Build a Cloud Red Team / Blue Team Cybersecurity Homelab - Crash Course

Подписаться 204 тыс.

Просмотров 12 тыс.

50% 1

☁ Build a Cloud Cybersecurity Red Team / Blue Team Homelab. Download the step-by-step notes (no email required): bit.ly/3LFqK6I
⏰ Timestamps:
00:00 - Project Introduction
1:49 - Network Topology & Project Overview
5:55 - Option 1: Provision with Terraform
18:09 - Option 2: Provision with AWS Console UI
33:57 - Log Into Attacker Box (Configure RDP)
39:04 - Log Into Security Tools Box
40:33 - Log into Windows Box
43:19 - Download & Configure Splunk
48:36 - Download & Configure Universal Forwarder
54:37 - Download & Configure Nessus
🔧 Terraform GitHub Project: github.com/collinsmc23/cloud-...
🔗 Linked Mention:
Microsoft Remote Desktop for macOS: apps.apple.com/us/app/microso...
WSL Ubuntu 22.04: apps.microsoft.com/store/deta...
Create AWS Account: aws.amazon.com/resources/crea...
Download Terraform: developer.hashicorp.com/terra...
Download AWS CLI: docs.aws.amazon.com/cli/lates...
Download Git: git-scm.com/downloads
Splunk Enterprise (Free Trial) Download Page: www.splunk.com/en_us/download...
Splunk Universal Forwarder Download Page: www.splunk.com/en_us/download...
Tenable Nessus Download Page: www.tenable.com/downloads/nessus
💻 Commands & Configurations:
Bash Script For Kali XRDP Installation:
#!/bin/sh
echo "[i] Updating and upgrading Kali (this will take a while)"
apt-get update
apt-get full-upgrade -y
echo "[i] Installing Xfce4 & xrdp (this will take a while as well)"
apt-get install -y kali-desktop-xfce xorg xrdp
echo "[i] Configuring xrdp to listen to port 3389 (but not starting the service)"
sed -i 's/port=3389/port=3389/g' /etc/xrdp/xrdp.ini
Splunk:
Splunk Enterprise Download:
sudo dpkg -i splunk-deb
/opt/splunk/bin
sudo ./splunk start
Inputs.conf file path location:
C:\Program Files\SplunkUniversalForwarder\etc\system\local
Inputs.conf Configuration:
[WinEventLog://Security]
index = win-security
disabled = 0
Restart Universal Forwarder:
cd C:\Program Files\SplunkUniversalForwarder\bin
splunk.exe restart
Tenable Nesuss:
dpkg -i "Nessus-[version number]-debian6_amd64.deb"
sudo systemctl start nessusd.service
🐕 Follow Me:
Twitter: / collinsinfosec
Instagram: / _collinsinfosec
Cybercademy Discord Server: / discord
🤔 Have questions, concerns, comments?:
Email me: grant@cybercademy.org
🎧 Gear:
Laptop (Lenovo X1 Carbon Ultrabook 6th Gen): amzn.to/2O0UfAM
Monitors (Dell D Series 31.5” D3218HN): amzn.to/2EXlgRF
Keyboard (Velocifire VM01): amzn.to/2TEswfd
Headphones (Audio Technica ATH-M40x): amzn.to/2F4Tvq6
Work Monitors (Dell U4919DW UltraSharp 49 Curved Monitor): amzn.to/3yQmDhM
Desk (FLEXISPOT EW8 Comhar Electric Standing Desk): amzn.to/3S9OxvG
💻 Cybersecurity PC Build Parts
[Processor] Intel Core i7-13700K 3.4 GHz 16-Core Processor: amzn.to/3OlTTUK
[Graphics Card] Asus DUAL OC GeForce RTX 3060 Ti 8 GB Video Card: amzn.to/3OE0bkd
[AIO Cooler] Corsair iCUE H100i RGB ELITE 65.57 CFM Liquid CPU Cooler: amzn.to/3DEUUT9
[Motherboard] MSI PRO Z690-A WIFI DDR4 ATX LGA1700 Motherboard: amzn.to/3Ol9La8
[RAM](2x) Corsair Vengeance LPX 64 GB (2 x 32 GB) DDR4-3200 CL16 Memory: amzn.to/3OlsgeM
[HDD] Seagate IronWolf NAS 8 TB 3.5" 7200 RPM Internal Hard Drive: amzn.to/3DFdc6K
[SSD] Samsung 980 Pro 2 TB M.2-2280 PCIe 4.0 X4 NVME Solid State Drive: amzn.to/3KpTnnQ
[Case] Corsair 5000D AIRFLOW ATX Mid Tower Case: amzn.to/44Rjaxf
[Power Supply] Corsair RM850x (2021) 850 W 80+ Gold Certified Fully Modular ATX Power Supply: amzn.to/478wC1r
[Fans] Corsair iCUE SP120 RGB ELITE 47.7 CFM 120 mm Fans 3-Pack: amzn.to/44R4myD

Опубликовано:

1 июн 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 39

@whoisPremier 8 месяцев назад

For those looking for ways to stand out from the crowd when looking for a cyber security job - the experience and knowledge gained from simple projects such as this will have jobs bidding for you! Pay close attention, you're getting Cloud experience, Sys Admin experience, Blue Team experience, and Red Team experience all in just an hour! Great job Grant!

@brodymcbrobro 5 месяцев назад

This is so huge man. I've been eyeing this video for a while now. Have a job interview in a few days & it was mentioned cloud experience being a plus. I don't have really any, so I have a little bit now!

@n1ghthouse 8 месяцев назад

Let's goddamn gooooo, I was going to build something like this but hell yes I got a video from you about a cloud based cysec lab. LFG, couldn't have been better :D Gonna do the same but I'm gonna be using Azure.

@omar_alshahat 7 месяцев назад

planning to do the same, using Azure :D have you started?

@n1ghthouse 7 месяцев назад

@@omar_alshahat oh no sadly :( got busy in exams but plan to continue so in november

@Yurch890 8 месяцев назад

I just saw your homelab Cybersecurity playlist from years ago yesterday, and now you surprised me with this!

@user-dx2mv1tx2s 2 месяца назад

This was very informative, and well put together. I followed along using the UI setup. Looking forward to watching the rest of your videos. This content is super valuable! Thank you so much.

@Korrath 8 месяцев назад

Excellent vid. Thank you for this, another great project idea.

@danhibiki110 8 месяцев назад

This is the type of content I need right now. Awesome vid btw.

@shresthishigwcivpadt9713 8 месяцев назад

Finally. Credits where they're due. This was a good video.

@FranklySecure 8 месяцев назад

Hey Grant! I love the channel and your content. I am pretty close to graduating an AAS in CS and looking to move on to WGU for a bachelors. Thanks for the helpful videos!

@collinsinfosec 7 месяцев назад

Happy to help!

@YE2K. 8 месяцев назад

¡Increíble lo que enseñas en este video! 💪🏻🙏🏻🇨🇱

@sandamalgamage1242 8 месяцев назад

Wow. I expected it, this is awesome ❤❤

@Hartley94 8 месяцев назад

Thanks for the Upload.

@fredricksilas8407 5 месяцев назад

Been looking for this everywhere Thanks grant you a lifesaver

@malikibarra4015 Месяц назад

Learned a lot thank you

@naseerahmadayan199 8 месяцев назад

Sir, the way i see you You are one in million ❤

@MyZo3 7 месяцев назад

Gant!!! Thanks a lot for this video. You've just opened a new playing ground for me.

@user-vg3jh7lg6o 8 месяцев назад

Thanks I love your videos they helped me alot

@collinsinfosec 8 месяцев назад

Happy to help!

@brianbrian3453 8 месяцев назад

This is awesome

@bladethirst1 7 месяцев назад

Excellent work! Are there some practice scenarios for beginners with this VPC？

@user-df1ds1qd7c 7 месяцев назад

❤ احببت قناتك ❤

@georgerobbins5560 6 месяцев назад

Great video, Grant. Thanks.

@surajyadav754 26 дней назад

Hey Grant , Can you help me understand that instead of creating a security tool box to install Splunk how can I use my own Windows 11 local machine to act as a receiving server for all the logs from the ec2 instance? What changes would be needed to be done in the configuration?

@donpasscal 3 месяца назад

Good project, it actually took me a day to build. Please do explain how to add the market place ami's to terraform after manual subscription, i tried and it did not work for me. This is the error i got for all 3 instances.... Error: collecting instance settings: couldn't find resource │ with aws_instance.kali, │ on main.tf line 183, in resource "aws_instance" "kali": │ 183: resource "aws_instance" "kali" { My biggerst question, being a newbie to cybersecurity , how do i get to use the lab to simulate attacks, check for security issues in the logs etc.

@zweinlourde 8 месяцев назад

are these done in one computer/laptop? thanks sir

@johnvardy9559 Месяц назад

On your own experience which Team give entry Level oppurtinites?

@abdelghafourbouhdyd5680 3 месяца назад

Do I need to make a payment to use AWS for this project?

@ilyaslife10 6 месяцев назад

Hey Grant! Thank you so much for this tutorial. Is there a particular reason why the Ubuntu Security Tools machine was given its own security group?

@collinsinfosec 6 месяцев назад

Hey! It was due to the Ubuntu AMI we use in the video. It needs its own security group for access via the browser.

@felipidabruzzo3936 3 месяца назад

I honestly I'm reaching a point where I don't know anything anymore. VM with KL runned by Whonix and-or Qbes (the traditionals), Windows with Kasm and Dockers. Linux with Dockers. I don't know what's the safest anymore. Should I change, can someone give me opinions...

@QuickKick11 8 месяцев назад

Do a black hat environment love your videos

@Mezzosd 8 месяцев назад

cool, but aws isn't paid?

@Octa178 7 месяцев назад

can't i replace aws with something free? i can't use it unless i put in payement info

@collinsinfosec 7 месяцев назад

You are welcomed to use whichever cloud provider works for you. I recommend taking a look into DigitalOcean. They have a $200 sign-up credit which is good for 60 days.

@kasta851984 Месяц назад

Impressive video. Would you mind offering some assistance with the error message I'm receiving? Error: collecting instance settings: couldn't find resource │ │ with aws_instance.windows, │ on main.tf line 162, in resource "aws_instance" "windows": │ 162: resource "aws_instance" "windows" { │ ╵ ╷ │ Error: collecting instance settings: couldn't find resource │ │ with aws_instance.kali, │ on main.tf line 183, in resource "aws_instance" "kali": │ 183: resource "aws_instance" "kali" { │ ╵ ╷ │ Error: collecting instance settings: couldn't find resource │ │ with aws_instance.security-tools, │ on main.tf line 204, in resource "aws_instance" "security-tools": │ 204: resource "aws_instance" "security-tools" {

@Phyclone Месяц назад

I've went through this before and it is an issue with the AMI. I believe they may have deprecated so you have to look for availability of the AMI in your respective region. I'm dealing with this again as I am updating my Terraform code. Once I check my laptop and confirm if I have the correct AMIs, I will add them here. My desktop don't have the correct ones in my code. Hope this helps