I'm thrilled to share a recent project where I set up a Cloud Red Team/Blue Team Cybersecurity Home Lab using AWS! This hands-on venture gave me the opportunity to dive into different areas of cybersecurity, ranging from infrastructure setup to implementing industry-standard security tools.

Here’s a quick rundown of the project:

Infrastructure: I designed a secure, isolated network within an AWS Virtual Private Cloud (VPC). Inside this VPC, I launched three virtual machines (EC2 instances): an Ubuntu-based security tool server, a Kali Linux attacker machine, and a Windows 10 workstation. These machines were configured with a public subnet and connected via an internet gateway.

Technologies and Skills: Through this project, I gained hands-on experience with several core technologies, including cloud services (AWS EC2, VPC, Security Groups, IAM), virtualization, operating systems (Ubuntu, Kali Linux, Windows 10), networking (VPC, subnets, routing, firewalls), and remote access protocols (RDP, SSH).

Security Tools: I installed and configured Splunk Enterprise on the Ubuntu security tool server, along with a Splunk Universal Forwarder on the Windows 10 workstation to collect and transmit security logs. I also implemented Tenable Nessus for vulnerability scanning.

This setup supports:

Red Team Activities: The Kali Linux machine serves as a platform for simulating various attack scenarios, offering a hands-on environment to learn and practice offensive security methods.

Blue Team Activities: Splunk is used for log analysis and detecting suspicious behavior, while Tenable Nessus helps with identifying system vulnerabilities.

This project has greatly enhanced my understanding of cloud computing, virtualization, and networking. I'm eager to continue expanding this foundation and delve deeper into advanced security concepts.