Overview

Multi-use Hybrid + Identity Cyber Range implementing a small Active Directory Domain in Azure alongside Azure AD and Azure Domain Services.

PurpleCloud has recently released a Terraform code generator to create different Azure security labs. This generator uses Python scripts to create custom Terraform files based on user input. The generator includes a variety of labs, such as an Azure Sentinel lab, an Azure Storage account with file shares, containers, blobs, and sample files, an Azure Managed Identity security lab, and an Azure AD Connect lab. It also includes support for custom CSV files for loading AD users, groups, and OUs into AD DS.

The generator has been updated multiple times since its initial release. On 11/18/22, the managed_identity.py and aadjoin.py scripts were changed to provide better cost and remove special characters from the Azure AD password. On 11/3/22, two new Terraform Generators were added: ADFS and AADJoin. These build a Federation ADFS lab with a DC and an Azure AD Join lab with Windows 10 managed devices. On 9/8/22, the managed identity generator was updated to provide automated white listing of source IP. On 9/6/22, the Azure AD Connect on Domain Controller was updated to include a customizable Azure AD Connect msi. On 9/2/22, support for custom CSV files was added for loading AD users, groups, and OUs into AD DS. On 9/1/22, local-exec and ansible dependencies were removed, and Sysmon and Velociraptor were upgraded. On 8/4/22, the Sentinel Lab was updated to ship Sysmon and Security logs into Sentinel. On 8/2/22, a new Terraform Generator was added for a Phishing Application. On 7/18/22, three new Terraform Generators were added for Azure Sentinel, Azure Storage, and Azure Managed Identity. On 5/13/22, Service Principal abuse attack primitives were added as an optional support. Finally, on 2/14/22, the Python terraform generator was released.

The full documentation for the Terraform code generator can be found at https://www.purplecloud.network. It includes detailed instructions for each of the labs, as well as usage examples for the Service Principal abuse attack primitives. With this generator, users can quickly spin up a variety of Azure security labs for different use cases.

📓 Overview

👉🏽 Multi-use Hybrid + Identity Cyber Range implementing a small Active Directory Domain in Azure alongside Azure AD and Azure Domain Services. 👉🏽 PurpleCloud has released a Terraform code generator for creating Azure security labs. 👉🏽 The generator uses Python scripts to create custom Terraform files based on user input. 👉🏽 It includes labs for Azure Sentinel, Azure Storage, Azure Managed Identity, and Azure AD Connect. 👉🏽 The generator supports loading AD users, groups, and OUs into AD DS using custom CSV files. 👉🏽 It has been updated multiple times since its initial release. 👉🏽 Updates include improved cost and removing special characters from Azure AD passwords. 👉🏽 New Terraform Generators for ADFS and AADJoin labs were added. 👉🏽 The managed identity generator has automated source IP whitelisting. 👉🏽 Azure AD Connect on Domain Controller now includes a customizable Azure AD Connect msi. 👉🏽 Documentation can be found at https://www.purplecloud.network for detailed instructions and examples.

🔗 source link: https://github.com/iknowjason/PurpleCloud

🔗 summarized content: https://hut.threathunterz.com/battlefield-intel/tradecraft-tools/overview

#PurpleCloud #TerraformCodeGenerator #AzureSecurityLabs #PythonScripts #UserInput