Skip to main content
The R3dCorner

Intro To The Infrastructure

This blog is going to go through my journey of setting up my lab for deploying red team infrastructure. It’s going to consist of building out the infrastructure in a development/staging environment, setting up our pipelines for building our C2s for easy deployment, creating a production-like environment, and finally deploying our redirectors in a cloud-based infrastructure that can reverse proxy to our internally-held C2s.

There are a lot of infrastructure deployments that I have seen that are mostly being deployed solely to the cloud, but the idea of this infrastructure is to contain as much as possible internally. This will help protect a lot of the infrastructure from blue team discovery except the external redirectors and the webpages they are displaying, and most importantly would be keeping any client data out of the cloud and into an infrastructure completely controlled by us.

Below is a basic network diagram of the layout of the infrastructure to be built.


flowchart TB;

opnet[Operator VLAN];

mannet[Management VLAN];

webnet[Public Web VLAN];

labnet[Lab VLAN];

WAN[WAN];

inet((internet));

VPS[(Cloud VPS)];

  

opnet --tcp/22--> mannet;

opnet --proxyserver/443--> labnet;

opnet --gitea/22-->labnet;

mannet--tcp/22-->labnet;

mannet---tcp/22---webnet;

  
  

webnet--->WAN;

opnet---->WAN;

labnet--->WAN;

WAN------>inet;

inet--tailscale-->WAN;

WAN--tailscale-->webnet;

VPS---tailscale-------->inet;

Part of this will be deploying an internal Gitea, but just to help anyone following along, I will also be publishing a lot of the IaC to a public GitHub.

The upcoming entry will be setting up a jumphost in management vlan the with all our basic utilities for managing our infrastructure.

I then want to follow it up with a crash course in Ansible since we will be installing Docker on a lot of machines, and this will go over a basic setup script and some basic maintenance scripts, like a script for OS updates and drive expansion.

Eventually, I will be deploying a single-master Kubernetes infrastructure in our lab staging VLAN and using Gitea to maintain the deployed applications with Flux. This will lead to building pipelines to deploy Sliver, Havoc, and Adaptix C2s.

Well, that’s a summary and an overview of what to expect in the future. Look for the posts below:

2025

Helm Part II: Building our Nginx deployment
·1080 words·6 mins
Helm Part I: Building our test deployment
·1453 words·7 mins
Building With Actions
·2085 words·10 mins
Setting up FluxCD and K8s Infrastructure Part II
·1413 words·7 mins
Setting up FluxCD and K8s Infrastructure Part I
·2326 words·11 mins
Setting Up Our First Kubernetes Cluster
·926 words·5 mins
Setting Up Gitea Part2
·921 words·5 mins
Setting Up Gitea Part1
·761 words·4 mins
Setting Up An Identity Manager
·544 words·3 mins
Reverse Proxy Setup
·545 words·3 mins
Internal DNS Setup
·402 words·2 mins
Intro To Ansible
·649 words·4 mins
Setting Up Our Jumphost and Dev Box
·658 words·4 mins