Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 

Cyber Range Scenarios

Training scenarios for cloud-based cyber ranges, initially focused on utilizing Google Cloud Platform

Available scenarios

Scenario name Primary OS Type OS Versions Vulns CVEs
Shell Shock example Linux RHEL 7 Shell Shock, libfutex CVE-2014-6271, CVE-2014-3153
overlayfs example Linux Ubuntu 14.04 'overlayfs' Local Privilege Escalation CVE-2015-1328

Design Philosophy

We're building the plane while we fly it, here, but these are the general design principals we're trying to follow.

  • For cloud frameworks use open source Infrastructure as Code tools to provision and manage the cloud infrastructure Terraform
    • Rationale: Although Terraform build scripts are still very platform dependent, there is a much greater chance of reuse with other platforms versus platform specific build tools.
  • For cloud workloads, i.e., VMs, containers, etc., use Ansible
    • Rationale: Most OSes are not tightly coupled to the cloud platform. Debian is Debian, Windows is Windows. Here it makes sense to use a standardized 3rd party tool like Ansible that won't be impacted by underlying cloud implementations.

About

Training scenarios for cyber ranges

Resources

License

Releases

No releases published

Packages

No packages published

Languages