Cyber Security Laboratory
(NL101)
  • Penetration Testing: Red Team conducts ethical hacking exercises to identify vulnerabilities and exploit weaknesses in the network.
  • Vulnerability assessment: blue  team performs regular vulnerability assessments to proactively identify and mitigate potential security risks.
  • Network hardening: blue team focuses on securing systems by implementing security best practices, applying patches, and configuring secure settings.
  • Incident response simulation: both teams engage in simulated cyberattacks and practice coordinated incident response procedures.
  • Social engineering: red team explores and tests social engineering techniques, while blue team implements countermeasures to mitigate such threats
  • Forensic Analysis: Both teams learn and practice digital forensic techniques to investigate security incidents and gather evidence.
  • Web Application Security: Red Team evaluates and exploits web application vulnerabilities, while Blue Team secures and monitors web applications.
  • Security Awareness Training: Both teams participate in creating and delivering security awareness training for end-users.
  • Red Team vs. Blue Team Exercises: Regular scenarios where the Red Team tries to compromise systems, and the Blue Team defends and mitigates the attacks, fostering a continuous improvement cycle
  • Ethical Hacking and Penetration Testing.
  • Vulnerability assessment & management.
  • Network Defense Strategies.
  • Incident Response and Forensics.
  • Wireless Security.
  • Security Awareness and Training.
  • Web Application Security.
  • Social Engineering
  • Security Policy Development and Enforcement.
  • Legal and Ethical Considerations in Cybersecurity
  • Red Team Tools:
    • Metasploit Framework:
      • Purpose: Penetration testing framework that provides exploits, payloads, and auxiliary modules for various security testing tasks.
    • Nmap:
      • Purpose: Network scanning tool used for discovering hosts and services on a computer network, creating a map of the network.
    • Burp Suite:
      • Purpose: Web application security testing tool, used for scanning, crawling, and analyzing the security of web applications.
    • OWASP ZAP (Zed Attack Proxy):
      • Purpose: Open-source security testing tool for finding vulnerabilities in web applications during development and testing.
    • Wireshark:
      • Purpose: Network protocol analyzer, useful for troubleshooting, analysis, software and communication protocol development, and education.
    • Hashcat:
      • Purpose: Advanced password recovery tool for cracking password hashes using various attack methods.
    • John the Ripper:
      • Purpose: Password cracking tool that supports a variety of password hash algorithms.
    • Aircrack-ng:
      • Purpose: A suite of tools for assessing Wi-Fi network security, including packet capture and password cracking.
    • SQLMap:
      • Purpose: Automated SQL injection and database takeover tool.
    • Cobalt Strike:
      • Purpose: Adversary simulation tool designed to execute targeted attacks and emulate advanced persistent threats.
  • Blue Team Tools:
    • Snort:
      • Purpose: Open-source intrusion prevention system (IPS) and network intrusion detection system (NIDS).
    • Wireshark:
      • Purpose: Also used by Blue Team for packet analysis, monitoring network traffic for signs of malicious activity.
    • OSSEC:
      • Purpose: Open-source host-based intrusion detection system (HIDS), providing log analysis, intrusion detection, vulnerability detection, and more.
    • Suricata:
      • Purpose: Open-source IDS/IPS engine that is designed to be fast and efficient.
    • YARA:
      • Purpose: Pattern-matching tool for identifying and classifying malware, used in incident response.
    • Wazuh:
      • Purpose: Security information and event management (SIEM) tool, built on the ELK Stack, with intrusion detection capabilities.
    • Sysmon:
      • Purpose: System monitoring service for Windows, providing detailed information about process creations, network connections, and changes to file creation time.
    • OpenVAS (Open Vulnerability  Assessment System):
      • Purpose: Open-source vulnerability scanner for detecting and assessing network vulnerabilities.
    •  MISP (Malware Information Sharing Platform & Threat Sharing):
      • Purpose: Threat intelligence platform designed to improve the sharing of structured threat information.
  • Network Equipment
    • 1x Cisco ISR 4000 Series Router
    • 1x Rack 27U
    • 2x Cisco 1000 Series or 9000 Series Switch
    • 2x Cisco ASA 5500 Series Firewall
    • 1x Dell/HPE Powerful Server for Virtualization & Laboratory Control with 24’ Monitor
    • 2x Patch Panel With labels
    • 1x UPS
  • Physical Security Equipment
    • 3 Types of Cameras (Network, Indoor BNC, Outdoor BNC)
    • Fingerprint/RDI Card reader with door or window lock (Access Control).
    • DVR/NVR
    • Monitoring TV
    • POE Network Switch
    • PC Desktop for monitoring and Management
  • Industrial Security Trainer
    • PLC
    • Industrial Pump
    • Two Tanks
    • Level Sensor
    • Pressure sensor
    • PC Desktop for Monitoring & Control
    • Simulation Software
  • Medical Security Trainer
    • Medical Prop
    • Vulnerable Hospital ERP System
    • PC Desktop for Database Server
  • Cybersecurity lab Security (NL101) .
  • Flash Drive contain the required software & Virtual labs .
  • Digital Content (BI-01).
  • Workstations (not included).

The Cybersecurity Laboratory, developed by BEDO, is an advanced facility tailored for IT universities to provide hands-on training in cybersecurity practices. The lab is structured to accommodate 40 workstations, divided into two distinct groups: the Red Team for penetration testing and the Blue Team for defense strategies. This innovative learning environment aims to prepare students for real-world cybersecurity challenges by offering a comprehensive set of tools and scenarios.

  • Workstations: the lab features 40 workstations, grouped into two specialized teams (red team and blue team), each equipped with the necessary tools for their respective roles.This kit helps students to deal with real world equipment.
  • Network segmentation: a segmented network architecture separates the red team and blue team environments to simulate real-world scenarios and enhance security awareness.
  • Security tools: both teams have access to a wide array of cybersecurity tools, including vulnerability scanners, penetration testing frameworks, intrusion detection systems, and forensic analysis tools.
  • Simulated environments: virtualized environments are integrated to simulate diverse network architectures, allowing students to practice in scenarios ranging from small business networks to large.
  • Logging and monitoring: robust logging and monitoring solutions are in place to capture and analyze network activities, aiding in threat detection and incident response.
  • Incident response: the lab includes tools and simulations for practicing incident response procedures, including identifying, containing, eradicating, recovering from, and lessons learned from security incidents.
  • Secure wi-fi network: the lab includes a secure wi-fi network, allowing students to explore wireless security concepts, such as wpa3 encryption and wireless intrusion detection.Team evaluates and exploits web application vulnerabilities, while blue team secures and monitors web applications.
  • Redundancy and backup systems: to enhance resilience and recovery, the lab incorporates redundant systems and regular backups of configurations and critical data.
  • Firewall and ids/ips: each team has the opportunity to configure and manage firewalls and intrusion detection/prevention systems to understand network defense mechanisms.
  • Legal and ethical considerations: the curriculum emphasizes the importance of legal and ethical considerations in cybersecurity practices, ensuring responsible use of tools and adherence to regulations.
  • Workstations (not included)
    • 40x workstation suitable for the virtualization environments
    • Processor: intel xeon
    • RAM: at least 32gb
    • SSD: 240gb
    • HDD: 1tb
    • VGA: nvidia quadro series or nvidia GTX/ RTX serie enterprises.