Kerlab
Kerberos laboratory to better understand and then detecting attack on kerberos
https://github.com/citronneur/kerlab
#kerberos #pentest #lab
Kerberos laboratory to better understand and then detecting attack on kerberos
https://github.com/citronneur/kerlab
#kerberos #pentest #lab
GitHub
GitHub - citronneur/kerlab: Kerberos laboratory to better understand and then detecting attack on kerberos
Kerberos laboratory to better understand and then detecting attack on kerberos - citronneur/kerlab
DetectionLabELK
DetectionLabELK is the perfect lab to use if you would like to build effective detection capabilities. It has been designed with defenders in mind. Its primary purpose is to allow blueteams to quickly build a Windows domain that comes pre-loaded with security tooling and some best practices when it comes to system logging configurations. It can easily be modified to fit most needs or expanded to include additional hosts.
https://github.com/cyberdefenders/DetectionLabELK
#blueteam #detection #elk #lab
DetectionLabELK is the perfect lab to use if you would like to build effective detection capabilities. It has been designed with defenders in mind. Its primary purpose is to allow blueteams to quickly build a Windows domain that comes pre-loaded with security tooling and some best practices when it comes to system logging configurations. It can easily be modified to fit most needs or expanded to include additional hosts.
https://github.com/cyberdefenders/DetectionLabELK
#blueteam #detection #elk #lab
DetectionLab
DetectionLab is a repository containing a variety of Packer, Vagrant, Powershell, Ansible, and Terraform scripts that allow you to automate the process of bringing an ActiveDirectory environment online complete with logging and security tooling using a variety of different platforms.
DetectionLab can currently be deployed to the following platforms:
— Virtualbox (Windows, MacOS, Linux)
— VMware Workstation/Fusion (Windows, MacOS, Linux)
— HyperV
— ESXi
— AWS
— Azure
— LibVirt (Not officially supported)
— Proxmox (Not officially supported)
https://detectionlab.network/
#lab #cloud #blueteam #redteam
DetectionLab is a repository containing a variety of Packer, Vagrant, Powershell, Ansible, and Terraform scripts that allow you to automate the process of bringing an ActiveDirectory environment online complete with logging and security tooling using a variety of different platforms.
DetectionLab can currently be deployed to the following platforms:
— Virtualbox (Windows, MacOS, Linux)
— VMware Workstation/Fusion (Windows, MacOS, Linux)
— HyperV
— ESXi
— AWS
— Azure
— LibVirt (Not officially supported)
— Proxmox (Not officially supported)
https://detectionlab.network/
#lab #cloud #blueteam #redteam
📒Simulating attacks with Sysmon
SysmonSimulator is an Open source Windows event simulation utility created in C language, that can be used to simulate most of the attacks using WINAPIs. This can be used by Blue teams for testing the EDR detections and correlation rules. I have created it to generate attack data for the relevant Sysmon Event IDs.
Attack coverage:
— Process Events
— File Events
— Named Pipes Events
— Registry Actions
— Image Loading
— Network Connections
— Create Remote Thread
— Raw Access Read
— DNS Query
— WMI Events
— Clipboard Capture
— Process Image Tampering
Research:
https://rootdse.org/posts/understanding-sysmon-events/
Tool:
https://github.com/ScarredMonk/SysmonSimulator
#sysmon #simulator #blueteam #lab
SysmonSimulator is an Open source Windows event simulation utility created in C language, that can be used to simulate most of the attacks using WINAPIs. This can be used by Blue teams for testing the EDR detections and correlation rules. I have created it to generate attack data for the relevant Sysmon Event IDs.
Attack coverage:
— Process Events
— File Events
— Named Pipes Events
— Registry Actions
— Image Loading
— Network Connections
— Create Remote Thread
— Raw Access Read
— DNS Query
— WMI Events
— Clipboard Capture
— Process Image Tampering
Research:
https://rootdse.org/posts/understanding-sysmon-events/
Tool:
https://github.com/ScarredMonk/SysmonSimulator
#sysmon #simulator #blueteam #lab
👍9