Test Environment Builder
CommunityBuild secure adversary emulation labs.
Software Engineering#security#SIEM#detection engineering#adversary emulation#lab environment#attack range
AuthorMHaggis
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps you build and manage adversary emulation lab environments tailored to your specific SIEM, ensuring your security detections are tested against realistic telemetry.
Core Features & Use Cases
- SIEM-Agnostic Lab Building: Supports Splunk, Elastic Security, Microsoft Sentinel, and generic Docker setups.
- Data Source Mapping: Guides you in identifying and configuring the infrastructure needed to generate specific log sources required by your detections.
- Workflow Automation: Provides step-by-step guidance for configuring and deploying lab environments using tools like Terraform, Ansible, and Docker Compose.
- Use Case: You need to test a new Splunk detection rule that relies on Sysmon process creation events. This skill will guide you through configuring Attack Range to include a Windows server with Sysmon installed and the necessary Splunk forwarder.
Quick Start
Use the Test Environment Builder skill to set up a Splunk Attack Range environment with one Windows server and Sysmon enabled.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: Test Environment Builder Download link: https://github.com/MHaggis/Security-Detections-MCP/archive/main.zip#test-environment-builder Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.