A Docker-based network security simulation environment that includes ELK stack for log analysis and attack simulation environment.
- Docker
- Docker Compose
- Python 3.8+
- Make
- Elasticsearch: 9.0.0
- Logstash: 9.0.0
- Kibana: 9.0.0
- Nginx: latest
- Httpd: latest
- Kali Linux: latest
- noVNC: Web-based VNC client
- Xrdp: Remote Desktop Protocol
- X11: X Window System
- Clone the repository:
git clone https://github.com/guan4tou2/Lnadlse
cd Lnadlse- Install ELK environment:
cd ELK
python make.py install- Install simulation environment:
cd Machines
python make.py installDuring installation, you need to select what to build:
- 1: Build target machines only (Targeted)
- 2: Build attacker machines only (Attacker)
- 3: Build default machines (Nginx + noVNC Kali)
- 4: Build all machines
Then select specific machine types to build.
- Install Python dependencies:
cd Web
pip install -r requirements.txt- Start the Web interface:
cd Web
python app.py- Access the Web interface:
- Open your browser and visit
http://localhost:5000
- Usage Guide:
- Click "Start ELK Stack" to start the ELK environment
- Select target machine type (Nginx/Httpd) and attacker machine type (Kali)
- Click "Start Simulation" to start the simulation environment
- Use "Stop Simulation" to stop the simulation environment
- Use "Stop ELK" to stop the ELK environment
- Elasticsearch: For storing and retrieving log data
- Logstash: For log collection and processing
- Kibana: For log visualization and analysis
- Target Machines:
- Nginx: Web server
- Httpd: Web server
- Attacker Machines:
- Kali Linux: Penetration testing system
- Multiple remote access methods supported (noVNC/Xrdp/X11)
In the Machines directory, you can use the following commands to manage the simulation environment:
# Start all containers
python make.py start
# Stop all containers
python make.py stop
# Remove all containers and volumes
python make.py remove- First-time ELK environment startup may take a while, please be patient
- Ensure your system has enough memory to run the ELK environment (recommended at least 4GB)
- If you encounter permission issues, make sure the Docker service is running
- When stopping services, use the corresponding stop buttons to avoid directly closing containers
- When installing the simulation environment, ensure all required Docker images are built
-
If the ELK environment fails to start:
- Check if your system has enough memory
- Verify that the Docker service is running properly
- Check Docker logs for detailed information
-
If the simulation environment fails to start:
- Ensure the ELK environment is running properly
- Check Docker network configuration
- Verify that all required Docker images are built correctly
- Check container logs for detailed information
Issues and Pull Requests are welcome to help improve the project.
[Add license information]