{"id":13845095,"url":"https://github.com/Marshall-Hallenbeck/red_team_attack_lab","last_synced_at":"2025-07-12T01:31:42.548Z","repository":{"id":41861290,"uuid":"395429524","full_name":"Marshall-Hallenbeck/red_team_attack_lab","owner":"Marshall-Hallenbeck","description":"Red Team Attack Lab for TTP testing \u0026 research","archived":false,"fork":false,"pushed_at":"2023-05-15T21:17:05.000Z","size":1570,"stargazers_count":574,"open_issues_count":1,"forks_count":77,"subscribers_count":18,"default_branch":"main","last_synced_at":"2025-07-04T16:26:44.646Z","etag":null,"topics":["ansible","hacking","infosec","lab","penetration-testing","pentesting","red-team","redteam","security","security-testing","security-tools","vagrant"],"latest_commit_sha":null,"homepage":"https://github.com/Marshall-Hallenbeck/red_team_attack_lab","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Marshall-Hallenbeck.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-08-12T19:55:10.000Z","updated_at":"2025-06-19T14:52:05.000Z","dependencies_parsed_at":"2023-01-22T22:00:33.385Z","dependency_job_id":null,"html_url":"https://github.com/Marshall-Hallenbeck/red_team_attack_lab","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Marshall-Hallenbeck/red_team_attack_lab","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Marshall-Hallenbeck%2Fred_team_attack_lab","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Marshall-Hallenbeck%2Fred_team_attack_lab/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Marshall-Hallenbeck%2Fred_team_attack_lab/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Marshall-Hallenbeck%2Fred_team_attack_lab/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Marshall-Hallenbeck","download_url":"https://codeload.github.com/Marshall-Hallenbeck/red_team_attack_lab/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Marshall-Hallenbeck%2Fred_team_attack_lab/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264923080,"owners_count":23683716,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","hacking","infosec","lab","penetration-testing","pentesting","red-team","redteam","security","security-testing","security-tools","vagrant"],"created_at":"2024-08-04T17:03:10.468Z","updated_at":"2025-07-12T01:31:41.564Z","avatar_url":"https://github.com/Marshall-Hallenbeck.png","language":"PowerShell","funding_links":[],"categories":["PowerShell"],"sub_categories":[],"readme":"# Red Team Attack Lab\r\n\r\nDisclaimer: right now this is in a development state.  This is also my first time really using Vagrant \u0026 Ansible.\r\n\r\n## Description\r\n\r\nA virtual environment with various realistic operating system and vulnerabilities for red teamers to play with\r\n\r\n### Impetus\r\nEvery lab environment that I have come across (Splunk Attack Range, DetectionLab, etc)\r\nhas been heavily focused on blue team controls and/or only runs in cloud environments.\r\n\r\nAs someone who doesn't want to pay extra money to host environments in AWS or Azure,\r\nthis was quite annoying, so I decided to hack together something that runs locally.\r\n\r\nMy main focus is on setting up a red teamable environment either for testing the development of tools,\r\ndiscovering new techniques, testing older TTPs,  or staying up to date with the newest emerging threats.\r\n\r\n## Installation\r\n### Linux\r\n#### Dependencies\r\n```\r\nsudo apt-get update \r\nsudo apt-get install -y linux-headers-generic vagrant virtualbox virtualbox-dkms\r\nsudo apt install ansible\r\nsudo gem install winrm-elevated\r\nsudo gem install winrm\r\n```\r\n```\r\nansible-galaxy collection install community.windows chocolatey.chocolatey\r\nvagrant plugin install vagrant-hostmanager vagrant-vbguest\r\n```\r\n\r\n### Windows\r\nSee [Windows Setup](docs/windows_setup.md)\r\n\r\n## How to Run\r\n\r\n### Full Build (may take ~2 hours!)\r\n```\r\nvagrant up\r\n```\r\nIf a host fails to connect via WinRM after spinning up (intermittent issue), just re-run the provisioning via `vagrant provision $host`.\r\n\r\n### Specific Build\r\n```\r\nvagrant up dc01 win10-1 win10-dev kali\r\n```\r\nFor full list of hosts see [hosts](docs/hosts.md)\r\n\r\n## Architecture\r\nTODO: create architecture document...\r\n\r\nSee [hosts](docs/hosts.md)\r\n\r\n## Vulnerabilities\r\nSee [Vulnerabilities](docs/vulnerabilities.md)\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMarshall-Hallenbeck%2Fred_team_attack_lab","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FMarshall-Hallenbeck%2Fred_team_attack_lab","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMarshall-Hallenbeck%2Fred_team_attack_lab/lists"}