trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add ShutUp10, Upgrade Vagrant, Issue 12

Browse Source
This commit is contained in:
Chris Long
2019-02-18 21:47:03 -08:00
parent a110e51856
commit 020af3c936
11 changed files with 168 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
README.md
View File

@@ -1,4 +1,6 @@
# Detection Lab
DetectionLab is tested weekly on Saturdays via a scheduled CircleCI workflow to ensure that builds are passing.
CircleCI: [![CircleCI](https://circleci.com/gh/clong/DetectionLab/tree/master.svg?style=svg)](https://circleci.com/gh/clong/DetectionLab/tree/master)
#### Donate to the project:
@@ -221,7 +223,7 @@ Vagrant has been particularly flaky with VMWare and I encountered many issues wh
$ docker stop $(docker ps -aq)
$ service docker restart
$ cd /home/vagrant/kolide-quickstart
$ docker-compose up -d
$ docker-compose start -d
```
---
@@ -233,8 +235,14 @@ $ docker-compose up -d
---
## Contributing
Please do all of your development in a feature branch on your own fork of detectionlab.
Requests for tools and features will be reviewed on a case by case basis, but I will always accept fixes and improvements.
Please do all of your development in a feature branch on your own fork of DetectionLab.
Contribution guidelines can be found here: [CONTRIBUTING.md](./CONTRIBUTING.md)
## In the Media
* [DetectionLab, Chris Long Pauls Security Weekly #593](https://securityweekly.com/2019/02/08/detectionlab-chris-long-pauls-security-weekly-593/)
* [TaoSecurity - Trying DetectionLab](https://taosecurity.blogspot.com/2019/01/trying-detectionlab.html)
* [Setting up Chris Long's DetectionLab](https://www.psattack.com/articles/20171218/setting-up-chris-longs-detectionlab/)
* [Detection Lab: Visibility & Introspection for Defenders](https://isc.sans.edu/forums/diary/Detection+Lab+Visibility+Introspection+for+Defenders/23135/)
## Credits/Resources
A sizable percentage of this code was borrowed and adapted from [Stefan Scherer](https://twitter.com/stefscherer)'s [packer-windows](https://github.com/StefanScherer/packer-windows) and [adfs2](https://github.com/StefanScherer/adfs2) Github repos. A huge thanks to him for building the foundation that allowed me to design this lab environment.
@@ -257,3 +265,5 @@ A sizable percentage of this code was borrowed and adapted from [Stefan Scherer]
* [Autoruns](https://www.microsoftpressstore.com/articles/article.aspx?p=2762082)
* [TA-microsoft-sysmon](https://github.com/splunk/TA-microsoft-sysmon)
* [SwiftOnSecurity - Sysmon Config](https://github.com/SwiftOnSecurity/sysmon-config)
* [ThreatHunting](https://github.com/olafhartong/ThreatHunting)
* [sysmon-modular](https://github.com/olafhartong/sysmon-modular)