https://github.com/ezra-buckingham/terry-the-terraformer
A CLI for deploying red team infrastructure across mutliple cloud providers, all integrated with a virtual Nebula network, and full ELK integration
https://github.com/ezra-buckingham/terry-the-terraformer
ansible aws azure cli digitalocean docker docker-compose elasticsearch filebeat google-cloud-platform logstash namecheap nebula proxmox redteam terraform
Last synced: 16 days ago
JSON representation
A CLI for deploying red team infrastructure across mutliple cloud providers, all integrated with a virtual Nebula network, and full ELK integration
- Host: GitHub
- URL: https://github.com/ezra-buckingham/terry-the-terraformer
- Owner: ezra-buckingham
- License: mit
- Created: 2022-06-22T20:40:05.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2023-07-23T20:54:16.000Z (over 1 year ago)
- Last Synced: 2024-08-02T02:17:12.206Z (9 months ago)
- Topics: ansible, aws, azure, cli, digitalocean, docker, docker-compose, elasticsearch, filebeat, google-cloud-platform, logstash, namecheap, nebula, proxmox, redteam, terraform
- Language: Python
- Homepage: https://github.com/ezra-buckingham/terry-the-terraformer/wiki
- Size: 6.82 MB
- Stars: 110
- Watchers: 8
- Forks: 15
- Open Issues: 20
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
- jimsghstars - ezra-buckingham/terry-the-terraformer - A CLI for deploying red team infrastructure across mutliple cloud providers, all integrated with a virtual Nebula network, and full ELK integration (Python)
README
# Terry the Terraformer
A Python CLI tool for building a red team infrastructure using Terraform, Ansible, and Docker. Once deployed, all resources can be integrated into a [Nebula network](https://github.com/slackhq/nebula) for secure communications across nodes as well as with centralized logging that all goes through Logstash and into an Elastic Stack.
## Documentation
Most documentation can be found in the [Wiki pages](https://github.com/ezra-buckingham/terry-the-terraformer/wiki). If there is something missing or unclear, please create a GitHub issue.
## Getting Started
Getting started is relatively easy. Follow the [Getting Started](https://github.com/ezra-buckingham/terry-the-terraformer/wiki/Getting-Started) instructions to begin using Terry.
## Why this solution?
If you are interested to find out how I landed on this solution, go follow my "DevAttackOps" series on my blog where I talk through each step of this solution in a blog format.
https://ezrabuckingham.com/tags/devattackops/
## Contributors / Acknowledgement
I would like to thank all the people who have helped with the architecture of this project and the development of each piece. Initially, this project came to life from a co-worker, [WJDigby](https://github.com/WJDigby). He had a much cooler name for the project than Terry. And not to mention all the people in BloodHound Slack that I pestered for getting feedback on this solution. Thank you!
[](https://twitter.com/buckinghamezra) Ezra Buckingham @BuckinghamEzra
[](https://twitter.com/discoverscripts) Lee Baird @discoverscripts
### Honorable Mentions
[](https://twitter.com/jay_townsend1) Jay "L1ghtn1ng" Townsend @jay_townsend1
## Known Issues
Terry contains a few known issues. Below are some of the ones I have identified:
* No central management of wildcard certs (wildcard cert generation likely coming in the future)
* PTR records need to be determined before SMTP will work
* DigitalOcean will create PTR records from the name of the host, need to make sure name of host is the FQDN
## What's Next?
* Adding a secrets management solution to Terry to allow for dynamic generation of secrets and automatic pushing of secrets to a secure place
* Timeout date on infra (auto-destroy)
* Scan Terraform code for vulnerabilities
* Potential override templates