invoke-atomicredteam VS ansible-pentest-deploy

Or if you want something with more features - use Atomic Red Team tests (https://github.com/redcanaryco/invoke-atomicredteam)

Also, if you want to use Atomic Red Team (which you should), look towards https://github.com/redcanaryco/invoke-atomicredteam, a framework for automating usage of tests through that.

powershell-based - https://github.com/redcanaryco/invoke-atomicredteam

However, I've been tinkering with this for a few days now without success so far. I'm running into bugs and also am simply uncertain whether this is even viable. For example, I don't know if the Windows images offered for Docker will support the commands run by the PowerShell testing suite we have in mind for simulating threats, Invoke-AtomicRedTeam. Theoretically, everything should work fine. I'm also curious if someone else has already done this and published setup scripts or anything to help.

We looked into pre-configured, plug-and-play options. One project (leveraging Ansible) is called PurpleCloud. Probably because running even a handful of Windows VMs on a PC can get pretty slow, pretty fast, their project spins this network up on Azure. However, the estimated monthly cost of the cloud resources is not attractive; over $300 per month. While it's true that we would not need to run the lab every day resulting in lower cost, I think we would want to run new tests fairly often, especially if multiple analysts are using it (and I already know the burn of forgetting an EC2 instance on for a week or two).