cyberblu3s/CyberBlue — reverse-engineered prompt

Build me an open source CyberBlue style blue team training lab for cybersecurity students. I want it to run locally with Docker Compose and feel like a one command install, with a clean dark web portal that links into all the tools and explains the default logins clearly.

The goal is an educational SOC sandbox, not something for real company data. Include strong warnings about that. It should bring together common tools for SIEM, forensics, threat intel, automation, network analysis, and container management, like Wazuh, Suricata, EveBox, Velociraptor, Arkime, MISP, Shuffle, TheHive, Cortex, CyberChef, Portainer, FleetDM, and Caldera.

Please add sample data where practical, simple setup scripts, automatic network detection, basic SSL handling, and troubleshooting scripts for common install problems. The portal should also have areas for agent deployment, threat intel search, feed updates, and quick links to docs. Make the README and quick start guide friendly enough for students to get running in under an hour. Look up current docs online if you need to.