trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
628 Commits 1 Branch 0 Tags
2e678190d02a7b0397d82d83dbe3686500855f41
Commit Graph

628 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mike Haag
2d5d6f508e Add BOTS to Logger 
This will add the BOTSv2 dataset to DetectionLab.

One app required for BOTS:
Splunk Stream - https://splunkbase.splunk.com/app/1809/

Recommended:
Boss of the SOC (BOTS) Advanced APT Hunting Companion App for Splunk -  https://splunkbase.splunk.com/app/4430/
 2019-09-05 10:02:05 -06:00
Chris Long
d8389399df Merge pull request #314 from dtrizna/master 
Installation fails due resolve issues on all boxes
 2019-07-24 22:46:22 -07:00
dtrizna
9bfcc8296c Update Vagrantfile 2019-07-24 14:18:04 +03:00
dtrizna
9694416e33 Update Vagrantfile 2019-07-24 14:16:10 +03:00
Chris Long
279a94ae3c Remove default AMI IDs 2019-07-22 21:20:45 -07:00
Chris Long
a07e9cbaac Fix bro-pkg issue 
https://github.com/abiteboul
 2019-07-20 23:44:19 -07:00
Chris Long
9eec435ebf Merge pull request #312 from clong/threathunting_134 
Update ThreatHunting app to 1.3.4
 2019-07-20 00:50:58 -07:00
Chris Long
9cceafa28e Update ThreatHunting app to 1.3.4 2019-07-20 00:49:35 -07:00
Chris Long
6134b37630 Merge pull request #310 from clong/remove_packer_port_forwards 
Remove packer port forwards
 2019-07-17 22:46:36 -07:00
Chris Long
6a9474b70c Remove Packer Port Forwarding 
Removes port forwarding from Win2016 template
 2019-07-17 22:45:55 -07:00
Chris Long
926a1ab3ef Remove Packer Port Forwards 
Removes port forwarding from Win10 template
 2019-07-17 22:44:50 -07:00
Chris Long
0a7f7a16e8 Merge pull request #308 from strcrzy/aws_local_amis 
local AMI vars should override data sources
 2019-07-10 12:32:46 -07:00
jamie brim
68846d1d98 local AMI vars should override data sources 2019-07-09 15:14:32 -07:00
Chris Long
280bce8252 Updating bginfo.bgi to point to the correct .bmp 2019-07-08 00:41:32 -07:00
Chris Long
2480c27200 Remove Prebuilt Vagrantfile 2019-07-07 10:46:59 -07:00
Chris Long
53a535a8f0 Merge pull request #307 from clong/1903_update 
Update Windows 10 to 1903 & Add Sysprep
 2019-07-07 10:46:03 -07:00
Chris Long
8fe4e85251 Merge branch 'master' into 1903_update 2019-07-06 18:38:52 -07:00
Chris Long
f55b721da2 Remove debugging paths from Vagrantfile 2019-07-06 18:35:02 -07:00
Chris Long
df718b4408 Update to 1903 2019-07-06 18:29:29 -07:00
Chris Long
b162255275 Use get-command to auto-resolve packer path 
Resolves https://github.com/clong/DetectionLab/issues/279
 2019-06-20 14:21:29 -04:00
Chris Long
528633a72d Merge pull request #304 from sunnyneo/patch-2 
Explicitly define the file directory
 2019-06-17 23:40:10 -07:00
Sunny Neo
8d7bc4b9dc Explicitly define the file directory 
Osquery was not working with Fleet after deployment due to wrong directories. 

The following command installs the osqueryd service with --flagfile=\ProgramData\osquery\osquery.flags" however osquery.flags found at "C:\Program Files\osquery\osquery.flags" 

``` "c:\Program Files\osquery\osqueryd\osqueryd.exe" -ArgumentList "--install" -Wait  
```

The original osquery.flags defines the certfile.crt to be in "C:\programdata\osquery", it should be in  "c:\Program Files\osquery\" instead.
 2019-06-16 22:56:11 +08:00
Chris Long
85070d8f40 Merge pull request #300 from asvoboda/upgrade/terraform-0.12 
Upgrade to terraform 0.12
 2019-06-13 13:36:15 -07:00
Andrew Svoboda
c3a150353b Use 0.12.2 2019-06-13 13:28:46 +01:00
Andrew Svoboda
7efaeac715 Fix tf 12 list interpolation 2019-06-13 10:30:16 +01:00
Andrew Svoboda
b03249282f Merge branch 'master' into upgrade/terraform-0.12 2019-06-10 21:04:05 +01:00
Chris Long
95d1fb31f4 Updating ASNGen App 2019-06-09 17:53:21 -07:00
Andrew Svoboda
5b80450fd7 Use 0.12.1 2019-06-08 11:13:34 +01:00
Andrew Svoboda
739019d47a Fix 0.12 list of list syntax 2019-06-04 13:57:17 +01:00
Andrew Svoboda
28f1fc9372 Upgrade to terraform 0.12 
Resolves #291
 2019-06-04 13:53:53 +01:00
Chris Long
a68591a091 Merge pull request #299 from clong/vmtools_update 
Fix ThreatHunting App, add Lookup Editor, Update VM tools
 2019-05-26 21:41:29 -07:00
Chris Long
2f7dda82c3 Add TLS1.2 support back in to vm-guest-tools 2019-05-26 21:38:29 -07:00
Chris Long
e9ccc17e17 Revert Vagrantfile changes 2019-05-26 21:37:24 -07:00
Chris Long
e78c312bc5 Actually add files 2019-05-26 21:36:10 -07:00
Chris Long
cd722dab8b Fix ThreatHunting App, add Lookup Editor, Update VM tools 2019-05-26 21:34:45 -07:00
Chris Long
47aba8bcfd Merge pull request #298 from clong/osquery_v340 
Update osquery paths in v3.4.0
 2019-05-25 12:38:28 -07:00
Chris Long
9dcc235a55 Update osquery paths in v3.4.0 2019-05-25 12:36:45 -07:00
Chris Long
30068e1b4c Merge pull request #294 from clong/logger_aws_datasource 
Terraform: Update logger to use AWS data source for AMI resolution
 2019-05-23 23:45:01 -07:00
Chris Long
c9017580aa Terraform: Update logger to use AWS data source for AMI resolution 2019-05-23 23:40:12 -07:00
Chris Long
c5a2fcbd59 Merge pull request #290 from asvoboda/as/more-outputs 
Add user friendly outputs and run terraform fmt
 2019-05-23 16:43:51 -07:00
Andrew Svoboda
be0d273ec0 Merge branch 'master' into as/more-outputs 2019-05-23 16:33:32 -07:00
Andrew Svoboda
ec8b8c5f1b fixup circleci config 2019-05-23 16:28:41 -07:00
Andrew Svoboda
8a3529493e Add terraform fmt check 2019-05-23 16:25:39 -07:00
Andrew Svoboda
3866c64a9f Add outputs and run terraform fmt 2019-05-23 16:17:40 -07:00
Chris Long
e1c2f25b09 Update README.md 2019-05-23 14:27:14 -07:00
Chris Long
0f74025d44 Merge pull request #288 from clong/packet_external_storage 
Simplify CI build and support Packet external storage
 2019-05-20 01:34:32 -07:00
Chris Long
21df017d54 Simplify CI build and support Packet external storage 2019-05-20 00:01:25 -07:00
Chris Long
2757ca9bbc Merge pull request #287 from olafhartong/master 
Upgraded ThreatHunting app
 2019-05-19 20:04:43 -07:00
Olaf Hartong
7916fd1818 added v1.3.2 2019-05-19 22:33:01 +02:00
Olaf Hartong
04bbd7d25e Updated ThreatHunting app to 1.3 2019-05-19 21:06:04 +02:00