sedu-vm: security + education + vm
____ _____ ____ _ _ __ ____ __
/ ___|| ____| _ \| | | | \ \ / / \/ |
\___ \| _| | | | | | | |____\ \ / /| |\/| |
___) | |___| |_| | |_| |_____\ V / | | | |
|____/|_____|____/ \___/ \_/ |_| |_|
This is the automatic building scripts of multiple cyber security-related tool and environments.
Start Installation
Select Web Scan
Web Scan Installed
Check the Web Scan Status
- Clone this repository to your computer
- Open Powreshell as Administrator,
- Use
cdcommand to get into the repository folder. TypeSet-ExecutionPolicy RemoteSigned -scope CurrentUser -Force, and run.\pre-build.ps1command to install chocolatey, vagrant and virtualbox. - Restart Powershell, and run below commmands to install vagrant plugins
vagrant plugin install vagrant-disksize vagrant plugin install vagrant-vbguest - Open Git bash, and use
cdcommand to get into the repository folder - Run
sh vm_selection.shcommand to start installation - After the Ubuntu 20.04 virtual machine installed, you will be asked to select which tool or environment to install. Please select one of them. The installation will take some time ☕
-
Make sure that the 'Hyper-V' and 'Virtual Machine Platform' are disabled in Windows Features. When the "Virtual Machine Platform" disabled, the Windows Subsystem Linux (WSL) cannot be used anymore (The error info is shown below). Type
bashcommand in CMD after 'Virtual Machine Platform' is disabled, you will get below error. Therefor, please use Git Bash to run thesh vm_selection.sh.Please enable the Virtual Machine Platform Windows feature and ensure virtualization is enabled in the BIOS.For information please visit https://aka.ms/wsl2-install -
The installed Ubuntu 20.04's configurations on your computer are:
The configuration of the Ubuntu can be modified in the
Vagrantfile: vb.customize- Virual machine name:
sedu_vm - Login name / Password:
vagrant/vagrant - GUI:
True - CPU:
4 - Memory:
4096M - Video RAM:
256M - Disk size:
50GB - Copy and Paste between host and guest:
bidirectional
- Virual machine name:
- Extension of platform diagnostic environment
-
Adding environments
- Making the Cuckoo Sandbox a Docker container
- Platform diagnostic environment
- Currently, metasploitable2 is prepared as the attack server, but we want to include the process of "fixing the server" in the exercise, so we are thinking of preparing the actual vulnerable target by Docker.
- Blockchain diagnostic environment
- Prepare an application that uses smart contracts so that you can practice diagnostics with a blockchain diagnostic tool. (We have not found a free diagnostic tool yet.)
- Container diagnostic environment
- Similar to Web diagnostics, by creating a vulnerable container image according to the container security policy and using a free container scan tool, you can learn how to use the container scan tool and learn the security that you should be aware of in the container. do.
- Pure Linux or WSL environment
- Since Linux is often used for security education, it can be used for exercises to secure the server just by preparing pure Linux, and WSL, which is a function unique to Winodws, can also prepare an environment with one desk. I think it's convenient.
-
UI improvement
- Improve the first tool / environment selection screen to make it easier to use and multiple-choice