Open in app

Sign in

Write

Sign in

#0 LAVAEL: Intro

Vladyslav Diadenko
2 min readOct 12, 2024

--

DISCLAIMER:
This project simulates scenarios close to real-world situations. However, for safety and ethical reasons, the code for “phishing” (emails generated via script), “malware attachments,” and “ransomware” is not provided in these guidelines, even though Windows Defender will block these actions by default. The C2 setup was adapted from the Atomic Red Team’s resources and is implemented within a simulated program used here.

The goal of this project is not to provide all pseudo-malicious code, but rather to demonstrate the process of lab creation, simulation scenarios, and the use of MITRE methodologies. Basic concepts will be covered, allowing you to easily apply your own adversary emulation plans to this lab.

A few years ago, I came up with a concept for an enterprise network that I wanted to build, initially based on the pfSense firewall. Over time, as I gained more experience, I decided to deploy the entire lab in a virtual environment rather than relying on physical connectivity. This approach provides the flexibility to automate everything. The topology for this lab is shown below:

This lab utilizes tools like Vagrant, Packer, Ansible, and Cockpit, with a focus on a Linux-based setup, as we will be using libvirt as the provider for Vagrant. The lab configuration has been primarily tested on Debian 11, but I have also successfully repeated all the steps on a laptop running Pop!_OS 22.04. With 16 threads and 64GB of RAM, I find the setup comfortable for lab implementation. Keep in mind that you can adapt these concepts and confidently replicate them on your operating system (e.g., Windows) or with different hypervisors.

All VM images for this lab will be installed from Vagrant Cloud, except for the FortiGate image. Make sure to register an account on the Fortinet support website to get free trial access to the FortiGate VM image. I used PyInstaller to compile programs created for this lab, but note that the PyInstaller VM setup is not part of this lab and won’t be described here — this is mainly a reminder for myself.

Libvirt
Adversary Simulation
Vagrant
Virtual Lab

--

--

Vladyslav Diadenko
Vladyslav Diadenko

Written by Vladyslav Diadenko

12 Followers
9 Following

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams