
Explore how cyber security protects internet-connected systems from cyber attacks, aiming for a practical comfort level rather than absolute security, with 24/7 monitoring, IPS, IDS, and training.
Monitor networks in real time to detect and prevent cyber threats. Learn using Security Onion, Splunk, and a lab setup with Kali Linux, Metasploitable, and Active Directory.
Configure a cyber security monitoring and detection lab in VMware, linking pfSense, Active Directory, vulnerable server, Kali Linux, Security Onion, and Splunk to collect and analyze logs across subnets.
Set up the cyber security monitoring and detection lab on Windows 11 Pro, with VMware Workstation Pro, at least 32 GB RAM, hosting Security Onion and Kali Linux.
Install and configure VMware Workstation Pro to run lab virtual machines, including licensing, VMnet1 and VMnet8 adapters, and IPv4/IPv6 settings for lab connectivity.
Install Windows 11 in VMware Workstation by downloading the ISO, creating a new virtual machine, configuring hardware and network, and installing VMware tools for optimal performance.
Install pfSense firewall in VMware Workstation by downloading pfSense 2.60 amd64 ISO, unzipping with 7-zip, creating a six-adapter VM, and completing the installer to enable wan and lan with IPs.
Configure pfSense firewall by assigning interfaces, setting static lan ip addresses, enabling http for graphical access, and configuring dhcp across the topology-mapped networks including Kali, security onion, and Splunk.
Configure a PfSense firewall using the wizard, name interfaces, set up a bridge from LAN to a span port, and create firewall rules for Kali, Security Onion, and Splunk traffic.
Install Kali Linux from a ready VMware image, extract, open in VMware Workstation, log in as Kali, and set the network adapter to VM net four for the 192.168.3.x topology with pfSense.
Install Metasploitable 2 in VMware Workstation by downloading the ready-made image from SourceForge, unzip it, and run it on VMnet 2 with MSF admin credentials.
Install Ubuntu server edition from a ready-made VMware image (VMDK) and configure a VM with VM net six and DHCP; then update, install Ubuntu desktop, and verify connectivity with ping.
Learn how to install Security Onion in VMware Workstation, configure three interfaces for management, span, and logs, and complete the evaluation setup with admin credentials and access the web interface.
Update the Security Onion device in a VMware Workstation lab to enable alerts, verify services, and access via the management IP; log into Kibana, Fleet, Playbook, and CyberChef.
Install Windows Server 2019 in VMware Workstation Pro using the typical method. Download the Windows Server 2019 ISO from the Microsoft evaluation, then configure the VM and install VMware Tools.
Install Windows Server 2019 in a virtual machine using the custom installation, configure Active Directory, and set the LAN subnet IP to 192.168.1.100 after downloading the ISO from microsoft.com.
Configure Active Directory on Windows Server 2019 and promote the server to a domain controller for test.local. Set a static IP; DNS will be configured in the next step.
Create test users and groups in Active Directory, including an organization unit and admin and support groups, then assign users to groups and verify membership.
Configure DNS on the server by opening DNS manager, create a reverse lookup zone for 192.168.1.x, create a pointer, verify with nslookup, and test.local hosts.
Demonstrate how to expose a Windows Active Directory to multiple attacks using a GitHub script, including ACL abuse, Kerberoasting, pass-the-hash, pass-the-ticket, and password spraying in a lab.
Configure a Windows 11 client with a static IP, join the test.local Active Directory domain, and verify domain membership using domain credentials in a cybersecurity monitoring and detection lab.
Download and install Splunk version nine on Linux Ubuntu server edition, unzip the zip, run Splunk from the bin directory, accept the license, and log in with admin credentials.
Install Splunk version nine on Linux, choosing between zip, Debian, or RPM packages on CentOS or Ubuntu, unzip, run Splunk, accept license, set admin credentials, and access the web interface.
Learn how to download, install, and configure Splunk Enterprise 9 on Windows Server, choosing custom or typical installation, and launch via browser with a secure admin login.
Learn two methods to assign a static IP on Ubuntu server 22 edition: edit netplan for 5.1 or reserve the IP in pfSense DHCP to ensure reliable Splunk forwarder traffic.
Configure receiving on the Splunk server by creating a new receiving port (default 19997) and save, then create a separate index named Windows server logs to collect forwarder data.
Install the universal Splunk forwarder on Windows Server 2019 to forward logs to the Splunk server, configure the IP address and port 8089, and verify receiving and indexing.
Configure a universal forwarder to forward Windows Server 2019 logs to a Splunk server on Ubuntu, selecting local events and the Windows server logs index, and verify in Splunk.
Explore Security Onion, a free open-source Linux distro for intrusion detection and monitoring. Access network and host IDS with log management and dashboards.
students perform a controlled kali linux attack against a metasploitable two server and monitor the activity with security onion, including suricata alerts, the dashboard, and pcap.
Splunk, a leading SIM solution, collects, indexes, and visualizes machine-generated data in real time. It uses forwarders to gather logs from Windows Server 2019 and Active Directory for centralized monitoring.
Learn to monitor Active Directory activities with Splunk and Security Onion, collect logs from Windows Server 2019 via Splunk forwarder, and analyze Kerberos, password spray, and Suricata alerts.
Install and configure the Wazuh manager in VMware Workstation Pro from a downloadable virtual appliance, using the lab topology to access the admin dashboard and add agents.
Configure wazuh agent on Windows Server 2019 to send logs to the wazuh manager with the GUI installer. Enter the manager IP, import authentication key, and verify agent status.
Introduction:
This Bootcamp will teach you how to set up Monitoring, Detection and hacking lab environment for all your security research, Monitoring, Detection, hacking tools, and training you've always wanted to do. you will discover how to add several different target systems from the latest Windows platform to systems that are intentionally vulnerable such as Metasploitable, OWASP, DVWA, Mutillidae etc. Having these targets will allow you to launch attacks, verify vulnerabilities, monitor the logs and conduct research projects without your production environment.
Objectives:
Building a Cybersecurity Monitoring and Detection Lab Environment, you’ll learn how to create an environment that you can use to enhance your learning and will teach you how to set up an environment to practice your Cybersecurity and Ethical Hacking skills such as Launching a cyber-attack, verifying vulnerabilities, Conducting research projects and much more.
Who Should Attend:
Anyone who wants to learn cyber security and apply its principles in a risk-free environment should take this course. If you want to master cyber security research and learn hacking tools, then this is a perfect place to start.
Basic IP and security knowledge is nice to have. Students need to understand basic networking. Students needs to understand Networking Fundamentals. Basic of Linux, Windows and VMware workstation.
Attacker Systems:
Kali Linux OS
Vulnerable Web Applications:
bWAPP
Metasploitable
OWASP