CyberRange
The Open-Source AWS Cyber Range
Install / Use
/learn @secdevops-cuse/CyberRangeREADME
Overview:
<br>
This CyberRange project represents the first open-source Cyber Range blueprint in the world.
This project provides a bootstrap framework for a complete offensive, defensive, reverse engineering, & security intelligence tooling in a private research lab using the AWS Cloud.
This project contains vulnerable systems and a toolkit of the most powerful open-source / community edition tools known to Penetration testers, Developers, Malware Analysts, Forensic/Reverse Engineers, ThreatHunters, & more.
Get Started
To gain access you must send me your AWS account number so I can share the 30+ Amazon Machine Images (AMIs).
Use my secure FormAssembly form -> CyberRange Sign-Up Form
Then - Read the Getting Started Guide <br/>
Range History
Release Notes:
<b>v2</b> - released on Sept 6, 2019 v2 is simply a collection of the best-in-class tools, most emerging toolsets, and bootstrap frameworks to create an integrated solution capable of enormous growth.
features include: makefile, inspec tests, detection lab integration, commandoVM v2,
kali 2019.4 w/ the following opensource github tools: CyberRange, DetectionLab, IntruderPayloads,
aws-credential-compromise-detection, aws-nuke, blast-radius, cloudgoat, cloudmapper, packer-windows,
pacu, security-monkey-terraform, security_monkey, sites-using-cloudflare,
net-creds, Reconnoitre, shell_generator.sh, msploitego, awesome-nodejs-pentest,
cloudgoat, hammer, joomscan, learning-tools, LetsMapYourNetwork,
php-webshells, PowerHub, PowerSploit, snmpwn, vulhub, ScoutSuite, prowler,
pacbot, terraform-aws-secure-baseline, gitleaks, my-arsenal-of-aws-security-tools
Range Technology
CyberRange combines best practices with emerging technologies.
- Amazon Web Services
- Kali
- Nessus
- Commando-VM - a windows-based penetration testing VM
- Terraform
- OpenSourced Vulnerable VM's See Asset Inventory
- using a CI/CD tool to verify builds CircleCI
- Docker / docker-compose
- Metasplotiable 2/3 & other open-source vuln vms on VulnHub
- DetectionLab
- Inspec - to test the state of your environment, application, system, processes, configurations, etc.
- Plus Many more things to setup, configure, and experiment with.
Domains of knowledge
This open-source research lab provides a bootstrap learning platform for Technologists studying any one of the "Big-3" technology skills.
- Cyber Security
- Cloud Computing
- DevOps
This project supports 7 gigantically broad domains of technical knowledge.
- Offensive Security
- SecDevOps
- Architecture & Engineering
- Vulnerability, Change, & Configuration Management
- Quality Assurance
- Auditing - Processing, Systems, Applications
- Development - Infrastructure / Web Applications
Mission Statement
The ultimate expectation is to emulate the quality, format, and presentation of the Syracuse University Cyber SEED Labs while creating strategic hubs of Cyber Security Center-of-Excellence Partnerships where the gap between enterprise experience & academic learning is addressed by focusing training paths on people, products, and process.
2020 Research Funding
AWS Activate - AWS Activate Credits AWS OpenSource - OpenSource Project Credits CloudCraft License
Credits
- Chris Long - Detection Lab
- Omar Santos - websploit & docker scripts
- FireEye - CommandoVM & FlareVM
- All Github projects
- Kali Maintainers
- Tenable Nessus Engineers
- This project is a fork of a well-architected terraform AWS framework -> fedekau/terraform-with-circleci-example
Related Skills
node-connect
334.9kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
82.3kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
334.9kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
commit-push-pr
82.3kCommit, push, and open a PR
