trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
658 Commits 1 Branch 0 Tags
4a26eb6cf95860994c42bfcba5b7ab0287dfe6cc
Commit Graph

98 Commits

Author SHA1 Message Date
Chris Long
6393da6c3a Update bootstrap.sh 2020-07-27 21:54:54 -07:00
Chris Long
f68a8a4120 Fixing Velociraptor install 2020-07-26 17:43:21 -07:00
Chris Long
2058aae44e Re-fix threathunting app and update ESXi logger role 2020-07-26 15:24:26 -07:00
Chris Long
cbaa7643d6 Actually comitting files 2020-07-26 14:47:09 -07:00
Ahmed Shawky
f1299990b2 Point splunk to the right osquery path 2020-07-26 16:55:13 +04:00
Ahmed Shawky
2eec4ec46e Update fleet installer 2020-07-26 16:48:10 +04:00
Chris Long
a163eb55d1 Updating build.ps1 and ThreatHunting app 2020-07-23 22:46:30 -07:00
Chris Long
230e4ee882 Fixing dumb mistakes 2020-07-04 15:14:01 -07:00
Chris Long
2e678190d0 Fix velociraptor install on Ubuntu 2020-07-03 02:10:23 -07:00
Chris Long
8cc591b7d7 Add velociraptor 2020-07-03 01:55:19 -07:00
Chris Long
976b58f126 More linting errors fixed 2020-06-25 23:26:12 -07:00
Chris Long
21477e376a Fix lint errors, update packer files 2020-06-25 23:11:59 -07:00
Chris Long
7858530c17 Remove from Ansible too 2020-06-21 00:28:38 -07:00
Chris Long
565ca261f1 Fix quote escaping 2020-06-20 23:51:10 -07:00
Chris Long
d466f343c4 Fixing shellcheck lint output 2020-06-20 19:14:09 -07:00
Chris Long
74dda07942 Update ESXi bootstrap too 2020-06-01 22:53:36 -07:00
Chris Long
7dc7e6916c ESXi RAM Bump, osquery fixes 2020-06-01 22:51:14 -07:00
Chris Long
5398841cfe Update bootstrap.sh 2020-05-09 13:38:57 -07:00
Chris Long
203d7a4638 Fixing eth1 ip detection logic 
Interfaces can have multiple IP addresses, causing this step to fail in Virtualbox
 2020-04-18 22:53:35 -07:00
Chris Long
37d7d1dfd1 Fixing Splunk app filename 2020-04-17 13:58:12 -07:00
Chris Long
60f89345af Override Bootstrap DNS Settings 2020-04-16 22:00:05 -07:00
Chris Long
3fde431699 Small logger bugfixes 2020-04-14 13:29:58 -07:00
Chris Long
a67ce6efb5 Fixing logger bugs, updating vm tools, updating Win10 ISO 2020-04-13 00:05:49 -07:00
Chris Long
34d8a39c43 Multiple bugfixes, add dashboard 2020-03-27 14:53:04 -07:00
Ahmed Shawky
388ab44a56 Bump zkg version to 2.1.1 2020-03-20 21:59:05 +04:00
Ahmed Shawky
5d10776e4e Merge remote-tracking branch 'upstream/master' 2020-03-20 20:03:58 +04:00
Ahmed Shawky
681aecb2bc Should fix an issue when installing zeek https://github.com/cyberdefenders/DetectionLabELK/issues/1 
zkg 2.1.0 has an issue with Python2 https://github.com/zeek/package-manager/issues/60
 2020-03-20 20:01:25 +04:00
Mike Haag
e52f8eee5a bootstrap.sh comment fix 2020-03-19 10:41:19 -06:00
Mike Haag
4bc014ca63 Update bootstrap.sh 2020-03-19 09:43:04 -06:00
Mike Haag
852f20af57 Adding BOTSv3 and Updating Apps 2020-03-19 09:39:58 -06:00
Chris Long
e612709f4d Whitespace formatting 2020-03-13 12:10:17 -07:00
Ahmed Shawky
c351643c8c Make sure we have a DNS resolution when calling fix_eth1_static_ip. 2020-03-13 11:00:07 +04:00
Chris Long
4e850a5ee6 Adding final ESXI deployment code 2020-03-09 14:42:58 -07:00
Chris Long
ac1d2499a2 Replace inline suricata.yaml edits with resource file 2020-03-01 22:32:26 -08:00
Chris Long
d1cc369e87 Adding www.splunk.com to DNS cache 
Logger is sometimes failing to resolve www.splunk.com
 2020-02-29 23:12:21 -08:00
Chris Long
43cc095193 Merge branch 'master' into libvirt_provider 2020-01-18 00:10:43 -08:00
Ahmed Shawky
fefbb9ac54 Fix a monir bug when importing windows-application-security osquery config into fleet. 2020-01-17 23:08:47 +04:00
Selora
2a6cb92f51 Libvirt provider 
Adding Packer Qemu builder:
* Packer/answer_files/*_virtio: Install the virtio drivers from the ISO (NOT provided)
* windows_*.json needs some manual tweaks to match the virtio drivers ISO path

Adding Vagrant-libvirt provider:
* Uses the QEMU qcow2 images provided by packer to build the DetectionLab
* Vagrantfile needs manual tweaking to match libvirt's host configuration (backing store, network interfaces, etc)

README:
* Added separate README with instructions for libvirt
 2020-01-15 17:28:54 +00:00
Chris Long
85563d7742 Fix issue #362 
https://github.com/clong/DetectionLab/issues/362
 2019-12-21 01:17:32 -08:00
Chris Long
b5c73ce647 Include Invoke-AtomicTest in Powershell 2019-12-20 23:46:35 -08:00
Chris Long
ffbca14bd0 Adding mirrors back 2019-12-20 18:03:48 -08:00
Chris Long
7e17727cbb Logger bump to Ubuntu 18.04 & Migrate to Zeek 2019-12-20 15:48:13 -08:00
Chris Long
ee9a1f87fd Removing Splunk forwarder from Windows hosts 2019-12-03 00:42:02 -08:00
Chris Long
905eaca9fa Adding Guacamole for multi-machine management 2019-11-19 21:01:19 -08:00
Chris Long
9f392c76cc Re-create DC Auditing GPO. Update ThreatHunting Splunk App. 2019-11-11 23:01:57 -08:00
Chris Long
0bd64eb04b Updating bootstrap.sh 2019-11-06 22:13:19 -08:00
Chris Long
466b54e385 Installing yq via apt-get 
Fixing the yq issue by using the apt repository
 2019-11-04 22:43:25 -08:00
Chris Long
b0b124243b Updating yq installation check 2019-11-01 08:43:21 -07:00
Chris Long
a9d743ef49 Addressing issue #329 
Thanks to @protodroidbot for the fix!
 2019-10-31 21:33:14 -07:00
Chris Long
84287c4c17 Updating bootstrap.sh to not install BOTSv2 by default 2019-09-30 20:32:19 -07:00