Vagrant.configure("2") do |config| config.vm.synced_folder '../Vagrant', '/vagrant' config.vagrant.plugins = "vagrant-reload" # Set up the Hyper-V switch config.trigger.before :up do |trigger| trigger.info = "Creating 'NATSwitch' Hyper-V switch if it does not exist..." trigger.run = {privileged: "true", powershell_elevated_interactive: "true", path: "./hyperv-create-nat-switch.ps1"} end config.vm.define "logger" do |cfg| cfg.vm.box = "bento/ubuntu-18.04" cfg.vm.hostname = "logger" cfg.vm.boot_timeout = 600 cfg.vm.provision :shell, path: "fix-eth0-static-ip.sh" cfg.vm.provision "reload" cfg.vm.provision :shell, path: "check-eth0-ip.sh" cfg.vm.provision :shell, path: "../Vagrant/logger_bootstrap.sh" cfg.vm.provision :shell, path: "reset-static-ip.sh" cfg.vm.provision :shell, path: "fix-motd.sh" # Change the switch to the NATSwitch cfg.trigger.before :reload do |trigger| trigger.info = "Setting Hyper-V switch to 'NATSwitch' to allow for static IP..." trigger.run = { privileged: "true", powershell_elevated_interactive: "true", path: "./hyperv-change-switch.ps1" , args: "-vmname logger" } end cfg.vm.provider "hyperv" do |h, override| h.vmname = "logger" h.memory = 4096 h.cpus = 2 h.ip_address_timeout = 60 end end config.vm.define "dc" do |cfg| cfg.vm.box = "man715/Windows2016" cfg.vm.hostname = "dc" cfg.vm.boot_timeout = 600 cfg.winrm.transport = :plaintext cfg.vm.communicator = "winrm" cfg.winrm.basic_auth_only = true cfg.winrm.timeout = 300 cfg.winrm.retry_limit = 20 # Create a new network adapter on the NATSwitch cfg.trigger.before :reload do |trigger| trigger.info = "Setting Hyper-V switch to 'NATSwitch' to allow for static IP..." trigger.run = { privileged: "true", powershell_elevated_interactive: "true", path: "./hyperv-set-switch.ps1", args: "-vmname dc.windomain.local" } end # Remove the network adapter that was used to set up the box cfg.trigger.after :up do |trigger| trigger.info = "Removing the maintenance ethernet adapter" trigger.run = { privileged: "true", powershell_elevated_interactive: "true", path: "./hyperv-remove-networkadapter.ps1", args: "-vmname dc.windomain.local" } end cfg.vm.provision "reload" cfg.vm.provision "shell", path: "hyperv-set-static-ip.ps1", privileged: true, args: "-ip 192.168.38.102 -dns 8.8.8.8" cfg.vm.provision "shell", path: "../Vagrant/scripts/provision.ps1", privileged: true cfg.vm.provision "reload" cfg.vm.provision "shell", path: "../Vagrant/scripts/provision.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/download_palantir_wef.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-utilities.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-redteam.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-choco-extras.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-osquery.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-sysinternals.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-velociraptor.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/configure-ou.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/configure-wef-gpo.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/configure-powershelllogging.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/configure-AuditingPolicyGPOs.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/configure-rdp-user-gpo.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/configure-disable-windows-defender-gpo.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-autorunstowineventlog.ps1", privileged: true cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: true cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: true cfg.vm.provision "shell", inline: 'cscript c:\windows\system32\slmgr.vbs /dlv', privileged: true cfg.vm.provider "hyperv" do |h, override| h.vmname = "dc.windomain.local" h.memory = 4096 h.cpus = 2 h.ip_address_timeout = 600 end end config.vm.define "wef" do |cfg| cfg.vm.box = "man715/Windows2016" cfg.vm.hostname = "wef" cfg.vm.boot_timeout = 600 cfg.vm.communicator = "winrm" cfg.winrm.basic_auth_only = true cfg.winrm.timeout = 300 cfg.winrm.retry_limit = 20 # Create a new network adapter on the NATSwitch cfg.trigger.before :reload do |trigger| trigger.info = "Setting Hyper-V switch to 'NATSwitch' to allow for static IP..." trigger.run = { privileged: "true", powershell_elevated_interactive: "true", path: "./hyperv-set-switch.ps1", args: "-vmname wef.windomain.local" } end # Remove the network adapter that was used to set up the box cfg.trigger.after :up do |trigger| trigger.info = "Removing the maintenance ethernet adapter" trigger.run = { privileged: "true", powershell_elevated_interactive: "true", path: "./hyperv-remove-networkadapter.ps1", args: "-vmname wef.windomain.local" } end cfg.vm.provision "reload" cfg.vm.provision "shell", path: "hyperv-set-static-ip.ps1", privileged: true, args: "-ip 192.168.38.103 -dns 8.8.8.8" cfg.vm.provision "shell", path: "../Vagrant/scripts/provision.ps1", privileged: true cfg.vm.provision "reload" cfg.vm.provision "shell", path: "../Vagrant/scripts/provision.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/download_palantir_wef.ps1", privileged: true cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-wefsubscriptions.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-splunkuf.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-windows_ta.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-utilities.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-redteam.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-choco-extras.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-osquery.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-sysinternals.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-velociraptor.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/configure-pslogstranscriptsshare.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-autorunstowineventlog.ps1", privileged: true cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-microsoft-ata.ps1", privileged: true cfg.vm.provision "shell", inline: 'cscript c:\windows\system32\slmgr.vbs /dlv', privileged: true cfg.vm.provider "hyperv" do |h, override| h.vmname = "wef.windomain.local" h.memory = 4096 h.cpus = 2 h.ip_address_timeout = 600 end end config.vm.define "win10" do |cfg| cfg.vm.box = "man715/Windows10" cfg.vm.hostname = "win10" cfg.vm.boot_timeout = 600 cfg.vm.communicator = "winrm" cfg.winrm.basic_auth_only = true cfg.winrm.timeout = 300 cfg.winrm.retry_limit = 20 # Create a new network adapter on the NATSwitch cfg.trigger.before :reload do |trigger| trigger.info = "Setting Hyper-V switch to 'NATSwitch' to allow for static IP..." trigger.run = { privileged: "true", powershell_elevated_interactive: "true", path: "./hyperv-set-switch.ps1", args: "-vmname win10.windomain.local" } end # Remove the network adapter that was used to set up the box cfg.trigger.after :up do |trigger| trigger.info = "Removing the maintenance ethernet adapter" trigger.run = { privileged: "true", powershell_elevated_interactive: "true", path: "./hyperv-remove-networkadapter.ps1", args: "-vmname win10.windomain.local" } end cfg.vm.provision "reload" cfg.vm.provision "shell", path: "hyperv-set-static-ip.ps1", privileged: true, args: "-ip 192.168.38.104 -dns 8.8.8.8" cfg.vm.provision "shell", path: "../Vagrant/scripts/MakeWindows10GreatAgain.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/provision.ps1", privileged: true cfg.vm.provision "reload" cfg.vm.provision "shell", path: "../Vagrant/scripts/provision.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/download_palantir_wef.ps1", privileged: true cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-utilities.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-redteam.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-choco-extras.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-osquery.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-sysinternals.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-velociraptor.ps1", privileged: true cfg.vm.provision "shell", path: "../Vagrant/scripts/install-autorunstowineventlog.ps1", privileged: true cfg.vm.provision "shell", inline: 'cscript c:\windows\system32\slmgr.vbs /dlv', privileged: true cfg.vm.provider "hyperv" do |h, override| h.vmname = "win10.windomain.local" h.memory = 4096 h.cpus = 2 h.ip_address_timeout = 600 end end end