{"id":51564021,"url":"https://github.com/michael-borck/cybersecurity-lab-lateral-movement","last_synced_at":"2026-07-10T13:03:04.088Z","repository":{"id":320386152,"uuid":"1075859046","full_name":"michael-borck/cybersecurity-lab-lateral-movement","owner":"michael-borck","description":"Provides Docker-based lab environment for practicing lateral movement techniques in cybersecurity.","archived":false,"fork":false,"pushed_at":"2026-06-25T11:08:12.000Z","size":53,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-25T12:21:24.494Z","etag":null,"topics":["cybersecurity","docker","docker-compose","edtech","ethical-hacking","html","lab-environment","lateral-movement","network-security","penetration-testing","security-lab","security-training","vulnerability-assessment","vulnerable-applications"],"latest_commit_sha":null,"homepage":null,"language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/michael-borck.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-10-14T04:56:47.000Z","updated_at":"2026-06-25T11:08:16.000Z","dependencies_parsed_at":null,"dependency_job_id":"b95c274b-324f-46e5-8b93-2dfa02ea67c9","html_url":"https://github.com/michael-borck/cybersecurity-lab-lateral-movement","commit_stats":null,"previous_names":["michaelborck-security/cybersecurity-lab-lateral-movement","michael-borck/cybersecurity-lab-lateral-movement"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/michael-borck/cybersecurity-lab-lateral-movement","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michael-borck%2Fcybersecurity-lab-lateral-movement","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michael-borck%2Fcybersecurity-lab-lateral-movement/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michael-borck%2Fcybersecurity-lab-lateral-movement/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michael-borck%2Fcybersecurity-lab-lateral-movement/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/michael-borck","download_url":"https://codeload.github.com/michael-borck/cybersecurity-lab-lateral-movement/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michael-borck%2Fcybersecurity-lab-lateral-movement/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":35331955,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-07-10T02:00:06.465Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","docker","docker-compose","edtech","ethical-hacking","html","lab-environment","lateral-movement","network-security","penetration-testing","security-lab","security-training","vulnerability-assessment","vulnerable-applications"],"created_at":"2026-07-10T13:03:03.162Z","updated_at":"2026-07-10T13:03:04.078Z","avatar_url":"https://github.com/michael-borck.png","language":"HTML","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CYB204 Lateral Movement Lab Environment\n\n\u003c!-- BADGES:START --\u003e\n[![cybersecurity](https://img.shields.io/badge/-cybersecurity-f44336?style=flat-square)](https://github.com/topics/cybersecurity) [![docker](https://img.shields.io/badge/-docker-2496ed?style=flat-square)](https://github.com/topics/docker) [![docker-compose](https://img.shields.io/badge/-docker--compose-blue?style=flat-square)](https://github.com/topics/docker-compose) [![edtech](https://img.shields.io/badge/-edtech-4caf50?style=flat-square)](https://github.com/topics/edtech) [![ethical-hacking](https://img.shields.io/badge/-ethical--hacking-blue?style=flat-square)](https://github.com/topics/ethical-hacking) [![html](https://img.shields.io/badge/-html-e34f26?style=flat-square)](https://github.com/topics/html) [![lateral-movement](https://img.shields.io/badge/-lateral--movement-blue?style=flat-square)](https://github.com/topics/lateral-movement) [![penetration-testing](https://img.shields.io/badge/-penetration--testing-blue?style=flat-square)](https://github.com/topics/penetration-testing) [![security-lab](https://img.shields.io/badge/-security--lab-blue?style=flat-square)](https://github.com/topics/security-lab) [![vulnerable-applications](https://img.shields.io/badge/-vulnerable--applications-blue?style=flat-square)](https://github.com/topics/vulnerable-applications)\n\u003c!-- BADGES:END --\u003e\n\nThis Docker-based lab environment provides a safe, isolated network for practicing lateral movement techniques as part of the CYB204 Ethical Hacking course.\n\n## System Requirements\n\nThis lab has been designed to run on low-powered laptops across Linux, Windows, and Mac platforms.\n\n### Minimum Requirements:\n- 4GB RAM (8GB recommended)\n- 10GB free disk space\n- Docker Desktop or Docker Engine installed\n- Docker Compose v2.0 or higher\n\n### Tested On:\n- Windows 10/11 with Docker Desktop\n- macOS (Intel and Apple Silicon)\n- Ubuntu Linux 20.04+\n\n## Installation\n\n### 1. Install Docker\n\n**Windows/Mac:**\n- Download and install [Docker Desktop](https://www.docker.com/products/docker-desktop/)\n- Ensure Docker Desktop is running before proceeding\n\n**Linux:**\n```bash\n# Install Docker\ncurl -fsSL https://get.docker.com -o get-docker.sh\nsudo sh get-docker.sh\n\n# Install Docker Compose\nsudo apt-get install docker-compose-plugin\n\n# Add your user to docker group\nsudo usermod -aG docker $USER\nnewgrp docker\n```\n\n### 2. Get the Compose File\n\nThe lab images are pre-built and published to GitHub Container Registry (GHCR),\nso you don't need to build anything — you only need the `docker-compose.yml`\nfile. Clone the repo (or just download `docker-compose.yml`):\n\n```bash\ngit clone https://github.com/michael-borck/cybersecurity-lab-lateral-movement.git\ncd cybersecurity-lab-lateral-movement\n```\n\n### 3. Start the Lab Environment\n\n```bash\ndocker compose up -d\n```\n\nThe first run pulls the pre-built images from GHCR (a few minutes depending on\nyour connection); subsequent startups are near-instant. The images are\npublished as multi-architecture, so the correct build is pulled automatically\non Intel/AMD machines and on Apple Silicon Macs.\n\n\u003e **Instructors / developers:** to build the four custom images locally instead\n\u003e of pulling them, layer the build override file on top of the base compose:\n\u003e\n\u003e ```bash\n\u003e docker compose -f docker-compose.yml -f docker-compose.build.yml up -d --build\n\u003e ```\n\u003e\n\u003e Pushes to `main` rebuild and republish the images automatically via the\n\u003e `.github/workflows/build.yml` GitHub Actions workflow.\n\n### 4. Verify All Containers Are Running\n\n```bash\ndocker-compose ps\n```\n\nYou should see 8 containers running:\n- secutils\n- workstation\n- ubuntu-desktop\n- ldap\n- mysql\n- telnet\n- juice-shop\n- dvwa\n\n## Lab Architecture\n\n### Network Configuration\n- **Subnet:** 172.20.0.0/24\n- **Network Name:** cyb204_net\n\n### Container IPs and Services\n\n| Container | IP Address | Services | Purpose |\n|-----------|------------|----------|---------|\n| secutils | 172.20.0.10 | Attack tools | Primary attack client with nmap, impacket, etc. |\n| workstation | 172.20.0.20 | SSH (22), SMB (139/445) | Linux target with shared resources |\n| ubuntu-desktop | 172.20.0.30 | SSH (22) | Ubuntu target with config files |\n| ldap | 172.20.0.40 | LDAP (389) | Directory service target |\n| mysql | 172.20.0.50 | MySQL (3306) | Database target |\n| telnet | 172.20.0.60 | Telnet (23) | Telnet service target |\n| juice-shop | 172.20.0.70 | HTTP (3000) | Vulnerable web application |\n| dvwa | 172.20.0.80 | HTTP (80) | Damn Vulnerable Web App |\n\n### Default Credentials\n\n**Workstation:**\n- labuser / Password123\n- admin / Admin123!\n- root / RootPass123\n\n**Ubuntu-Desktop:**\n- user1 / User123\n- developer / Dev2023!\n\n**Telnet:**\n- telnetuser / Telnet123\n- guest / guest\n\n**MySQL:**\n- root / root123\n- dbuser / dbpass123\n\n**LDAP:**\n- Admin DN: cn=admin,dc=cyb204,dc=local\n- Password: admin123\n\n## Quick Start Guide\n\n### Access the Attack Container (secutils)\n\n```bash\ndocker exec -it secutils /bin/bash\n```\n\n### Basic Commands\n\n**Scan the network:**\n```bash\nnmap -sP 172.20.0.0/24\n```\n\n**Detailed service scan:**\n```bash\nnmap -sV 172.20.0.20\n```\n\n**Check container IPs:**\n```bash\ndocker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' \u003ccontainer_name\u003e\n```\n\n**Access other containers directly:**\n```bash\ndocker exec -it workstation /bin/sh\ndocker exec -it ubuntu-desktop /bin/bash\n```\n\n**View web applications:**\n- Juice Shop: http://localhost:3000\n- DVWA: http://localhost:8080\n\n## Lab Exercises\n\nFollow the exercises in `week09-worksheet-movement.docx` to:\n1. Enumerate the network\n2. Dump credentials from Linux systems\n3. Exploit trust relationships via SSH and SMB\n4. Practice remote code execution\n5. Understand lateral movement techniques\n\n## Troubleshooting\n\n### Containers won't start\n```bash\n# Stop all containers\ndocker-compose down\n\n# Remove old containers and networks\ndocker-compose down -v\n\n# Rebuild and start fresh\ndocker-compose build --no-cache\ndocker-compose up -d\n```\n\n### Out of memory errors\n```bash\n# On Docker Desktop: Increase memory allocation in Settings \u003e Resources\n# Minimum 4GB recommended, 6-8GB ideal for all containers\n\n# Stop unnecessary containers\ndocker-compose stop juice-shop dvwa\n```\n\n### Can't connect between containers\n```bash\n# Verify network exists\ndocker network ls | grep cyb204\n\n# Check container IPs\ndocker network inspect cyb204_net\n```\n\n### Permission denied errors\n```bash\n# Linux users: ensure you're in docker group\nsudo usermod -aG docker $USER\nnewgrp docker\n```\n\n## Stopping the Lab\n\n### Stop all containers (preserves data):\n```bash\ndocker-compose stop\n```\n\n### Stop and remove containers:\n```bash\ndocker-compose down\n```\n\n### Complete cleanup (removes everything):\n```bash\ndocker-compose down -v\ndocker system prune -a\n```\n\n## Security Notes\n\n**IMPORTANT:** This lab environment contains intentionally vulnerable systems and should ONLY be used for educational purposes in an isolated environment.\n\n- Do NOT expose these containers to the internet\n- Do NOT use these configurations in production\n- All passwords are intentionally weak for educational purposes\n- Practice ethical hacking principles at all times\n\n## Resource Usage\n\nTypical resource usage with all containers running:\n- **Memory:** 2-4GB RAM\n- **CPU:** 10-20% on modern systems\n- **Disk:** ~2GB for images\n\nTo reduce resource usage, stop unused containers:\n```bash\ndocker-compose stop juice-shop dvwa\n```\n\n## Support\n\nIf you encounter issues:\n1. Check the troubleshooting section above\n2. Review Docker logs: `docker-compose logs \u003ccontainer_name\u003e`\n3. Verify Docker Desktop is running and allocated sufficient resources\n4. Contact your instructor with error messages and system specifications\n\n## License\n\nThis lab environment is created for educational purposes for CYB204 Ethical Hacking course.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmichael-borck%2Fcybersecurity-lab-lateral-movement","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmichael-borck%2Fcybersecurity-lab-lateral-movement","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmichael-borck%2Fcybersecurity-lab-lateral-movement/lists"}