archive
/
PurpleDome
mirror of https://github.com/avast/PurpleDome
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Simulation environment for attacks on computer networks
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
181 Commits
7 Branches
0 Tags
704 KiB
Python 98%
Makefile 0.6%
C 0.6%
Shell 0.4%
Batchfile 0.3%
Other 0.1%
 
 
 
 
 
 
develop
polishing2
presentation_gpn_2022
more_unit_tests
extending_page
main
caldera_4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e51c46bba3'
${ noResults }
Go to file
Thorsten Sick e51c46bba3 mypy fixes 3 years ago
app mypy fixes 3 years ago
doc Unit tests work. Still some PEP errors and no integration checks 3 years ago
plugins Made pylint happy 3 years ago
systems
templates Adding line numbers and file names to metasploit attacks 3 years ago
tests All auto tests work. Integration tests not yet run ! 3 years ago
tools shipit extended to accept deeper nested files. Especially in plugin resource folders 3 years ago
.gitignore
CONTRIBUTING.txt
CONTRIBUTORS.txt
Makefile Added tame pylint to default tests 3 years ago
README.md
caldera_control.py
caldera_subset_classic.txt
doc_generator.py
experiment_control.py
init.sh
machine_control.py
metasploit_control.py
plugin_manager.py Unit tests for pluginmanager 3 years ago
pydantic_test.py Made pylint happy 3 years ago
pylint.rc Made pylint happy 3 years ago
requirements.txt Unit tests work. Still some PEP errors and no integration checks 3 years ago
requirements_dev.txt
setup.py
template.yaml Fixed all existing yaml config files 3 years ago
tox.ini All auto tests work. Integration tests not yet run ! 3 years ago

README.md

PurpleDome creates simulated systems which hack each other

It creates several virtual machines to simulate a target network. A Kali attacker will be spawned and use configured attacks to blast at the targets. Those attacks can be Kali command line tools, Caldera abilities or Metasploit tools.

The goal is to test sensors and detection logic on the targets and in the network and improve them.

The system is at the same time reproducible and quite flexible (target system wise, vulnerabilities on the targets, attacks).

Installation

Setting up the python environment:

./init.sh

The typical local use case is to create the machines using Vagrant and running them in VirtualBox:

... sudo apt install vagrant virtualbox ...

You will have to switch into the python environment to run it

Before using any PurpleDome commands switch into the python environment:

... source venv/bin/activate ...

(this will contain the libraries in the required versions)

Testing

Basic code and unit tests can be run by

make test

That way you can also see if your env is set up properly

Running the basic commands

All command line tools have a help included. You can access it by the "--help" parameter

... python3 ./experiment_control.py -v run ...

  • -v is verbosity. To spam stdout use -vvv
  • run is the default command
  • --configfile is optional. If not supplied it will take experiment.yaml

Most of the configuration is done in the yaml config file. For more details check out the full documentation

The real documentation

This README is just a short overview. In depth documentation can be found in the doc folder.

Documentation is using sphinx

https://www.sphinx-doc.org/en/master/index.html

Generate it switching to the directory doc and calling

make all