...

Cybersecurity Labs: Home

Objective

Cybersecurity labs are specialized virtual environments where individuals or organizations can test, analyze, and learn cybersecurity defenses. These labs typically simulate real-world cyber threats and attacks to help users better understand the vulnerabilities of their networks, applications, and devices.

  • provide a roadmap for new learners to develop expertise in cybersecurity
  • guide organizations in need
  • showcase the skills in the house

Deadline

We are expecting to finish this blog series by the end of August 2024. Stay tuned!

⚠️ You Have Been Warned

  • The blog post(s) is written in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  • If the blog post(s) contains any software/program/piece-of-code, it’s distributed under GNU General Public License v3.0.
  • It’s NOT a step-by-step guide for newbies. We assume the readers have a basic/advanced level of understanding of operating systems, networking, database/web server administration etc.

Architecture

Cybersecurity Labs Architecture

Reality

Cybersecurity Labs Reality So why did we share this picture? The short answer is to keep the expectations right. You don’t need a fancy-looking setup. If you have not noticed yet, there’s a desktop, a laptop, and a small office local area network with a router (SOHO). That’s good enough to start.

Build A Professional Cybersecurity Lab

Cybersecurity Lab
Physical Network and Systems
Virtual Network and Systems
  • Minimal
  • Optional
    • 192.168.56.214 dz-xu24 #vulnerable
    • 192.168.56.215 dz-webgoat #vulnerable
Cost
  • Hardware Only
  • Software
    • FOSS (free and open-source software)
    • Freemium
    • Evaluation Edition

Quality Control

All the VMs must
  • Have access to a shared folder on the host system
  • Be able to ping each other
  • NOT have access to the internet
  • NOT have access to non-lab workstations
All the VMs should (optional)…
  • Be part of the domain
Best Practices
  • Weekly Backups
  • Weekly Update/Upgrade
  • Weekly Antivirus scan

Safety Rules

We are practically playing with fire here and it’s more likely to catch the fire than you might assume. The quality controls are there to minimize the risks but things may go wrong (horribly wrong). You should follow the safety rules and no harm will come to you.

Cut Your Losses

You should be prepared to contain the malware and minimize the damage if any by wiping out the lab inside out.

  • Installed tools
  • Disks/Shares
  • Virtual Machines
  • Virtual Server
  • Physical Server
  • Jump Server
Valuable/Sensitive Data

You DO NOT store any valuable/sensitive data in the lab.

Restricted Access

Ideally, you should access the lab from the jump-server which is a dedicated system to connect the lab and stores no valuable information.

Exceptions

If you must connect the lab from a regular system, make sure to follow the best practices without fail.

Work Breakdown

  • 4 types
  • 12 categories
  • 50+ exercises
  • 5 projects

Enterprise Infrastructure Security

Network Basics
  1. Use Angry IP Scanner to scan the network
  2. Demonstrate the Wireshark process and capture the network traffic
  3. Use Wireshark to monitor an Ethernet interface for recording packet flows, generate a TCP connection using a web browser, and observe the initial TCP/IP three-way handshake
  4. Use common network tools to discover other hosts on the local network
  5. Gather DNS information by using the host utility
  6. Gather DNS information by using the nslookup utility
  7. Gather DNS information by using the dig utility
  8. Troubleshoot network connectivity issues using traceroute
  9. Troubleshoot network connectivity issues using MTR
  10. Perform a thorough information gathering process on a target network using Nmap
  11. Find OSI Layer Using Wireshark
Identity And Access Management
  1. Set up an Active Directory environment using a Windows Server VM and Windows 10 VM for Single Sign-On (SSO)

Application And Web Application Security

Software Security
  1. Perform SQL injection on a live website to bypass authentication, access, modify, and delete data within a database
  2. Perform XSS on a live website to execute a malicious script in the Browser
  3. Run the Webgoat application from the Ubuntu VM
Secure Software Testing
  1. Guide users through the process of automatically enumerating vulnerabilities in the Juiceshop Webapp using various tools such as Docker, FoxyProxy, OWASP ZAP, and FeroxBuster in an Ubuntu server environment
  2. Perform manual enumeration on a vulnerable web app called Juiceshop
  3. Configure OWASP ZAP to intercept the incoming traffic from the browser
  4. Perform SQL fuzzing by intercepting the incoming traffic of a browser
  5. Perform privilege escalation for a vulnerable webapp named Juiceshop
  6. Demonstrate Pretty Good Privacy (PGP) and Mailvelope to send and receive encrypted emails
Cryptography
  1. Use OpenSSL to encrypt and decrypt messages with AES-128-CBC symmetric algorithm
  2. Encrypt and decrypt plain text using RSA
  3. Verify file integrity using HashCalc
Secure Software Life Cycle Management
  1. Use OWASP Threat Dragon for threat modeling

Ransomware And Malware Analysis

Introduction To Malware
  1. Obtain a malware sample and prepare the system for a basic static analysis
  2. Analyze the sample malware file by interpreting the hex signatures and calculating the hash for basic static analysis
Malware Analysis
  1. Generating a unique cryptographic hash value for the suspected binary. The computed hash value is based on the file contents.
  2. Perform multiple antivirus scanning for the obtained malware sample as a part of basic static analysis
  3. Analyze the strings created by the sample malware file as part of a basic static analysis
  4. Analyze the import tables to gather information regarding the binary executables within the malware
  5. Demonstrate packing, unpacking, and combined analysis method for a basic static malware analysis
  6. Obtain a malware sample and prepare the system for a basic dynamic analysis
  7. Set up a functional fake internet hosted by INetSim for the basic dynamic malware analysis
  8. Perform basic dynamic analysis for the sample malware using Wireshark and sysinternal tools like TCPView and Procmon
  9. Detect security vulnerabilities in the ecosystem by impersonating the real attack techniques used by ransomware actor groups
Ransomware Analysis
  1. Analyze and provide malware data for Silly Putty as a part of static malware analysis
  2. Conduct a dynamic analysis of the malware for the Silly Putty project

Ethical Hacking And VAPT

Vulnerability Assessment
  1. Perform the system vulnerability assessment using the Nessus tool
Penetration Testing
  1. Use EternalBlue Windows Pentesting to assess Windows network security by exploiting an EternalBlue vulnerability in the Microsoft Windows OS
  2. Perform a penetration test on a Linux operating system
  3. Demonstrate NTLMv2 hash capturing and password cracking by configuring net shares for Active Directory users
  4. Perform information gathering using the ZENMAP tool
  5. Perform information gathering using the SHODAN tool
  6. Perform information gathering using the Nmap tool
  7. Perform information gathering using the OSINT Tool (theharvester)
Penetration Testing #2
  1. Develop your own wordlist using the crunch tool
  2. Perform SQL injection using SQLMap
  3. Perform MAC (Media Access Control) address spoofing using the Technitium Mac Address Changer tool

Projects

Malware Analysis Lab
  • Install REMNUX and FlareVM
  • Perform static and dynamic analysis
Identify and Remediate Vulnerabilities
  • Spin up METASPOITABLE
  • Use scanners to identify vulnerabilities and create a report
IDS/Zeek Network Monitoring
  • Spin up SNORT/SURRICATA and ZEEK
  • Monitor your local network and read malicious PCAP
Setup a Honeypot
  • Spin up the honeypot of your choosing
  • Utilize the cloud as it will be less risky
WAZUH to SOAR implementation
  • Spin up WAZUH and have at least one agent checking in
  • integrate a SOAR platform and perform automation
Scroll to Top
Seraphinite AcceleratorOptimized by Seraphinite Accelerator
Turns on site high speed to be attractive for people and search engines.