Tuesday, January 14, 2025

Composed of XM Cyber terraform templates that assist you to find out about widespread Azure safety points




XM Goat consists of XM Cyber terraform templates that assist you to find out about widespread Azure safety points. Every template is a weak atmosphere, with some vital misconfigurations. Your job is to assault and compromise the environments.

Here is what to do for every atmosphere:

  1. Run set up after which get began.

  2. With the preliminary person and repair principal credentials, assault the atmosphere primarily based on the state of affairs circulate (for instance, XMGoat/situations/scenario_1/scenario1_flow.png).

  3. If you happen to need assistance along with your assault, confer with the answer (for instance, XMGoat/situations/scenario_1/resolution.md).

  4. Once you’re accomplished studying the assault, clear up.

Necessities

  • Azure tenant
  • Terafform model 1.0.9 or above
  • Azure CLI
  • Azure Person with Proprietor permissions on Subscription and International Admin privileges in AAD

Set up

Run these instructions:

$ az login
$ git clone https://github.com/XMCyber/XMGoat.git
$ cd XMGoat
$ cd situations
$ cd scenario_<SCENARIO>

The place <SCENARIO> is the state of affairs quantity you need to full

$ terraform init
$ terraform plan -out <FILENAME>
$ terraform apply <FILENAME>

The place <FILENAME> is the title of the output file

Get began

To get the preliminary person and repair principal credentials, run the next question:

$ terraform output --json

For Service Principals, use application_id.worth and application_secret.worth.

For Customers, use username.worth and password.worth.

Cleansing up

After finishing the state of affairs, run the next command with a purpose to clear all of the assets created in your tenant

$ az login
$ cd XMGoat
$ cd situations
$ cd scenario_<SCENARIO>

The place <SCENARIO> is the state of affairs quantity you need to full

$ terraform destroy



Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

PHP Code Snippets Powered By : XYZScripts.com