Kg4REAL/CyberRange-ESXi

GitHub: Kg4REAL/CyberRange-ESXi

基于 VMware ESXi 的企业级紫队网络安全靶场,集成了 AD 域环境、VLAN 网络隔离与 Wazuh SIEM,提供攻防对抗场景及检测规则映射。

Stars: 1 | Forks: 0

# CyberRange-ESXi 🔴🔵 ![Platform](https://img.shields.io/badge/Platform-VMware%20ESXi-blue) ![pfSense](https://img.shields.io/badge/Firewall-pfSense%202.7-orange) ![Wazuh](https://img.shields.io/badge/SIEM-Wazuh%204.x-red) ![AD](https://img.shields.io/badge/AD-Windows%20Server%202022-blue) ![Status](https://img.shields.io/badge/Status-In%20Progress-yellow) ## 架构 ![Topology](https://static.pigsec.cn/wp-content/uploads/repos/cas/f3/f3d792b7701253afb6b7060ea7ad673ff488839ffba404207513bee3622325d5.svg) ## 网络 | 主机 | IP | VLAN | 角色 | |---|---|---|---| | pfSense WAN | 192.168.40.150 | - | 防火墙 / 路由器 | | pfSense OPT1 | 10.10.10.254 | VLAN10 | 红队网关 | | pfSense OPT2 | 10.10.20.254 | VLAN20 | 目标网关 | | pfSense OPT3 | 10.10.30.254 | VLAN30 | SOC 网关 | | Kali Linux | 10.10.10.10 | VLAN10 | 攻击者 | | Windows Server 2022 | 10.10.20.10 | VLAN20 | DC01 / AD | | Windows 7 | 10.10.20.51 | VLAN20 | 受害者工作站 | | Ubuntu Server | 10.10.30.10 | VLAN30 | Wazuh SIEM | ## 基础设施 ### ESXi ![ESXi VMs](https://static.pigsec.cn/wp-content/uploads/repos/cas/c9/c960e17b27567e0aa30d773a21d2a7fc21163b1c8d190d98343b8320005dabd3.png) ![ESXi Network](https://static.pigsec.cn/wp-content/uploads/repos/cas/57/5764a853fc094be5782c9ba26fa7271b7043fe930f05c5f1e8f41830a5ecf71a.png) ### pfSense ![pfSense Dashboard](https://static.pigsec.cn/wp-content/uploads/repos/cas/fc/fc683e4226967f40192f5e7857d29f4e8127f2e38e6a7a85f7ce0e3b4cbf5d86.png) ![pfSense Rules OPT1](https://static.pigsec.cn/wp-content/uploads/repos/cas/2b/2bfe4677314c2067c780d30f6e922a5440ecae3a97b11822d95fb3fed1a59560.png) ![pfSense Rules OPT2](https://static.pigsec.cn/wp-content/uploads/repos/cas/d7/d7b4cf72f1f511fb59f61a1a1b752b6a0c62c1305a70e28cf1783a2022de6ad9.png) ### Active Directory ![AD Users](https://static.pigsec.cn/wp-content/uploads/repos/cas/1f/1f6c6e8f1e1fa61dab18018602781272cbad5e84493768a58675ab570be9017f.png) ![AD Computers](https://static.pigsec.cn/wp-content/uploads/repos/cas/f5/f587ec87d1e59fcd37b3468e6084c3fadb6e45096feb21371ed2678940d03d40.png) ![DNS](https://static.pigsec.cn/wp-content/uploads/repos/cas/d5/d52df82f866773ce25b93b9e1b2832294e55b754b3b1dd8057dfe0fd43365995.png) ![DHCP](https://static.pigsec.cn/wp-content/uploads/repos/cas/50/5005f7049e6dc429992fd235a925c97cd13a31712a1242abf413f024be38af3a.png) ### Win7 域加入 ![Win7 Domain](https://static.pigsec.cn/wp-content/uploads/repos/cas/ea/ea3d95db9ead6b579961427dea925454141614d87c49a102a9f67f8673f34224.png) ![Win7 Session](https://static.pigsec.cn/wp-content/uploads/repos/cas/92/9274549d6c5cf0bbe6aab1750a9c4577cc482ce1d884d9583b656d7512888b76.png) ## 场景 | # | 场景 | 技术 | MITRE | 状态 | |---|---|---|---|---| | 01 | [侦察、密码喷射与域渗透](04-scenarios/01-recon/README.md) | Nmap, enum4linux, NetExec | T1046, T1110.003 | ✅ | | 02 | [Kerberoasting](04-scenarios/02-ad-attacks/README.md) | Impacket GetUserSPNs, Hashcat | T1558.003 | ✅ | | 03 | [AS-REP Roasting](04-scenarios/03-asrep-roasting/README.md) | Impacket GetNPUsers, John the Ripper | T1558.004 | ✅ | | 04 | [权限提升](04-scenarios/04-privesc/README.md) | WinPEAS, LinPEAS | T1068, T1078 | 🔜 | | 05 | [网络枢纽与 LLMNR 投毒](04-scenarios/05-pivoting/README.md) | Responder, NetExec | T1557.001 | 🔜 | | 06 | [持久化](04-scenarios/06-persistence/README.md) | Evil-WinRM, registry/scheduled task | T1547.001, T1053.005 | 🔜 | | 07 | [Web 漏洞利用](04-scenarios/07-web-exploitation/README.md) | Nikto, SQLmap, Burp Suite | T1190 | 🔜 | 每个场景的检测规则、IOC 以及完整的 MITRE ATT&CK 映射都存放在 [`05-detection/`](05-detection/) 中。 ## 工具 **红队** — Kali Linux, Nmap, Impacket, CrackMapExec, BloodHound, Responder, WinPEAS **蓝队** — Wazuh SIEM, Wireshark **基础设施** — VMware ESXi, pfSense 2.7, PowerShell ## 结构 ``` CyberRange-ESXi/ ├── 01-infrastructure/ # ESXi, pfSense, network diagrams ├── 02-active-directory/ # AD setup & config ├── 03-soc-wazuh/ # Wazuh installation & config ├── 04-scenarios/ # Attack walkthroughs (01 → 07) ├── 05-detection/ # Wazuh rules, IOCs & MITRE mapping └── 06-reports/ # Incident-response template & screenshots ``` ## 路线图 - [x] 基础设施搭建 (ESXi, pfSense, VLAN 隔离, AD, Wazuh) - [x] 场景 01 — 侦察、密码喷射与域渗透 - [x] 场景 02 — Kerberoasting - [x] 场景 03 — AS-REP Roasting - [ ] 场景 04 — 权限提升 - [ ] 场景 05 — 网络枢纽与 LLMNR 投毒 - [ ] 场景 06 — 持久化 - [ ] 场景 07 — Web 漏洞利用 - [ ] 使用 [IR 模板](06-reports/incident-response/ir-template.md) 完成完整的事件响应报告 ## 作者 **Ibrahima Dia** — 网络安全专业学生 | 紫队方向 [![LinkedIn](https://img.shields.io/badge/LinkedIn-ibrahima--dia--cyber-blue)](https://linkedin.com/in/ibrahima-dia-cyber) [![GitHub](https://img.shields.io/badge/GitHub-Kg4REAL-black)](https://github.com/Kg4REAL)
标签:AI合规, CTI, 插件系统, 紫队靶场, 网络安全, 虚拟化环境, 隐私保护