Post

Security Lab Tool Install Part 2

Setting up security lab with all the tools part 2

Posted
By Steve Bentley
1 min read
Security Lab Tool Install Part 2

In part 1 we installed Elastic, OpenCTI, and MISP. Now we are going to take a look at Velociraptor, Shuffle, and Gitlab.

Velocirpator

For endpoint forensics and hunting, I’ll install Velociraptor. The server will sit on its own VM, and later I’ll deploy agents across my test endpoints to simulate a real enterprise environment. Here is the official documentation.

Shuffle

Shuffle will help me automate response and enrichment workflows. Since it’s Docker-based, the installation should be straightforward. I’ll cover how I deploy it, then hook it into my detection pipeline later. Here is the official documentation.

1
2
3

git clone https://github.com/shuffle/Shuffle
cd Shuffle
docker-compose up -d

Gitlab

To keep everything version-controlled, I’ll run GitLab for managing my detection rules and automation pipelines. I’ll start with the Omnibus package on Ubuntu. Here is the official documentation.

Conclusion

This one is a short one, but the install guides are pretty self-explanatory.

Homelab, Setup
homelab setup Detection Engineering elastic misp opencti velociraptor shuffle gitlab openvas
This post is licensed under CC BY 4.0 by the author.