📄️ 📋 Roles Overview
* Apache Guacamole server with automated VM connection creation
📄️ GHOSTS Client
This role installs and configures the GHOSTS user emulation client on a Windows machine
📄️ Microsoft Defender for Endpoint (MDE)
Installs Microsoft Defender for Endpoint (formally Advanced Threat Protection - ATP) on Windows hosts (10/11 and 2016, 2019, 2022)
📄️ AD Groups
Creates a group in AD and optionally populates it with specified users.
📄️ Bulk AD Content
Creates OUs, Users, and Groups on a domain controller from CSV files.
📄️ Google SecOps (Chronicle) Exporter
Installs Google SecOps (Chronicle) Collection agent on Windows hosts (10/11 and 2016, 2019, 2022)
📄️ Guacamole Client
Adds the VM as a client to an existing apache ludus guacamole server
📄️ Guacamole Server
Installs and configures Apache Guacamole.
📄️ Local Users
Creates local users and add them to existing groups on the VM.
📄️ Mythic C2
Installs Mythic on Debian.
📄️ Windows Random Files
This role drops random files onto a Windows host (Desktop and Downloads folder). You must have the anti-sandbox plugin on the server for this to work.
📄️ SMB Share
Sets up an SMB share on Windows 8 / Windows 2012 or newer and optionally mounts the share on clients.
📄️ Sysmon
Installs Sysmon with selected configuration. Included configurations are SwiftOnSecurity sysmon config or olafhartong sysmon-modular config.
📄️ Unconstrained Delegation
This role enables unconstrained delegation for hosts in the domain and reboots them to ensure unconstrained delegation is applied.
📄️ Velociraptor
Installs and configures Velociraptor.
📄️ Windows Wallpaper
This role sets the Windows wallpaper to a supplied files without using GPO
📄️ Zeek Logging Role
Installs and configures Zeek Network Security Monitor on Debian 12 using Docker containers. It's specifically designed for Ludus ranges to provide network traffic monitoring and analysis capabilities with optional Elastic Stack integration.