Workshop Setup Instructions

System Requirements

  • Python3.6+ is required.

  • Linux environment (The lab attack simulation scripts are supported exclusively on Linux.)

Software and Tools

Install common packages

sudo apt-get update && sudo apt install -y ssh vim net-tools curl git python3-pip unzip

Install awscli (Skip if already installed)

  • Download the package

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"

  • Unzip the installer

unzip awscliv2.zip

  • Run the install program

sudo ./aws/install

  • Verify installation

aws --version

Install startus binary and attack simulation scripts

  • Download workshop attack simulation bash scripts.

wget -c  https://vectra-public-files.s3.us-west-2.amazonaws.com/attack_simulations.tar.gz -O - | tar -xz

  • Verify installation

cd attack_simulations/
ls
exfiltration_ebs_snapshot.sh  run_all_stratus_techniques.sh  steal_passwords_and_access_keys_stored_in_ssm.sh  stratus

Accounts and Access

  • Access to an AWS account and access rights to create and assign Administrivia permission to IAM users.

  • If performing the attack simulations on Vectra managed account this would be AWS demolab (884414556547) account.

  • Access to CDR demolab tenat: https://207753870716.uw2.portal.vectra.ai/