BlueTeam.Lab

This project includes a collection of Terraform and Ansible scripts designed to create a coordinated BlueTeam Lab.

The goal is to equip red and blue teams with the capability to deploy an ad-hoc detection lab. This lab allows them to test various attacks and analyze forensic artifacts in the latest Windows environment, providing a 'SOC-like' view into the generated data. NOTE: This lab is intentionally designed to be insecure. Please refrain from connecting this system to any important network. Lab Layout Prerequisites: Before using this setup, several features must be installed on your system. Step 1 - Install Azure CLI. For more details, visit https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-linux?pivots=apt. You can install it by running the following command: curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash. Step 2 - Install Terraform. For more information, refer to https://learn.hashicorp.com/tutorials/terraform/install-cli. Use the following commands to install Terraform: sudo apt-get update && sudo apt-get install -y gnupg software-properties-common curl curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add - sudo apt-add-repository 'deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main' sudo apt-get update && sudo apt-get install terraform.