trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
396 Commits 1 Branch 0 Tags
9ed0fc884f4ad52ab0447e7de8ad247e85591ce9
Commit Graph

396 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Long
9ed0fc884f Merge pull request #344 from clong/redo_dc_auditing 
Multiple fixes for auditing, wireshark
 2019-11-11 23:15:37 -08:00
Chris Long
3140fa5668 Merge branch 'master' into redo_dc_auditing 2019-11-11 23:15:21 -08:00
Chris Long
92af8912aa Revert changes to .gitignore 2019-11-11 23:12:45 -08:00
Chris Long
17e42182ef Adding updated manifests 2019-11-11 23:11:36 -08:00
Chris Long
9f392c76cc Re-create DC Auditing GPO. Update ThreatHunting Splunk App. 2019-11-11 23:01:57 -08:00
Chris Long
17d250f349 Force delete server if the build times out 
Fixes https://github.com/clong/DetectionLab/issues/324
 2019-11-08 11:27:22 -08:00
Chris Long
fc3ffb6761 Update README.md 
Remove GoFundMe, add GitHub sponsor Button
 2019-11-07 23:48:09 -08:00
Chris Long
2b608addb0 Fixing issue #341 
Add TLS1.2 support
 2019-11-07 23:44:03 -08:00
Chris Long
208f1b233d Merge pull request #340 from clong/update_bootstrap 
Updating bootstrap.sh
 2019-11-06 22:21:29 -08:00
Chris Long
0bd64eb04b Updating bootstrap.sh 2019-11-06 22:13:19 -08:00
Chris Long
466b54e385 Installing yq via apt-get 
Fixing the yq issue by using the apt repository
 2019-11-04 22:43:25 -08:00
Chris Long
b0b124243b Updating yq installation check 2019-11-01 08:43:21 -07:00
Chris Long
a9d743ef49 Addressing issue #329 
Thanks to @protodroidbot for the fix!
 2019-10-31 21:33:14 -07:00
Chris Long
69f797a020 Create FUNDING.yml 2019-10-30 00:54:35 -07:00
Chris Long
3c34ded609 Case insensitive version check 
Resolves https://github.com/clong/DetectionLab/issues/326
 2019-10-08 12:00:26 -07:00
Chris Long
bb45da7c69 Merge pull request #325 from clong/bots_bootstrap 
Updating bootstrap.sh to not install BOTSv2 by default
 2019-09-30 20:33:56 -07:00
Chris Long
84287c4c17 Updating bootstrap.sh to not install BOTSv2 by default 2019-09-30 20:32:19 -07:00
Chris Long
801dab26e0 Merge pull request #320 from MHaggis/master 
Add BOTSv2 to Logger
 2019-09-30 20:22:33 -07:00
Mike Haag
2d5d6f508e Add BOTS to Logger 
This will add the BOTSv2 dataset to DetectionLab.

One app required for BOTS:
Splunk Stream - https://splunkbase.splunk.com/app/1809/

Recommended:
Boss of the SOC (BOTS) Advanced APT Hunting Companion App for Splunk -  https://splunkbase.splunk.com/app/4430/
 2019-09-05 10:02:05 -06:00
Chris Long
d8389399df Merge pull request #314 from dtrizna/master 
Installation fails due resolve issues on all boxes
 2019-07-24 22:46:22 -07:00
dtrizna
9bfcc8296c Update Vagrantfile 2019-07-24 14:18:04 +03:00
dtrizna
9694416e33 Update Vagrantfile 2019-07-24 14:16:10 +03:00
Chris Long
279a94ae3c Remove default AMI IDs 2019-07-22 21:20:45 -07:00
Chris Long
a07e9cbaac Fix bro-pkg issue 
https://github.com/abiteboul
 2019-07-20 23:44:19 -07:00
Chris Long
9eec435ebf Merge pull request #312 from clong/threathunting_134 
Update ThreatHunting app to 1.3.4
 2019-07-20 00:50:58 -07:00
Chris Long
9cceafa28e Update ThreatHunting app to 1.3.4 2019-07-20 00:49:35 -07:00
Chris Long
6134b37630 Merge pull request #310 from clong/remove_packer_port_forwards 
Remove packer port forwards
 2019-07-17 22:46:36 -07:00
Chris Long
6a9474b70c Remove Packer Port Forwarding 
Removes port forwarding from Win2016 template
 2019-07-17 22:45:55 -07:00
Chris Long
926a1ab3ef Remove Packer Port Forwards 
Removes port forwarding from Win10 template
 2019-07-17 22:44:50 -07:00
Chris Long
0a7f7a16e8 Merge pull request #308 from strcrzy/aws_local_amis 
local AMI vars should override data sources
 2019-07-10 12:32:46 -07:00
jamie brim
68846d1d98 local AMI vars should override data sources 2019-07-09 15:14:32 -07:00
Chris Long
280bce8252 Updating bginfo.bgi to point to the correct .bmp 2019-07-08 00:41:32 -07:00
Chris Long
2480c27200 Remove Prebuilt Vagrantfile 2019-07-07 10:46:59 -07:00
Chris Long
53a535a8f0 Merge pull request #307 from clong/1903_update 
Update Windows 10 to 1903 & Add Sysprep
 2019-07-07 10:46:03 -07:00
Chris Long
8fe4e85251 Merge branch 'master' into 1903_update 2019-07-06 18:38:52 -07:00
Chris Long
f55b721da2 Remove debugging paths from Vagrantfile 2019-07-06 18:35:02 -07:00
Chris Long
df718b4408 Update to 1903 2019-07-06 18:29:29 -07:00
Chris Long
b162255275 Use get-command to auto-resolve packer path 
Resolves https://github.com/clong/DetectionLab/issues/279
 2019-06-20 14:21:29 -04:00
Chris Long
528633a72d Merge pull request #304 from sunnyneo/patch-2 
Explicitly define the file directory
 2019-06-17 23:40:10 -07:00
Sunny Neo
8d7bc4b9dc Explicitly define the file directory 
Osquery was not working with Fleet after deployment due to wrong directories. 

The following command installs the osqueryd service with --flagfile=\ProgramData\osquery\osquery.flags" however osquery.flags found at "C:\Program Files\osquery\osquery.flags" 

``` "c:\Program Files\osquery\osqueryd\osqueryd.exe" -ArgumentList "--install" -Wait  
```

The original osquery.flags defines the certfile.crt to be in "C:\programdata\osquery", it should be in  "c:\Program Files\osquery\" instead.
 2019-06-16 22:56:11 +08:00
Chris Long
85070d8f40 Merge pull request #300 from asvoboda/upgrade/terraform-0.12 
Upgrade to terraform 0.12
 2019-06-13 13:36:15 -07:00
Andrew Svoboda
c3a150353b Use 0.12.2 2019-06-13 13:28:46 +01:00
Andrew Svoboda
7efaeac715 Fix tf 12 list interpolation 2019-06-13 10:30:16 +01:00
Andrew Svoboda
b03249282f Merge branch 'master' into upgrade/terraform-0.12 2019-06-10 21:04:05 +01:00
Chris Long
95d1fb31f4 Updating ASNGen App 2019-06-09 17:53:21 -07:00
Andrew Svoboda
5b80450fd7 Use 0.12.1 2019-06-08 11:13:34 +01:00
Andrew Svoboda
739019d47a Fix 0.12 list of list syntax 2019-06-04 13:57:17 +01:00
Andrew Svoboda
28f1fc9372 Upgrade to terraform 0.12 
Resolves #291
 2019-06-04 13:53:53 +01:00
Chris Long
a68591a091 Merge pull request #299 from clong/vmtools_update 
Fix ThreatHunting App, add Lookup Editor, Update VM tools
 2019-05-26 21:41:29 -07:00
Chris Long
2f7dda82c3 Add TLS1.2 support back in to vm-guest-tools 2019-05-26 21:38:29 -07:00