Organizing Sponsor

logo-BasisTech_green-2-01

LaboratoryX Data Generation Project

Brian Tucker
Champlain College

Adam Ferrante
Champlain College

Workshop

LaboratoryX is a simulated enterprise with a diverse environment that was created to generate datasets for DFIR practitioners. LabX has been segmented to contain multiple zones, including several business units (development, human resources, IT, and management), and DMZ for public services.
The goal of this presentation is to present and publicly release this dataset, explain the different systems, forensics artifacts that were generated, and attacks that were executed to compromise LabX. All steps during data generation recorded both the time and action that occurred. After LabX was fully compromised, memory dumps and full disk images were collected as forensic evidence to be used for investigation. The main difference between LabX Data Generation Project and others is all of the user actions, daily business processes, and attacks that were used are thoroughly documented.
Please check the network diagram URL found below to fully understand LabX’s network environment and why this dataset is unique.

What to bring:

  • Multicore machines with 8GB+ of RAM
  • At least 60GB of spare storage space that can be used to store evidence files.
About Brian Tucker

Brian Tucker is a fourth-year Computer Networking and Cybersecurity student at Champlain College who aims to pursue a career in Red Teaming. He enjoys deploys networks in his home and breaking them to the point of no return, and researching more exciting ways to break them the next time around.

About Adam Ferrante

Adam Ferrante is a senior Computer and Digital Forensics student at Champlain College who will be pursuing a career in Incident Response. Adam just completed a Consulting Internship at Mandiant. He is the President of the Champlain College Digital Forensics Association, and enjoys contributing to projects related to DFIR including an open-source Mac forensics tool (mac_apt), and @DFIRNews.