The Defensive Origins Lab (DO-LAB) Environment is used during the Defensive Origins training classes by Defensive Origins, AntiSyphon Training, and Black Hills Information Security.
Click the button below to start the deployment of the Defensive Origins Lab Environment within your Azure account.
While the deployment within Azure should be region agnostic, some deployed resources may not be available in all regions. The following locations have specifically been tested:
- US East (any)
- US West (any)
- US Central (any)
Are you attending a Defensive Origins training course that utilizes the Defensive Origins Azure Lab Environment? See the below links for additional information on the DOAZLab Pre-Requisites for Defensive Origins training courses.
Attack Detect Defend:
Applied Purple Teaming:
- Windows Server 2022 /w Active Directory.
- Domain: doazlab.com
- Windows Workstation 23h2-pro
- Ubuntu 22.04LTS C2 with Metasploit
- Sysmon Installation on Server and Workstation
- Microsoft Sentinel Log Aggregation
- Open Threat Research Forge: https://github.com/DefensiveOrigins/DO-LAB
- Microsoft Sentinel2Go: https://github.com/OTRF/Microsoft-Sentinel2Go
- OTRF Blacksmith Components: https://github.com/OTRF/Blacksmith
- Roberto Rodriguez (@Cyb3rWard0g)
- Sysmon Modular: https://github.com/olafhartong/sysmon-modular/wiki
- GPLv3