCloud

A little tool to play with Azure Identity - Azure Active Directory lab creation tool
Python
485
star
3

edge

Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
Go
150
star
4

AutomatedEmulation

An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.
HCL
145
star
5

AriaCloud

A Docker container for remote penetration testing.
HCL
131
star
6

voiphopper

VoIP Hopper Network Penetration Testing Tool - Jumping from one VLAN to the next! A network infrastructure penetration testing security tool. A tool to test for the (in)security of VLANS. It can mimic the behavior of IP Phones to better understand business risks within an IP Telephony network infrastructure. VoIP Hopper is included in Kali Linux. This site is for up-to-date code. Documentation website:
Roff
63
star
7

Velociraptor_Azure

A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.
HCL
20
star
8

hammer

An example of a mis-configured Rails application release under MIT license.
Ruby
18
star
9

masscan_nmap

Automating masscan and nmap together.
Python
10
star
10

CMLab

Configuration Management (CM) Security Playground. A small enterprise security lab to practice automation + CM tooling like Ansible, Chef, Puppet, DSCv2, DSCv3, SaltStack.
HCL
9
star
11

azrecon

Az Enum & Recon Cheat Sheet
Shell
6
star
12

MacLab

Multi-use Terraform template to quickly spin up a Mac Lab in AWS!
HCL
6
star
13

conferences

Community contributions to SANS, DEFCON, ShmooCon, and ToorCon.
3
star
14

BlueTools

3
star
15

nmap_nse

Some nmap NSE scripts for testing web applications for sensitive credentials and API keys that can sometimes be inadvertently exposed through environment variables or other mis-configurations.
Lua
3
star
16

HELK_Azure

A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small HELK R&D lab in Azure.
HCL
2
star
17

spb

Shortest Path Bridging (SPB-Mac) vulnerability testing scripts. Used in a network pentest to enumerate a new vuln (CVE-2016-2783) in Avaya VOSS Ethernet switches.
Python
1
star
18

for608-dev

Shell
1
star
19

sniffm

VoIP Sniffer for MGCP protocol
Python
1
star