Simulation environment for attacks on computer networks

You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Go to file

Thorsten Sick de71244776 Adding line numbers and file names to metasploit attacks		3 years ago
app	Adding line numbers and file names to metasploit attacks	3 years ago
doc	Added compiled documentation to shipit	3 years ago
plugins	Adding line numbers and file names to metasploit attacks	3 years ago
systems	Extending vagrant file - machine upgrade	3 years ago
templates	Adding line numbers and file names to metasploit attacks	3 years ago
tests	full unit test coverage for config	3 years ago
tools	shipit extended to accept deeper nested files. Especially in plugin resource folders	3 years ago
.gitignore	Initial update	3 years ago
CONTRIBUTING.txt	Documentation upgrade improved contributing.txt	3 years ago
CONTRIBUTORS.txt	Basic contribution files added	3 years ago
Makefile	Type checking 2	3 years ago
README.md	Documentation upgrade	3 years ago
caldera_control.py	PEP8 fixes	3 years ago
caldera_subset_classic.txt	Caldera experiments can be independently controlled by files. Those will overwrite the caldera attacks in the experiment files. Good for batch processing	3 years ago
doc_generator.py	Some PEP8 cleanup	3 years ago
experiment_control.py	TODO cleanup	3 years ago
init.sh	Init now installs latex dependencies. Auto generation of human readable documentation is now possible	3 years ago
machine_control.py	pylinting	3 years ago
metasploit_control.py	pylinting round 4	3 years ago
plugin_manager.py	pylinting	3 years ago
pylint.rc	Added pylint rc	3 years ago
requirements.txt	Adding flask for OSQuery experiment. OSquery sensor will be remote controlled by a small web server running on the target	3 years ago
requirements_dev.txt	Documentation can be built now	3 years ago
setup.py	Unit tests working now	3 years ago
template.yaml	Removed kali config from yaml files. Replaced with a more generic attack_plugin config	3 years ago
tox.ini	Automated tests for plugins	3 years ago

README.md

PurpleDome creates simulated systems which hack each other

It creates several virtual machines to simulate a target network. A Kali attacker will be spawned and use configured attacks to blast at the targets. Those attacks can be Kali command line tools, Caldera abilities or Metasploit tools.

The goal is to test sensors and detection logic on the targets and in the network and improve them.

The system is at the same time reproducible and quite flexible (target system wise, vulnerabilities on the targets, attacks).

Installation

Setting up the python environment:

./init.sh

The typical local use case is to create the machines using Vagrant and running them in VirtualBox:

... sudo apt install vagrant virtualbox ...

You will have to switch into the python environment to run it

Before using any PurpleDome commands switch into the python environment:

... source venv/bin/activate ...

(this will contain the libraries in the required versions)

Testing

Basic code and unit tests can be run by

make test

That way you can also see if your env is set up properly

Running the basic commands

All command line tools have a help included. You can access it by the "--help" parameter

... python3 ./experiment_control.py -v run ...

-v is verbosity. To spam stdout use -vvv
run is the default command
--configfile is optional. If not supplied it will take experiment.yaml

Most of the configuration is done in the yaml config file. For more details check out the full documentation

The real documentation

This README is just a short overview. In depth documentation can be found in the doc folder.

Documentation is using sphinx

https://www.sphinx-doc.org/en/master/index.html

Generate it switching to the directory doc and calling

make all