Perp

TR Number

Date

2025-05-04

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Perp is a red/blue (purple) team operation simulator allowing your team to work against others to attack, defend, and maintain access to machines on a network. Access to machines is verified by submitting randomly generated flags to the centralized scoreboard which refresh every 10 minutes. The entire network is run off of a docker compose file, with each individual machine as separate dockerfiles, allowing extremely quick up or down scaling. It is easy to use, quick to set up, extremely cheap to operate, and more reliable than 6-7 figure commercial solutions.

Description

https://github.com/Q4ZWSX/Perp The product uses a docker compose file to create the framework for the network, including setting ips/subnets, setting environment variables for initial access passwords, and populating team networks. Each machine, in this proof of concept 4, has their own Dockerfile and other associated files in a separate folder. For this project flask was used for the websites for ease of deployment and some other open source packages, like ftp, were also added. The scoreboard, which operates off a Dockerfile as well, utilizes a sql database to store valid flags and teams, which is populated by the ansible script and organizer respectively. Finally, the jumpbox, again running off a Dockerfile, utilizes OpenVPN to create a client VPN file which allows teams to access the network. This currently maxes at 255 active connections, but this can be easily expanded by editing the Dockerfile to create additional client files.

Keywords

Citation