PurpleLabs Cyber Range 30-days Access

€199

VPN Access for PurpleLabs 30 days - Linux Attack, Detection and Live Forensics

Closed
Course
8 Lessons

This 30-day PurpleLabs VPN access package is dedicated to hands-on exercises with the Linux Attack, Detection, and Live Forensics course. After the purchase, you can start your VPN access at a convenient time.

PurpleLABS is a dedicated Cyber Range infrastructure for running detection and analysis of attackers' behaviors in terms of used techniques, tactics, procedures, and offensive tools. The environment has been created to constantly improve competencies in the field of Linux//Network threat hunting and learning about current trends of offensive actions vs direct detection and live forensics.

Buy 30 Days VPN Access for Linux Attack, Detection and Live Forensics

Cyber Range Playground with Hands-On Labs

Use PurpleLABS as Cyber Range advanced R&D environment for your own red/blue security research needs or as a part of training courses where you will study hands-on labs that we have carefully prepared. You have access to the set of private VMs:

PRD_X
DEV_X
FUBU_X
KALI_X
C2_X

Learn more about PurpleLabs

PurpleLabs Cyber Range Key Values

By providing high-quality Cyber Range environment we want to enable businesses to improve the detection capacity of their SOC teams and achieve better visibility and resistance to attacks.

Full Host/Network Visibility

Deep network and host visibility in hunting friendly environment allows you to easily get on the right track to find even the most sophisticated symptoms of chained tactics, techniques, and procedures of modern attackers.

Real Security Events

Generate real symptoms of different attack phases including C2 channels, persistence, defense evasion, data exfiltration, tunneling, and pivoting between critical network segments and run host/network detections.

Dedicated Installations

Cost-effective virtual infrastructure hosted on the pre-configured dedicated servers eliminates the need to deploy and maintain Cyber Range internal components.

Continouos Knowledge Transfer

Deliver a periodic knowledge transfer and systematic expansion of team competencies in the field of Red + Blue = Purple teaming

Hunting Dashboard

PurpleLabs Introduction

0x01. PurpleLabs User Setup Overview

PurpleLabs User Setup Overview

Welcome to PurpleLABS!

PurpleLabs Hunting Dashboard

Open Source Community

Network Addressing

795 KB

Data sources and SIEM/DFIR components

PurpleLabs VM Robot Tool

Troubleshooting

Rules and policies

KEY VALUES

Execute in the lab the newest Linux attack paths and hiding techniques vs proactive detection
Learn current trends, techniques, and offensive tools for Discovery, C2, Lateral Movement, Persistence, Evasion, Exfiltration, Execution, and Credential Access against Linux machines ← Matrix ATT&Ck Framework
Learn ways to improve detection and sharpen your event correlation skills across many different Linux/network data sources
Get to know visibility/detection methods and capabilities of well-recognized Hunting and Detection tools, including Elastic Security, Velociraptor, Splunk, Sysmon, Falco, Tracee, Kunai, Moloch/Arkime, OSquery, Wazuh, Graylog, IRIS, and Sandfly Security
Generate & find the corresponding malicious Linux activities and identify threat details on the network
Prepare your SOC team for fast filtering out Linux network noise that allows for better incident response handling
Find out how Detection / DFIR Open Source Software can support your SOC infrastructure
Understand the values of proactive Linux forensics scans vs manual and automated approaches to simulate attackers and generate anomalies
Identify Linux configuration blind spots in your network security posture
Understand the value of the purple teaming approach, where you hands-on hunt for yourself and your teammates

Benefits

SOC/CSIRT Skills Development

Develop the team's analytical skills required to work in the Security Operation Center environment.

Attack Paths

Learn how to create attack paths and generate chains of security events by combining attackers’ techniques, tactics, and procedures (Chain Attack Scenarios).

Assume Breach

Understand the value of the Assume Breach approach and simulation of threats after early access (C2, post-exploitation, Lateral Movement, Persistence, Evasion).

Threat Hunting

Understand what threat hunting is and why it is important. Feel the power of data sources you have and learn how to distinguish between normal vs malicious behaviors.

Detection As Code

Understand the power of Sigma rules/Protections Artifacts and their values for SIEM solutions and DFIR needs.

Security Validation

Run a validation of the current security status of the organization's network and the understand risks.

Open Source SOC

Obtain knowledge on creating a complete SOC environment using Open Source software components.

Live Forensics

Learn how to run live forensics inspections at scale for Windows and Linux including Velociraptor, Volatility Framework, and more.

Incident Response

Create and understand incident response playbooks, quarantine default actions and more

Target Audience

CSIRT / Incident Response Specialists
Red and Blue team members
Penetration testers
Threat Hunters
Security / Data Analytics
IT Security Professionals, Experts & Consultants
SOC Analysts and SIEM Engineers
AI / Machine Learning Developers
Open Source Security Enthusiasts

Prerequisite Knowledge

The general initial skill level needed for a lab is intermediate - challenge yourself and grab a hands-on Attack/Detection experience!
An intermediate level of command-line syntax experience using Linux.
Fundament knowledge of TCP/IP network protocols.
Penetration testing experience performing enumeration, exploiting, and lateral movement is beneficial, but not required.
Having basic programming skills is a plus, but not essential.
Recommended reading material:
- Adversarial Tradecraft in Cybersecurity
- Privilege Escalation Techniques
- Linux System Programming
- Practical Threat Intelligence and Data-Driven Threat Hunting
- Transmetropolitan ;-)

€399

Linux Attack, Detection and Live Forensics v1.0 - MATERIALS ONLY - Lifetime Access

Course
263 Lessons

After learning PurpleLabs Introduction material in depth, you are ready for the next huge step of your career. Dedicated hands-on material including rootkits, process injection types, C2 Frameworks, and more. Don't mind asking for a discount!

Buy now Learn more

Frequently Asked Questions

Just a bunch of questions and answers. Hope you will find them helpful. If not, send me a DM.

HOW IS ACCESS TO PURPLELABS PROVIDED?

We are using the simplest solution based on Wireguard VPN. All you have to do is install the VPN client and import one configuration file.

WHEN WILL I GET ACCESS TO PURPLELABS?

You will get PurpleLabs VPN access credentials within 2-4 days after you make a payment via email.

WHAT DOES THE ACCESS INCLUDING?

Within 2-4 days after your payment, you will get a dedicated set of VPN credentials to PurpleLabs Cyber Range for 90 days.
For every student, we deliver a set of five exclusive Linux machines (PRD_X, KALI_X, DEV_X, FUBU_X, and VPS_X) that, at the same time, are a part of the shared detection/hunting playground.

CAN I GET AN INVOICE?

Of course.

WHAT LANGUAGE ARE THE MATERIALS IN?

All materials and lab instructions are in English. For live/online sessions you can choose between Polish and English.

IS VIDEO CONTENT INCLUDED IN THE COURSE?

No, and it has never been a priority.
Hands-on lab instructions and the Cyber Range environment have been built in such a way that you can easily repeat the steps in the step by step style.