Packer

• from hashicorp

  Packer is easy to use and automates the creation of any type of machine image.

• Essentially
  • builders
  • provisioners
  • post-processors
• github
• windows

Terraform

Vagrant cont...

• Teaching
  • Personal experience
    • 49th classes
  • Work
    • SamuraiWTF
    • PENT

Overview

• Magic?
  • packer
  • vagrant
  • terraform
• Kali
  • custom tools

• Environments
  • av testing
  • network IDS/IPS
• Potential
  • limitless

the rabbit hole...

• top three pentesting use cases
  • time
  • customized vm
  • fresh install

Packer

• variables.json generation script
• json template file
• scripts for provisioning
• vagrant config include for further configuration

Vagrant

• Intended workflow
• Pentesting workflow
• Intro blog post
  
• don't want to go all the way down?
  
• automated build
  
• want to go with someone else?

Terraform

• Want to go even farther?
• Don't want to build from scratch?
• Automate home pentesting lab
• Automate C2 infrastructure

pre reqs and packer demo

• pre reqs
  • Virtualbox
  • packer - https://www.packer.io/downloads.html
  • vagrant -  https://www.vagrantup.com/downloads.html
  • computer :)
    • probably about 20 - 30G of storage space just to be safe
  • github
• Video of auto

pre reqs and vagrant training demo

• pre reqs
  • Virtualbox
  • vagrant -  https://www.vagrantup.com/downloads.html
  • computer :)
    • probably about 30 - 40G of storage space just to be safe
  • github
  • current slides

pre reqs and terraform demo* (will do)

• pre reqs
  • Virtualbox
  • vagrant -  https://www.vagrantup.com/downloads.html
  • terraform - https://terraform.io/downloads.html
  • computer :)
    • probably about 10 - 20G of storage space just to be safe
  • hypervisor
    • openstack (tested with devstack)
    • vSphere
  • github