How to use Immersive cyber ranges for cyber threat research?
Want to know how to take advantage of the cyber ranges platform to do malware and adversary research in a sandboxed environment? In this post, I’ll walk you through how to get access to the Heimdall Detection Engineering template for CTI so you can do just that! The Heimdall template is a domain-joined range that contains workstations, a domain controller, and security tooling that you’d ordinarily find in a real network. The purpose of this template is to enable cyber threat research, where you can launch attacks and malware, capture indicators of compromise through tools like Velociraptor, a SIEM network packet capture tool, and some analyst workstations with a bunch of analysis and reverse engineering tools. With that said, let’s get started. Firstly, you’ll need to go to the cyber ranges sign-up page and sign up with a name and email address. After hitting “Sign up”, you’ll need to go to your email and find the confirmation email to get your credentials, then go back to the cyber ranges website and log in with your new credentials. After signing in, you’ll be in the main ranges dashboard. You’ll need to connect your own Amazon Web Services (AWS) account to use ranges, as provisioning machines will cost money for every hour that they are active or stored. Once you’ve connected your AWS account, you can then go to “Range Templates” and launch the Heimdall range.Question for members: your most rebellious labs
Hello!, I think it would be interesting to share in this Community those labs that have been the most difficult for us to complete; or those that are resisting us and we have invested a significant amount of time: trying tactics and techniques, reading carefully their documentation and references, blog posts about the exploits, testing options or just going step by step. Let's get started :)!: .: I find it hard to finish labs related to access policies or permissions in Cloud: maybe it's the syntax required to give permission to a S3 bucket or to the access point ... but I invest a lot of time to complete them. I am close to having finished 2,400 labs but when I have to write the concrete policy in that json file I struggle :). .: Esoteric labs, as I like to call them ^^. Example: CAN bus. Don't ask me the specific reason, but I have been trying for some time to finish the last few!: I love them, but I'm stuck at the moment. [...] So: which are the labs you have had the hardest time finishing (no matter the difficulty) and which are the ones you are investing the most time in?. Thank you and good luck!.
