Hi Everyone,
I just released a new version of an Azure terraform security lab that automatically deploys Velociraptor. It's called PurpleCloud and I wanted to share it with Velociraptor user community. It's a python script that generates terraform for a Velociraptor server + endpoint configuration. It uses terraform to generate the internal PKI that velociraptor needs, loading all of the self-signed certificates on the ubuntu velociraptor linux server and windows 10 pro endpoints. It's built for Azure. Auto-build as many AD users, Windows 10 Pro endpoints, domain joined, with users logged in with their domain creds running velociraptor for realistic adversary simulations. It's implemented with Velociraptor 6.5.2. I had issues a few weeks ago with the 0.6.6 RC candidate with the internal PKI so switched back to 6.5.2.
Here it is:
Here is the usage for the lab creating Velociraptor deployment:
It's a nice tool if you want to simulate Velociraptor in a realistic Active Directory environment with AD users, windows 10 endpoints running Velociraptor.
Huge fan of Velociraptor! Feel free to fork, clone, or re-use in other projects as a template. It's MIT license and 100% permissive to re-use.
Jason