⛔ Disclaimers: I take no responsibility or accountability for infection of malicious software, programs, files onto any computer or workstation. This project and videos are for educational purposes only. I do not condone the development, use of, or spreading of programs to intentionally harm assets, networks, or individuals.
Safety is key when dealing with malware. Ensure you always are following protocols when it comes to downloading and detonating a malicious sample. Follow all instructions within the courses and listed resources.
📝 Notes:
cybercademy.org/the-malware-a...
⏰ Timestamps:
0:00 - Introduction
0:51 - Crash Course Overview
1:52 - Self-hosted Topology
3:13 - Cloud-hosted Topology
4:12 - Items to Note
5:45 - Lab Showcase
6:10 - Download VirtualBox
7:02 - Download Windows 10 ISO
8:22 - Download Remnux
9:03 - Windows 10 VM Setup
16:06 - Disable Windows Defender
19:24 - Setup FlareVM
23:45 - Setup Remnux
25:15 - Setup Host-only Adapter
27:23 - Configure Remnux
33:45 - Setup & Test VM Connections
37:11 - Self-hosted Lab Finished
37:19 - Cloud Lab Overview
39:05 - Creating EC2 Instance
43:30 - Set VM Environment
45:55 - Disable Windows Defender
47:51 - Install FlareVM
53:10 - Export AMI
54:12 - Create IAM Role
57:35 - Download JQ, Terraform, AWSCLI
1:01:13 - Log Into IAM Account
1:02:14 - Change Terraform Files
1:05:49 - Deploy Cloud-hosted Lab
1:07:08 - Log Into Lab
1:07:44 - Configure INetSIM
1:09:02 - Cloud-lab Finished
1:11:06 - Conclusion
🔗 Links & Commands:
[Self-Hosted Lab]
Download VirtualBox: www.virtualbox.org/wiki/Downl...
Download Windows 10 ISO: info.microsoft.com/ww-landing...
Download Remnux: docs.remnux.org/install-distr...
Download Chrome: www.google.com/chrome/
[Download FlareVM]
Change directories to the Desktop
(New-Object net.webclient).DownloadFile('raw.githubusercontent.com/man...,"$([Environment]::GetFolderPath("Desktop"))\\install.ps1")
Unblock-File .\\install.ps1
Set-ExecutionPolicy Unrestricted
.\install.ps1
[Cloud-Hosted Lab]
AWS Malware Lab by Adan Alvarez: github.com/adanalvarez/AWS-ma...
AWS Sign-up: aws.amazon.com/resources/crea...
Install Terraform: developer.hashicorp.com/terra...
Ubuntu AMI ID (AWS Marketplace): us-east-1.console.aws.amazon....
[Install JQ]
sudo apt install jq
[Install Terraform]
sudo apt-get update && sudo apt-get install -y gnupg software-properties-common
wget O apt.releases.hashicorp.com/gpg | \
gpg --dearmor | \
sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
gpg --no-default-keyring \
--keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg \
--fingerprint
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] \
apt.releases.hashicorp.com $(lsb_release -cs) main" | \
sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update
sudo apt-get install terraform
[Install AWS CLI]
sudo apt install awscli -y
[Clone AWS Malware Lab GitHub Repo]
git clone github.com/adanalvarez/AWS-ma...
[Create File]
nano shared.auto.tfvars.json
[Configuration File]
{
"environment": "malware-lab",
"ami": "ami-xxxxxxxxxxxxxxxxx",
"account" : "222222222222",
"region": "us-east-1",
"enable_guacamole": false,
"enable_inetsim": true
}
[Terraform Commands]
- terraform init: Initialize the environment.
- terraform plan: Plan the configuration.
- terraform apply: Apply the configuration file to AWS account.
- terraform destroy: Destroy the environment once analysis has been conducted.
🐕 Follow Me:
Twitter: / collinsinfosec
Instagram: / _collinsinfosec
Cybercademy Discord Server: / discord
🤔 Have questions, concerns, comments?:
Email me: grant@cybercademy.org
🎧 Gear:
Laptop (Lenovo X1 Carbon Ultrabook 6th Gen): amzn.to/2O0UfAM
Monitors (Dell D Series 31.5” D3218HN): amzn.to/2EXlgRF
Keyboard (Velocifire VM01): amzn.to/2TEswfd
Headphones (Audio Technica ATH-M40x): amzn.to/2F4Tvq6
Work Monitors (Dell U4919DW UltraSharp 49 Curved Monitor): amzn.to/3yQmDhM
Desk (FLEXISPOT EW8 Comhar Electric Standing Desk): amzn.to/3S9OxvG
1 июн 2024
