From c630b889616f2ec270ad61f2c8a3cbc9f0e6de98 Mon Sep 17 00:00:00 2001 From: Chris Long Date: Sat, 7 Mar 2020 20:02:25 -0800 Subject: [PATCH 1/3] Removing reference to Invoke-AtomicRedTeam.psm1 Fixes https://github.com/clong/DetectionLab/issues/385 --- Vagrant/scripts/install-redteam.ps1 | 7 ------- 1 file changed, 7 deletions(-) diff --git a/Vagrant/scripts/install-redteam.ps1 b/Vagrant/scripts/install-redteam.ps1 index 37fd7a1..fcd2efe 100644 --- a/Vagrant/scripts/install-redteam.ps1 +++ b/Vagrant/scripts/install-redteam.ps1 @@ -48,11 +48,4 @@ if (-not (Test-Path $atomicRedTeamRepoPath)) { Write-Host "Atomic Red Team was already installed. Moving On." } -Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Configuring Invoke-AtomicTest..." -# Copy over a Powershell profile that includes the Atomic Red Team stuff -Copy-Item "C:\vagrant\resources\windows\Microsoft.PowerShell_profile.ps1" "C:\Windows\System32\WindowsPowerShell\v1.0" -Force -# Install prereqs -Install-PackageProvider -Name NuGet -force -Install-Module -Name powershell-yaml -Force - Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Red Team tooling installation complete!" From 361b9b0b48cec0815a13c7755e4f2be6bbe3a90c Mon Sep 17 00:00:00 2001 From: Chris Long Date: Sat, 7 Mar 2020 23:11:44 -0800 Subject: [PATCH 2/3] Adding exclusion folders to install-redteam.ps1 --- Vagrant/scripts/install-redteam.ps1 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Vagrant/scripts/install-redteam.ps1 b/Vagrant/scripts/install-redteam.ps1 index fcd2efe..1f42a49 100644 --- a/Vagrant/scripts/install-redteam.ps1 +++ b/Vagrant/scripts/install-redteam.ps1 @@ -3,6 +3,9 @@ Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Installing Red Team Tooling..." # Windows Defender should be disabled already by O&O ShutUp10 +# Adding Defender exclusions just in case +Add-MpPreference -ExclusionPath “C:\Tools” +Add-MpPreference -ExclusionPath “C:\Users\vagrant\AppData\Local\Temp” # Purpose: Downloads and unzips a copy of the latest Mimikatz trunk Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Determining latest release of Mimikatz..." From 47d4696147f2bacedfae4fe1afdfd9e5013d91d0 Mon Sep 17 00:00:00 2001 From: Chris Long Date: Mon, 9 Mar 2020 00:49:32 -0700 Subject: [PATCH 3/3] Update install-redteam.ps1 --- Vagrant/scripts/install-redteam.ps1 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Vagrant/scripts/install-redteam.ps1 b/Vagrant/scripts/install-redteam.ps1 index 1f42a49..7d9c591 100644 --- a/Vagrant/scripts/install-redteam.ps1 +++ b/Vagrant/scripts/install-redteam.ps1 @@ -3,9 +3,11 @@ Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Installing Red Team Tooling..." # Windows Defender should be disabled already by O&O ShutUp10 +If ($hostname -eq "win10") { # Adding Defender exclusions just in case -Add-MpPreference -ExclusionPath “C:\Tools” +Set-MpPreference -ExclusionPath “C:\Tools” Add-MpPreference -ExclusionPath “C:\Users\vagrant\AppData\Local\Temp” +} # Purpose: Downloads and unzips a copy of the latest Mimikatz trunk Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Determining latest release of Mimikatz..."