With the local lab built these are the instructions for getting the Detection Lab into the AWS. How to stand up DetectionLab in AWS - Part II Pre-requisites Part I - Local Install Terraform installation Export VM’s as OVA’s Shutdown each VM and open up the VirtualBox GUI. Select each VM and select “File, Export Appliance”. Select the VM to export Select the output file Enter in any additional product information.
Recently I was made aware of a GitHub project by Chris Long named “Detection Lab” which allows blue teams to see what a particular piece of malware does in an environment and conversely allows the red team to see what breadcrumbs their software may leave behind. Its a 4 lab server consisting of: Microsoft Windows AD Server Splunk Logging A Windows Event Forwarding Server Client Win10 machine Based off the back of last weeks CyberGym training and the fact that there are TerraForm templates for this setup, I decided to give this a shot.