A cyber security blog

BackBag Lab VM: Your tailored portable security testing environment

BackBag Lab\VM, small enough to carry on your back (Backpack) πŸŽ’πŸ’»

We conduct offensive and defensive operations and that requires fast rolling environments for proper testing. Working on laptops is awesome but sadly we still lack having testing environments tailored for both blue and red teaming. So here is an idea: lets build your own, we did, and we open-sourced it. It is heavily inspired by DetectionLab.

It is worth mentioning that we used BackBag Lab\VM to do the work showcased in the previous post.

The Win10 VM

Backbag Lab is designed to be light enough to run on a single workstation/laptop and easily modifiable to meet your needs as a security practitioner (subject to your needs and available hardware resources). The lab utilizes Vagrant to provision and configure machines .It was tested on: Windows, macOS, and Linux.

The lab consists of the following VMs which can be setup with different configurations:
2x Windows servers 2016
1x Windows 10
1x Ubuntu 20.04 server

The following is an example configuration which can be easily achieved:
1. Active Directory - Domain Controller.
2. IIS server joined to the domain.
3. Windows 10 joined to the domain
4. Linux server

Each machine has its own tool install script (here is a list of included tools which can be installed automatically upon setting up the lab). To see more example configs, checkout this page in the wiki on github.

For sure, sometimes you need only a single VM and BackBag loves to help and can deliver. As a matter of fact, we mostly use the Win10 and Linux server in standalone mode.

Vagrantfile VM Selection

When you look at the tools installable on the Win10 machine, you can see Β it is mostly used as an analyst machine, for both red and blue teaming related activities. The following page in the wiki shows you how to spin up a single machine and not the whole lab.

You are expected to view and edit the Vagrantfile as well as the install scripts to modify them to fit your needs. There is a wiki on Github and everything you are expected to modify is both documented and commented including (not limited to):
1. Increasing resources for certain VMs.
2. Selecting which tools to install.
3. Selecting which machines to join to the domain and if a domain should be created.

For more details of the design and setup, checkout the project's wiki on github.

As always, contributions to the project are welcome and should you face issues, feel free to open up an issue on Github. Moreover, if you need to introduce a tool to the project please let us know. It would be really cool to see what our fellow practitioners use on a day to day basis. We are always open to initiatives making our lives easier.


Humoud Al Saleh:
- Twitter
- Github
- More posts...

Subscribe to Cyphur Blog

Sign up now to get access to the library of members-only issues.
Jamie Larson