Raven Security – Pen Test Example and Walkthrough
This is a walkthrough of a capture the flag exercise completed as part of a final project in a Cybersecurity Bootcamp.
This is a walkthrough of a capture the flag exercise completed as part of a final project in a Cybersecurity Bootcamp.
Disclaimer – this worked on my hardware, it may not work on yours. This is based off the instructions on the Arch Wiki please refer to that for specific instructions.
First steps are to download the .iso from the Arch Website and write to to a USB drive so that it’s bootable. Boot into your system from the USB drive and you should see a command prompt and a welcome to Arch Linux message. Then proceed with the following…
In a previous post I explained how to attack and gain access to the vulnerable virtual machine known as Raven Security. In this post I explain how to create an ansible playbook that will harden the server, addressing a few key security vulnerabilities, to prevent future attacks.
These files have been tested and used to generate a live ELK deployment on Azure. They can be used to either recreate the entire deployment pictured above. Alternatively, select portions of the installbeats.sh file can be used to intall portions of the ELK server such as filebeat.