Malware is dangerous and is not a toy. Always ensure your environment is fully secured to prevent accidental escape.
This lab project is provided strictly for educational and research purposes within authorized environments (e.g., home labs, classrooms, or licensed training environments).
You must not use any included tools, scripts, or methodologies on any system or network for which you do not have explicit written permission. Unauthorized use is illegal and may be punishable by law. The authors assume no liability for misuse or damage resulting from the use of this material.
This project is licensed under the Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0) license.
🔗 Full License Text
RogueLabs (Dylan Barrett)
🌐 Visit Portfolio
| Component | Description |
|---|---|
| Inet | A controlled "Internet" simulation used to monitor C2 and external behavior |
| pfSense | Firewall/router for monitoring outbound traffic and controlling internet access |
| Windows Flare VMs | Windows VMs configured for static and dynamic malware analysis |
| REMnux | Linux distribution for static analysis of malware artifacts (packers, scripts, etc.) |
| Security Onion | SOC tooling (IDS/ELK/etc.) for network and host monitoring |
| Ubuntu (CapeV2) | Ubuntu VM running Cape (Cape-v2) for automated dynamic analysis |
Note: The "Inet" node represents a controlled/simulated internet environment (for safe C2 testing). The real LAN/Internet should be administratively isolated from the lab by default.
| 📁 Section | 🔎 Description |
|---|---|
| 📐Setup of the Proxmox Malware Lab | Deploy, configure, and initialize the lab in Proxmox VE |
| 🧪 Labs | Analysis notes and write-ups for public malware samples |