trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
379 Commits 1 Branch 0 Tags
801dab26e0e81840791aa5415ea9ae014dc0211f
Commit Graph

126 Commits

Author SHA1 Message Date
Mike Haag
2d5d6f508e Add BOTS to Logger 
This will add the BOTSv2 dataset to DetectionLab.

One app required for BOTS:
Splunk Stream - https://splunkbase.splunk.com/app/1809/

Recommended:
Boss of the SOC (BOTS) Advanced APT Hunting Companion App for Splunk -  https://splunkbase.splunk.com/app/4430/
 2019-09-05 10:02:05 -06:00
dtrizna
9bfcc8296c Update Vagrantfile 2019-07-24 14:18:04 +03:00
dtrizna
9694416e33 Update Vagrantfile 2019-07-24 14:16:10 +03:00
Chris Long
a07e9cbaac Fix bro-pkg issue 
https://github.com/abiteboul
 2019-07-20 23:44:19 -07:00
Chris Long
9cceafa28e Update ThreatHunting app to 1.3.4 2019-07-20 00:49:35 -07:00
Chris Long
280bce8252 Updating bginfo.bgi to point to the correct .bmp 2019-07-08 00:41:32 -07:00
Chris Long
2480c27200 Remove Prebuilt Vagrantfile 2019-07-07 10:46:59 -07:00
Chris Long
f55b721da2 Remove debugging paths from Vagrantfile 2019-07-06 18:35:02 -07:00
Chris Long
df718b4408 Update to 1903 2019-07-06 18:29:29 -07:00
Sunny Neo
8d7bc4b9dc Explicitly define the file directory 
Osquery was not working with Fleet after deployment due to wrong directories. 

The following command installs the osqueryd service with --flagfile=\ProgramData\osquery\osquery.flags" however osquery.flags found at "C:\Program Files\osquery\osquery.flags" 

``` "c:\Program Files\osquery\osqueryd\osqueryd.exe" -ArgumentList "--install" -Wait  
```

The original osquery.flags defines the certfile.crt to be in "C:\programdata\osquery", it should be in  "c:\Program Files\osquery\" instead.
 2019-06-16 22:56:11 +08:00
Chris Long
95d1fb31f4 Updating ASNGen App 2019-06-09 17:53:21 -07:00
Chris Long
e9ccc17e17 Revert Vagrantfile changes 2019-05-26 21:37:24 -07:00
Chris Long
e78c312bc5 Actually add files 2019-05-26 21:36:10 -07:00
Chris Long
cd722dab8b Fix ThreatHunting App, add Lookup Editor, Update VM tools 2019-05-26 21:34:45 -07:00
Chris Long
9dcc235a55 Update osquery paths in v3.4.0 2019-05-25 12:36:45 -07:00
Olaf Hartong
7916fd1818 added v1.3.2 2019-05-19 22:33:01 +02:00
Olaf Hartong
04bbd7d25e Updated ThreatHunting app to 1.3 2019-05-19 21:06:04 +02:00
Chris Long
6b40e372bd Actually include the files 2019-05-11 01:42:35 -07:00
Chris Long
4082b7a193 Add JA3 for Bro and Suricata. Add background wallpaper. 2019-05-11 01:40:23 -07:00
Chris Long
1261c0dfd8 Adding timestamps to scripts, Vagrantfile_prebuilt, logo 2019-05-06 09:26:59 -07:00
Chris Long
bb2a17ba98 Adding TaskManager.reg 2019-04-28 22:12:59 -07:00
Chris Long
1746b49811 Add Atomic Red Team, Poll Packet for Provisioning, Fixes 2019-04-28 22:02:11 -07:00
Chris Long
3de47b621a Fix WEF inputs for Splunk 2019-04-28 13:12:53 -07:00
Chris Long
88cd120e6e Don't try to re-disable Defender 2019-04-28 01:42:25 -07:00
Chris Long
e1039c8090 Adding back repository for apt-fast 2019-04-27 23:07:11 -07:00
Chris Long
65381681c9 Removing remnants of python3.6 and pip 2019-04-27 22:53:13 -07:00
Chris Long
7d844fd988 Removing Caldera 2019-04-27 22:36:06 -07:00
Chris Long
614af67405 Update to Caldera 2.0, reduce verbosity 2019-04-27 21:05:23 -07:00
Chris Long
4accd72069 Add a retry for SplunkForwarder stoppage 
Attempt at fixing https://github.com/clong/DetectionLab/issues/243
 2019-04-26 01:14:22 -07:00
Chris Long
dae0393b00 Fixing issues 228, 252, 255 2019-04-25 23:06:07 -07:00
Chris Long
a283d561e6 Merge branch 'master' into vagrant_cloud 2019-04-10 22:30:11 -07:00
Chris Long
0d3ba24cfc Update README, fix incorrect comment 2019-04-10 22:26:44 -07:00
Chris Long
fcb74cbd0c Migrate boxes to Vagrant Cloud, add tests to Logger 2019-04-10 22:17:26 -07:00
Chris Long
d3e00c8d57 Install WinPcap to fix network interface issue 
Addresses https://github.com/clong/DetectionLab/issues/246
 2019-04-09 22:51:51 -07:00
Chris Long
c19f924de9 Update install-redteam.ps1 2019-04-07 23:42:09 -07:00
Chris Long
42b70d627c Update Splunk to v7.2.5.1 2019-04-07 23:16:08 -07:00
Chris Long
7810b6afbd Remove vmware_fusion provider from Vagrantfile 2019-04-07 23:15:09 -07:00
Jonathan Johnson
6f2b788f76 Update install-redteam.ps1 2019-04-02 14:43:24 -05:00
Chris Long
53feb06c95 Fix typo 2019-03-31 12:04:32 -07:00
Chris Long
bd2847603e Update bootstrap.sh 2019-03-31 12:02:13 -07:00
Chris Long
9c3a7f3188 Speed up logger provisioning by using apt-fast 2019-03-31 12:00:31 -07:00
Chris Long
deb94c9416 Fix config file typo 2019-03-28 00:05:15 +08:00
Chris Long
7c25cd1e00 Hardcode caldera config settings 2019-03-27 11:20:27 +07:00
Chris Long
f656b82db4 Update configure-ou.ps1 2019-03-25 08:13:44 +07:00
Chris Long
03b0c894d0 Update configure-wef-gpo.ps1 2019-03-25 08:11:54 +07:00
Chris Long
a30eb41737 Update create-domain.ps1 2019-03-24 22:11:32 +07:00
Chris Long
11b1ae4963 Update configure-ou.ps1 2019-03-24 22:11:10 +07:00
Chris Long
173723d96f Bash -> Powershell 2019-03-24 10:08:19 +07:00
Chris Long
57003667e0 More debugging 2019-03-23 16:33:35 +07:00
Chris Long
1d7cc0ed3e fix typo 2019-03-12 14:16:03 -07:00