trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix sysmon sourcetype, update ThreatHunting app

Browse Source
This commit is contained in:
Chris Long
2020-08-04 21:58:18 -07:00
parent 3fc3119be2
commit 84c29f6739
31 changed files with 124 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
Vagrant/scripts/install-sysinternals.ps1
View File

@@ -1,4 +1,5 @@
# Purpose: Installs a handful of SysInternals tools on the host into c:\Tools\Sysinternals
# Also installs Sysmon and Olaf Harton's Sysmon config
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Installing SysInternals Tooling..."
$sysinternalsDir = "C:\Tools\Sysinternals"
@@ -6,14 +7,14 @@ $sysmonDir = "C:\ProgramData\Sysmon"
If(!(test-path $sysinternalsDir)) {
New-Item -ItemType Directory -Force -Path $sysinternalsDir
} Else {
Write-Host "Tools directory exists. Exiting."
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Tools directory exists, no need to re-install. Exiting."
exit
}
If(!(test-path $sysmonDir)) {
New-Item -ItemType Directory -Force -Path $sysmonDir
} Else {
Write-Host "Sysmon directory exists. Exiting."
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Sysmon directory exists, no need to re-install. Exiting."
exit
}