AWS Pen-Testing Laboratory deployed as IaC with Terraform on AWS. It deploys a Kali Linux instance accessible via ssh & wire guard VPN. Vulnerable instances in a private subnet.
NOTE:
Changelog
Diagram
Components
Features Added
How-To
aws configure
Deploy
Enable/disable vulnerable instances to be deployed setting 0
or 1
in variables.tf
:
variable “deploment-control” {
type = map
default = {
#”instance” = 0 or 1, to disable or enable
“metasploitable3” = 1
“dvca” = 0
}
description = “Control which EC2 instances are deployed, 0 for none or 1”
}
Use terraform for deploy infrastructure
terraform init
terraform plan
terraform apply -auto-approve
Outputs
Terraform outputs will show following entries:
Usage
Either connect to Kali via ssh or wireguard:
KALI_IP= # configure kali public ip
ssh -i kali.pem -o StrictHostKeyChecking=no -o IdentitiesOnly=yes kali@${KALI_IP}
KALI_IP= # configure kali public ip
scp -i kali.pem -o StrictHostKeyChecking=no IdentitiesOnly=yes kali@${KALI_IP}:/home/kali/client_vpn.wg .
####
(local_kali)$ sudo apt-get install –y wireguard
(local_kali)$ sudo gedit /etc/wireguard/wg0.conf # copy contents of client_vpn.wg
(local_kali)$ sudo chmod 700 /etc/wireguard/wg0.conf
(local_kali)$ sudo wg-quick up wg0
(local_kali)$ ping 10.0.0.5 # test connectivity with kali instance in AWS
Destroy
terraform destroy -auto-approve
Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…
What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…
Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…
Introduction As cyber threats grow more sophisticated, organizations need more than just firewalls and antivirus…
Introduction When it comes to cybersecurity and ethical hacking, one of the most effective ways…
Introduction In the world of cybersecurity, knowledge is power. One of the most powerful skillsets…