AutomatedLab
DetectionLab
AutomatedLab | DetectionLab | |
---|---|---|
12 | 31 | |
1,939 | 4,476 | |
0.5% | - | |
8.3 | 4.4 | |
7 days ago | about 1 year ago | |
PowerShell | HTML | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
AutomatedLab
-
Active Directory Security Tools
AutomatedLab - AWESOME for deploying labs - https://github.com/AutomatedLab/AutomatedLab
- AutomatedLab: AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2022, some Linux distributions and various products like AD, Exch
-
Tool that automatically generates a realistic office scenario of vms?
/u/xilhion beat me to the detection lab =] Here's an powershell (dsc) based lab framework: https://github.com/AutomatedLab/AutomatedLab/
- how to start labs and scripts for a beginner
- PSADT: Chaining installs
-
Question about deployments (Hyper-V)
2) Powershell. One example I haven't used this in prod, but I have in a lab is this.
-
SCCM in a homelab
Haven’t used it in a bit but check out automatedlab. They had/have an sccm module that you can tweak to fit your needs. https://github.com/automatedlab/automatedlab
-
Complex AD Lab
This is the go-to creating a starter lab option: https://github.com/AutomatedLab/AutomatedLab.
- 'Powershell Testing Server'?
- AZ-500 Hydration Kit
DetectionLab
-
Cyber Lab Design
I would tell someone they should use a cloud lab like Clong's "Detection Lab" which gives them not only the security aspect but the cloud and engineering aspects as well.
- Home Virtual SIEM Lab Suggestions?
- malware analysis
- Sandbox suggestions for VM isolation & investigations?
- I am kind a lost
-
Work setup
Detection Lab Link: https://github.com/clong/DetectionLab
-
learning splunk. is there a way to "play" with it?
Not sure what your goal with splunk is but I'd recommend Detection lab! Once you get the pre reqs setup, building and tearing down is super easy and you get a pre-baked ad environment to generate logs for you. https://github.com/clong/DetectionLab
-
Tool that automatically generates a realistic office scenario of vms?
I found a great starting point at the repo of DetectionLab : https://github.com/clong/DetectionLab
-
I'm a noob with expensive equipment
While it's true what most are saying, that you don't need a powerful system to learn hacking....... You DO have a valid point that a powerful system enables things a weaker system may not. For example with 64GB of RAM you can run a full network lab simulation such as https://github.com/clong/DetectionLab additionally a solid high end graphics card will let you run things like hashcat a lot faster. In theory you could make a rainbow table. You still need a lot of time to understand all the basics but yeah there's a few cool things you can do with more power it's not ENTIRELY unneeded. I wish I knew about the local defcon group long ago. They're welcoming and some have capture the flags you can play. Understand the various job roles there are in security and figure out which one you like. You get paid to do specific things not just learn about hacking.
-
where does one get experience with SIEM tools
Github DetectioLab
What are some alternatives?
WSLab - Azure Stack HCI, Windows 10 and Windows Server rapid lab deployment scripts
DetectionLabELK - DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
vulnerable-AD - Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
BadBlood - BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
security-onion - Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
AzViz - ⚡ ☁ Azure Visualizer aka 'AzViz' : A #powershell module to automatically generate Azure resource topology diagrams by just typing a PowerShell cmdlet and passing the name of one or more Azure Resource groups
Adaz - :wrench: Deploy customizable Active Directory labs in Azure - automatically.
Microsoft-Integration-and-Azure-Stencils-Pack-for-Visio - Microsoft Integration, Azure, Power Platform, Office 365 and much more Stencils Pack it’s a Visio package that contains fully resizable Visio shapes (symbols/icons) that will help you to visually represent On-premise, Cloud or Hybrid Integration and Enterprise architectures scenarios (BizTalk Server, API Management, Logic Apps, Service Bus, Event Hub…), solutions diagrams and features or systems that use Microsoft Azure and related cloud and on-premises technologies in Visio 2016/2013
DVWA - Damn Vulnerable Web Application (DVWA)
Windows-Sandbox-Utilities - A public repository for useful developments surrounding Windows Sandbox
HELK - The Hunting ELK