DetectionLab
seed-labs
DetectionLab | seed-labs | |
---|---|---|
31 | 9 | |
4,476 | 689 | |
- | 4.8% | |
4.4 | 9.2 | |
about 1 year ago | 25 days ago | |
HTML | Python | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
DetectionLab
-
Cyber Lab Design
I would tell someone they should use a cloud lab like Clong's "Detection Lab" which gives them not only the security aspect but the cloud and engineering aspects as well.
- Home Virtual SIEM Lab Suggestions?
- malware analysis
- Sandbox suggestions for VM isolation & investigations?
- I am kind a lost
-
Work setup
Detection Lab Link: https://github.com/clong/DetectionLab
-
learning splunk. is there a way to "play" with it?
Not sure what your goal with splunk is but I'd recommend Detection lab! Once you get the pre reqs setup, building and tearing down is super easy and you get a pre-baked ad environment to generate logs for you. https://github.com/clong/DetectionLab
-
Tool that automatically generates a realistic office scenario of vms?
I found a great starting point at the repo of DetectionLab : https://github.com/clong/DetectionLab
-
I'm a noob with expensive equipment
While it's true what most are saying, that you don't need a powerful system to learn hacking....... You DO have a valid point that a powerful system enables things a weaker system may not. For example with 64GB of RAM you can run a full network lab simulation such as https://github.com/clong/DetectionLab additionally a solid high end graphics card will let you run things like hashcat a lot faster. In theory you could make a rainbow table. You still need a lot of time to understand all the basics but yeah there's a few cool things you can do with more power it's not ENTIRELY unneeded. I wish I knew about the local defcon group long ago. They're welcoming and some have capture the flags you can play. Understand the various job roles there are in security and figure out which one you like. You get paid to do specific things not just learn about hacking.
-
where does one get experience with SIEM tools
Github DetectioLab
seed-labs
-
Cybersecurity Course Suggestion
I would recommend the labs and content at https://seedsecuritylabs.org
- Cybersecurity courses at UB
-
Where to run commands for Docker
My professor has a lab for us and wants us to do THIS lab and I'm only getting. I need to set up multiple networks from the folder he gave us a ton of different files which I'm unsure what each one of them does. Where do I run commands for docker? is it in command line?
-
Spectre Attack Lab
SEEDS Main Page
-
MSCS Course Suggestions?
I'm not sure if computer security is the same as internet security. Professor Du taught it when I was there. It was really hard, but I learned a lot. I believe he has an open source version of the labs. open source website
- SEED Project
-
Ideas for labs for students (suggestions or help/advice)
I used these in college, not the most advanced but pretty simple to set up https://seedsecuritylabs.org/
-
What Do Virus Scripts/Files look like?
One of my courses borrowed from here, there's a lot of different ways to start an attack and it was fun to actually use some of them and gain access (the flaws have since been patched, but real exploits were found for a variety of systems).
-
Man in the Middle in C with netcat TCP packets
I'm implementing an ARP spoofing and man in the middle attack tool in C. For that I took the docker container config from Seed Labs. Here three containers are present: Host A (ip: 10.9.0.5, mac: 02:42:0a:09:00:05), Host B (ip: 10.9.0.6, mac: 02:42:0a:09:00:06), and Host M (ip: 10.9.0.105, mac: 02:42:0a:09:00:69). Host M is to be the attacker.
What are some alternatives?
DetectionLabELK - DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
arp_poisoning - Arp Poisoning tool in C using raw sockets
vulnerable-AD - Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
PythonProblems - The graded lab problems for the author's course CCPS 109 Computer Science I.
security-onion - Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
hackthebox - Notes Taken for HTB Machines & InfoSec Community.
Adaz - :wrench: Deploy customizable Active Directory labs in Azure - automatically.
ScrapMechanicSeedTool - A tool that allows you to modify the seed of scrap mechanic save files.
DVWA - Damn Vulnerable Web Application (DVWA)
SecGen - Create randomly insecure VMs
HELK - The Hunting ELK
AdversaryEmulation - MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository