Setting Up Labs
VM Settings prerequisites
gpedit
First do ‘Win + R’ and type
gpedit.msc
But we get this error,
Run Powershell as administrator.
So, do these two cmd one-by-one,
Type
gpeditin powershell.Now go
Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus
Turn off Microsoft Defender.
Set that to ‘Enabled’. Then Apply > OK.
Now in
Microsoft Defender Antivirus > Real-time protection. Turn it off.
Set that to ‘Enabled’. Then Apply > OK.
Lastly Restart the VM.
Flare VM
Go to FlareVM .
Open a
PowerShellprompt as administrator.Do
cd C:\Users\miche\Desktop
Download the installation script
[installer.ps1](https://raw.githubusercontent.com/mandiant/flare-vm/main/install.ps1)to your Desktop:(New-Object net.webclient).DownloadFile('https://raw.githubusercontent.com/mandiant/flare-vm/main/install.ps1',"$([Environment]::GetFolderPath("Desktop"))\install.ps1")Unblock the installation script:
Unblock-File .\install.ps1Enable script execution:
Set-ExecutionPolicy Unrestricted -ForceFinally, execute the installer script as follow:
.\install.ps1. But it shows a following error that Defender is not disabled, something we did earlier in gpedit.
To resolve this, move to next section.
disable-defender.ps1
Visit this link and download ‘disable-defender.ps1’ in your VM.
Open a
PowerShellprompt as administrator.Do
cd C:\Users\miche\DesktopRun
.\disable-defender.ps1
Now simply restart the VM
Run
.\install.ps1(the one from flare vm). It takes a lot of time.Type in ‘y’ in option in order to continue.
Then a GUI pop-up shows and we might as well install all the s/w and tools. So to do that press the last button - “
>>”, in order to install all.
FINALLY after so long, this is the end of the installation.
Change Network Adapter option to ‘Host Only’.
Last updated
