CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
SpiderLabs Blog

Welcome to the Spider’s Lair

"Will you step into my parlor?" said the spider to the fly;
"'Tis the prettiest little parlor that ever you did spy.
The way into my parlor is up a winding stair,
And I have many pretty things to show when you are there."

-by Mary Howitt (1799-1888)

12580_efacff56-b1db-4ad0-86d6-9065fc762fe1

Imagine given an opportunity to take an average normal everyday lab, and transform it into what Hollywood has led the general pubic to believe is the norm. Movies like Hackers, The Matrix, and even Johnny Mnemonic was the basis for SpiderLabs' Razor/Blade lab transformation.

 

The Razor/Blade lab was only a year old when this project was started in December 2012 as SpiderLabs' just moved into the new office space the end of December 2011. It took 6 months to complete this project as various items, or "ingredients", needed to be purchased, shipped, and put together.

Ingredients:
Paint
LCD Monitors
Keyboard
Decorative Sheet Metal
Tubular Crin
Needle & Thread
Wall mount Articulating Arm Brackets for LCD Monitors

Neon Dry Erase Markers
Black Light Reflective Ink
Black Light Gaffer Tape
Black Lights
Color Changing LEDs from IKEA

Before project start…

8995_4502e164-a92e-42fb-9592-bfe76f658a23

Workbench with shelves.

11613_c1bb0627-8141-434d-bcb2-3c365ea00a4e

Wall between bench and closet.

8302_21ab09d2-5c6f-4670-9d10-fd4c4a088893

Back wall and rack.

11535_bde90406-06ad-4f5c-bceb-368ce2174e37

Dry erase wall.

9829_6e073d3e-8dd0-4819-92f3-e07325c7373f

The side wall next to the work bench had everything removed from the wall, holes patched, and repainted a darker blue to create a blank canvas.

12644_f24c8ea0-d359-4dde-b6e0-5cdb78568dd6

The short wall next to the rack was also painted a darker gray than the original for additional contrast.

10128_7b2605c7-3330-449e-b70f-fa95470c48ed

The workbench area had color changing LED lights from IKEA added under the shelves to add light once the room was darkened. Decorative baskets were added to clean up the bottom shelf.

9653_652805c4-15a5-4d46-b83f-152448a6659f

Opticz UV Black light Reactive Blue Invisible Ink was used on the dark wall. This was hand painted on with the help of a LCD projector to trace the design. A foam brush was used as the ink has the consistency of water. And a little went a long way. We'll be ableto have raves in the lab for years to come.

11140_aabd9e7a-6b4c-4403-ba33-c86cbece6980

Three LCD monitors were mounted on the shorter wall by the rack with wall mount articulating arm brackets.

9061_488bd83a-b66c-4632-9699-760622b78ea3

Black light reflective gaffer's tape was used to create a spider's web on the back wall behind the rack.

As Johnny Mnemonic and Tetsuo were called out explicitly for design inspiration, tubularcrin, which is generally used to create cyberlock hair pieces, was used.

12709_f4f5bce8-1047-403d-9f80-9323b39fc260

Once more the gaffer's tape was used to make the monitors" pop" off the wall.12178_ddb2ec57-2674-4cd1-9862-95a84a57125e

Then, the ordinary lights were removed, and replaced with black lights.

11522_bd4fe850-ba6b-47a0-a0f9-0e11d49b14af

What was subtle with normal light, is amazing with black light.

9175_4d55b2a7-a76c-4510-b3b0-4dc0ec64543f

LCD wall with black light.

10370_85b5f312-09f3-4d82-b3a4-cb303ae411ec

Rack and back wall with black light. At some point in the future, a second rack will be added to the back wall area and the network equipment moved off the top shelf over the workbench.

9271_51551d4f-9ff2-4551-8fe7-4c59bf503f26

An old unused desktop was setup to play The Matrix, Hackers, and Johnny Mnemonic on a loop on the top monitor.

10749_977f2604-d3d6-4de6-af82-42bafb26410d

Additional tubular crin was added to the monitors and taken up to the rack.

12902_ff0eb886-6a16-4dcf-9bf3-a6ca96d408d7

Moreover, a keyboard tray was made from particle board, painted black, and gaffer's tape added to the trim. Then it was mounted onto the wall with an articulating arm bracket.

10105_7ad2101a-d8d4-4ada-9eae-45bb1e84e0e3

The arm is tilted downwards to simulate the keyboard being up on legs. Velcro was used to mount it directly to the tray so it won't fall off.

10710_95c46de3-eb3b-4619-9c53-1df794c2d0ed

12845_fc09e58d-0c8e-49ef-aa47-5c5a835efb82

Additional gaffer tape was run along the overhead wiring rack.

10567_8fb3e39c-482f-4d39-9ad3-c07a1f07b149

Two clamp-on lights were attached to the wiring rack to provide actual light as needed in the lab.

12386_e81e2eda-5560-4fae-bc9f-21d28f1abc5c

10100_7aab13cb-065f-47df-9c63-8708bfa55966

LCD wall finished with black light.

10706_959d312a-f4a2-4511-8862-868d3806a554

9247_4ffe08bf-f819-4a2f-ab93-a52540326278

And what fun would a dry erase wall be without neon dry erase markers to draw on it?

11576_bfdd835f-c8c4-4bd9-9713-ee40b0c18304

10285_81a0b9a4-af94-45fb-bd6d-49d11e5b933f

8705_35e0dfe8-4969-48f6-9c49-24efd6a069c7

[Disclaimer: This is probably the cleanest work lab ever seen due to pictures being taken for this blogpost. Please don't expect to ever visit it and have it look this organized again.]

Latest SpiderLabs Blogs

EDR – The Multi-Tool of Security Defenses

This is Part 8 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The full series can be found here.

Read More

The Invisible Battleground: Essentials of EASM

Know your enemy – inside and out. External Attack Surface Management tools are an effective way to understand externally facing threats and help plan cyber defenses accordingly. Let’s discuss what...

Read More

Fake Dialog Boxes to Make Malware More Convincing

Let’s explore how SpiderLabs created and incorporated user prompts, specifically Windows dialog boxes into its malware loader to make it more convincing to phishing targets during a Red Team...

Read More