The Keystone Homelab Enterprise Project is a full spectrum security lab designed to simulate real world enterprise environments.
It bridges Red Team tactics and SOC level defense, allowing hands on exploration of attack simulation, reconnaissance, credential testing, phishing awareness, and defensive monitoring all in a controlled, ethical environment.
This lab was built with the goal of practical security learning and professional portfolio development, without targeting any live systems.
- Kali Linux : Penetration testing, OSINT, password testing
- Evil-WinRM : Post-authentication Windows simulation and privilege escalation
- LLM-Assisted Phishing Toolkit : Ethical phishing simulation using AI-generated content
- Wazuh / Security Monitoring Stack : Log collection, SIEM, and endpoint monitoring
- Hydra / GOAT Password Libraries : Password exposure awareness
- Understand attacker behavior and reconnaissance techniques
- Identify security gaps and practice ethical attack simulation
- Simulate credential exposure and social engineering risks
- Observe initial access and post-compromise movement in Windows targets
- Reinforce defensive controls like endpoint monitoring, privilege management, and detection telemetry
The project is structured into multiple stages, each documented in detail:
| Stage | Focus | Documentation |
|---|---|---|
| 1 | Infrastructure Setup | Stage1 : Infrastructure |
| 2 | Identity & Access Management | Stage2 : Identity. |
| 3 | Attack Surface Mapping | Stage3 : AttackSurface |
| 4 | OSINT & Reconnaissance | Stage4 : OSINT |
| 5 | Credential Exposure Testing | Stage5 : Credentials |
| 6 | Phishing Simulation | Stage6 : XDR & Wazuh |
| 7 | Initial Access Simulation | Stage7 : Initial Access |
| 8 | Reconnaissance & Post-Compromise Analysis | Stage8 : Reconnaissance |
- Reconnaissance is critical : most attacks are won or lost before malware is deployed
- Credential security remains a top enterprise risk, reinforcing strong password policies and monitoring
- Ethical phishing demonstrates the importance of user awareness in enterprise defense
- Post compromise simulations highlight the value of endpoint telemetry, detection, and privilege control
All simulations were conducted in a controlled lab environment.
No live or unauthorized systems were targeted.
This project is intended for educational and portfolio purposes only.