trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
737 Commits 1 Branch 0 Tags
51b6599c39b72d99737e81f04caba1bd70419261
Commit Graph

137 Commits

Author SHA1 Message Date
Chris Long
6de7ffa8d5 Reverting last update to install-redteam.ps1 2020-04-25 23:03:03 -07:00
Chris Long
3f12ac524a Update install-redteam.ps1 2020-04-25 12:20:25 -07:00
Chris Long
7c0b8907db Fix path for install-utilities.ps1 2020-04-17 22:02:29 -07:00
Chris Long
3fde431699 Small logger bugfixes 2020-04-14 13:29:58 -07:00
Chris Long
dbfa998ec2 Update install-windows_ta.ps1 2020-04-08 00:20:01 -07:00
Chris Long
c7e013558a Resolving merge conflicts 2020-03-27 14:58:18 -07:00
Chris Long
34d8a39c43 Multiple bugfixes, add dashboard 2020-03-27 14:53:04 -07:00
Chris Long
6525456492 Update install-choco-extras.ps1 2020-03-25 22:46:55 -07:00
Chris Long
b2cf652fdc Update install-utilities.ps1 2020-03-25 22:46:19 -07:00
Chris Long
242e1a7cf3 Adding a failover for the ISO download 2020-03-23 22:51:43 -07:00
Chris Long
5dcc9965d3 Add a wait for autoruns scheduled task 2020-03-23 17:27:57 -07:00
Ahmed Shawky
110fa56b5a Disable defender RealtimeMonitoring when installing redteaming tools. 2020-03-15 16:42:26 +04:00
Ahmed Shawky
d4a9699cdd Fix a typeo that stopped the Defender exclusions of \tools directory 2020-03-15 09:40:01 +04:00
Chris Long
068e9d8c05 Merge branch 'master' into ESXi 2020-03-09 14:46:54 -07:00
Chris Long
4e850a5ee6 Adding final ESXI deployment code 2020-03-09 14:42:58 -07:00
Chris Long
47d4696147 Update install-redteam.ps1 2020-03-09 00:49:32 -07:00
Chris Long
361b9b0b48 Adding exclusion folders to install-redteam.ps1 2020-03-07 23:11:44 -08:00
Chris Long
c630b88961 Removing reference to Invoke-AtomicRedTeam.psm1 
Fixes https://github.com/clong/DetectionLab/issues/385
 2020-03-07 20:02:25 -08:00
Chris Long
2bd2f20776 Merge branch 'master' into libvirt_provider 2020-02-17 14:45:09 -08:00
Ahmed Shawky
fea8f35f0e Force powershell to use TLS 1.2 as chocolatey.org throws a TLS error 2020-02-05 02:47:03 +04:00
Selora
2a6cb92f51 Libvirt provider 
Adding Packer Qemu builder:
* Packer/answer_files/*_virtio: Install the virtio drivers from the ISO (NOT provided)
* windows_*.json needs some manual tweaks to match the virtio drivers ISO path

Adding Vagrant-libvirt provider:
* Uses the QEMU qcow2 images provided by packer to build the DetectionLab
* Vagrantfile needs manual tweaking to match libvirt's host configuration (backing store, network interfaces, etc)

README:
* Added separate README with instructions for libvirt
 2020-01-15 17:28:54 +00:00
Chris Long
b5c73ce647 Include Invoke-AtomicTest in Powershell 2019-12-20 23:46:35 -08:00
Chris Long
7e17727cbb Logger bump to Ubuntu 18.04 & Migrate to Zeek 2019-12-20 15:48:13 -08:00
Chris Long
0393d627ad Convert ADSI:Exists to Get-ADOrganizationalUnit 2019-12-04 18:49:28 -08:00
Chris Long
4a8485c28e Disable IPv6 on Windows adapters 2019-12-04 13:45:43 -08:00
Chris Long
f64ff20aaf Disabling default windows inputs. Adding powershell command for event channel perms 2019-12-04 11:27:35 -08:00
Chris Long
ee9a1f87fd Removing Splunk forwarder from Windows hosts 2019-12-03 00:42:02 -08:00
Chris Long
2b608addb0 Fixing issue #341 
Add TLS1.2 support
 2019-11-07 23:44:03 -08:00
Chris Long
280bce8252 Updating bginfo.bgi to point to the correct .bmp 2019-07-08 00:41:32 -07:00
Chris Long
df718b4408 Update to 1903 2019-07-06 18:29:29 -07:00
Sunny Neo
8d7bc4b9dc Explicitly define the file directory 
Osquery was not working with Fleet after deployment due to wrong directories. 

The following command installs the osqueryd service with --flagfile=\ProgramData\osquery\osquery.flags" however osquery.flags found at "C:\Program Files\osquery\osquery.flags" 

``` "c:\Program Files\osquery\osqueryd\osqueryd.exe" -ArgumentList "--install" -Wait  
```

The original osquery.flags defines the certfile.crt to be in "C:\programdata\osquery", it should be in  "c:\Program Files\osquery\" instead.
 2019-06-16 22:56:11 +08:00
Chris Long
9dcc235a55 Update osquery paths in v3.4.0 2019-05-25 12:36:45 -07:00
Chris Long
6b40e372bd Actually include the files 2019-05-11 01:42:35 -07:00
Chris Long
1261c0dfd8 Adding timestamps to scripts, Vagrantfile_prebuilt, logo 2019-05-06 09:26:59 -07:00
Chris Long
1746b49811 Add Atomic Red Team, Poll Packet for Provisioning, Fixes 2019-04-28 22:02:11 -07:00
Chris Long
88cd120e6e Don't try to re-disable Defender 2019-04-28 01:42:25 -07:00
Chris Long
7d844fd988 Removing Caldera 2019-04-27 22:36:06 -07:00
Chris Long
614af67405 Update to Caldera 2.0, reduce verbosity 2019-04-27 21:05:23 -07:00
Chris Long
4accd72069 Add a retry for SplunkForwarder stoppage 
Attempt at fixing https://github.com/clong/DetectionLab/issues/243
 2019-04-26 01:14:22 -07:00
Chris Long
dae0393b00 Fixing issues 228, 252, 255 2019-04-25 23:06:07 -07:00
Chris Long
d3e00c8d57 Install WinPcap to fix network interface issue 
Addresses https://github.com/clong/DetectionLab/issues/246
 2019-04-09 22:51:51 -07:00
Chris Long
c19f924de9 Update install-redteam.ps1 2019-04-07 23:42:09 -07:00
Jonathan Johnson
6f2b788f76 Update install-redteam.ps1 2019-04-02 14:43:24 -05:00
Chris Long
7c25cd1e00 Hardcode caldera config settings 2019-03-27 11:20:27 +07:00
Chris Long
f656b82db4 Update configure-ou.ps1 2019-03-25 08:13:44 +07:00
Chris Long
03b0c894d0 Update configure-wef-gpo.ps1 2019-03-25 08:11:54 +07:00
Chris Long
a30eb41737 Update create-domain.ps1 2019-03-24 22:11:32 +07:00
Chris Long
11b1ae4963 Update configure-ou.ps1 2019-03-24 22:11:10 +07:00
Chris Long
173723d96f Bash -> Powershell 2019-03-24 10:08:19 +07:00
Chris Long
57003667e0 More debugging 2019-03-23 16:33:35 +07:00