Attack range local using vmware?

[dagar741]

This blog post https://www.splunk.com/en_us/blog/security/attack-range-v3-0.html talks about using vmware fusion (and I would assume vmware workstation as well), but I do not see anywhere on how to do that. Anyone know if this can be done?

[riccardosl]

This blog post https://www.splunk.com/en_us/blog/security/attack-range-v3-0.html talks about using vmware fusion (and I would assume vmware workstation as well), but I do not see anywhere on how to do that. Anyone know if this can be done?

I believe you just need to run the installation script in a Windows or Linux VM in your workstation

[P4T12ICK]

We still need to update and test it. We would need to update the Vagrantfiles and add VMWare Fusion as provider.

[splunk-james]

I am working on this in my spare time for fusion initially (don't have anywhere to run workstation), will publish some docs as soon as I can get it going. Essentially I am planning on using the VMware Vagrant provider (https://developer.hashicorp.com/vagrant/docs/providers/vmware) which is a drop in replacement for VirtualBox besides some additional VagrantFile configuration options.

[nterl0k]

@splunk-james A reup to an old issue... I've been fiddling with this in my spare time. I have a few boxes on vagrant cloud hosted for vmware... If one of the project owners wants to co-admin the organization, i'm happy to allow access. @josehelps has access already.

https://app.vagrantup.com/splunk_attack_range

I've got a few things in my fork I need to submit for PR to make it all work though. https://github.com/splunk/attack_range/compare/develop...nterl0k:attack_range:nterl0k-vmware-desktop_2023

I can get the initial start of the local build going, but since my lab is windows host/vmware hypervisor configuration, ansible doesn't really play correctly with the followup configuration. Anyone on a Linux/VMWare that could test / tune should be able to validate what i've done so far.