Bit Pentest labs is a collection of open source security practice labs that we’ve automated the installation for ease of deploying and destroying security lab environments. The labs will be deployed to AWS or VirtualBox.
This project is in it's infancy stages. We will continue to enhance documentation and lab modules. Thanks for your patience and hack all the things!
- AWS account (We will use t2.micro instances when deploying instances. You are responsible for all charges in AWS)
- terraform (terraform.io) Follow Hashicorps instructions on how to install terraform on your OS
- ssh keys - Below is an example on generating ssh keys for labs. The keys will be added to AWS.
- desire, passion, and knack to hack all the things! For learning purposes of course
git clone git@github.com:BlacksInTechnologyOrg/bit-pentest-labs.git
cd bit-pentest-labs
git checkout -b <name>
cd ~/.ssh
ssh-keygen -f bitHackLab -t rsa -b 4096
cd aws/terraform/deploy/
cp labs.tfvars.example labs.tfvars
vim labs.tvfars
update the following settings:
- aws_access_key
- aws_secret_key
- ssh_public_key (Use public key from step 3)
- ip_list
- subnet_id (Get from AWS)
- vpc_id (Get from AWS)
cd aws/terraform/deploy
terraform get (Pulls modules from the terraform modules folder to deploy/.terraform)
terraform plan -var-file="labs.tfvars" (This will let you see what will be deployed)
terraform apply -var-file="labs.tfvars" (Deploys labs to AWS)
http://<public_ip>:8080/WebGoat
cd aws/terraform/deploy
terraform destroy -var-file="labs.tfvars" (type yes when prompted)
Please verify that everything was removed from AWS by logging into the console.
ssh -i ~/.ssh/bitHackLab ec2-user@<x.x.x.x> (Use public ip address from the output of your deployment run>
run "terraform show terraform.tfstate" if you forgot you public ip's
terraform show terraform.tfstate (this will give you the details of your aws deployment)
TODO: Write license