trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
165 Commits 1 Branch 0 Tags
a6bcbab794c579355dda492460964eb89fb23c71
Commit Graph

51 Commits

Author SHA1 Message Date
Chris Long
a6bcbab794 Fix typo in bootstrap [ci skip] 2018-09-08 17:39:50 -07:00
Chris Long
0f667e3818 Give suricata time to start [ci skip] 
The pgrep check is failing if Suricata doesn't start fast enough
 2018-09-08 09:55:36 -07:00
Chris Long
9a82f140f4 Actually add the app 2018-09-07 14:58:11 -07:00
Chris Long
a95143a2d3 Fix formatting, add Splunk ASN lookup app 2018-09-07 14:57:53 -07:00
Chris Long
ba7784e0e8 Multiple fixes, additions 2018-09-06 22:58:36 -07:00
Chris Long
4529c7fd0b Merge branch 'master' into patch-1 2018-09-05 08:41:25 -07:00
Dmitry
04318c0bff Added vm names to vmmare providers 2018-09-05 22:24:49 +07:00
Jeff Beley
234646af53 added sed line to fix suricata build 2018-09-05 02:57:34 -05:00
Dmitry
ac1cab0170 Rename virtualbox VM names to predictable 
Hi!
I suggest you to add this to make virtualbox vm names more predictable.
Now i suspect that virtualbox vm names are slightly random.

cfg.vm.provider "virtualbox" do |vb, override|
...
vb.name = "name.windomain.local"
...
end
 2018-09-04 13:36:04 +07:00
Jeff Beley
875c4c7a5a migrated to bro packge from opensuse.org 2018-09-03 08:50:13 -05:00
Jeff Beley
5501b69598 Added bro and suricata to the logger vagrant 
configured splunk to ingest both bro and suricata logs

reconfigured logger vagrant box to have 2 CPUs and 4GB of RAM
 2018-08-29 11:58:23 -05:00
Jeff Beley
5c57a47eb2 Added bro and suricata to the logger vagrant 
configured splunk to ingest both bro and suricata logs

reconfigured logger vagrant box to have 2 CPUs and 4GB of RAM
 2018-08-29 11:55:38 -05:00
Chris Long
95e177f5aa Fixing bugs 2018-07-30 21:54:42 -07:00
Chris Long
199075e412 Merge branch 'master' into H8to-patch-1 2018-07-26 15:12:06 -07:00
H8to
84297d0dc5 Disable screen turnoff 
This should fix the client machines from turning off and locking the screen.
 2018-07-26 17:04:04 +02:00
Chris Long
6370af1eae Updating windows_ta script to point to the correct version 2018-07-23 12:30:30 -07:00
Chris Long
ca7dec8eb1 Updating build scripts to use vmware_desktop, update TA's, update bootstrap 2018-07-20 22:28:44 -07:00
Chris Long
b9b65601a6 Updating hashes for pre-built boxes and small fixes 2018-06-28 23:20:24 -07:00
Chris Long
a105722872 Adding some small fixes 2018-06-26 23:48:11 -07:00
Chris Long
bd6c3520f3 Update Win10 to 1804 & Fixes 2018-06-23 23:27:23 -07:00
Chris Long
ac792cc0b1 Revert "Updated Splunk UF and changed sysmon config" 2018-05-23 23:26:15 -07:00
Chris Long
20c40a22f9 Merge pull request #92 from olafhartong/master 
Updated Splunk UF and changed sysmon config
 2018-05-23 13:21:32 -07:00
hhofs
387682e809 added pre and post checks for installations 2018-05-16 14:56:12 +02:00
Olaf Hartong
f2545eef50 added olafhartong sysmon-modular config 2018-05-13 11:42:27 +02:00
Olaf Hartong
53ca340244 update to 7.0.1 2018-05-13 11:42:02 +02:00
hhofs
0e898af33f added verification of iso download, changed memory for wef and dc, fixed issue with post-build tests 2018-05-11 23:59:17 +02:00
Henk Hofs
6d1df521b8 missed some files during commit 2018-05-06 01:27:54 +02:00
Henk Hofs
406fa8ca1f added installation & configuration of ms_ata 2018-05-05 23:04:03 +02:00
h.hofs
932f9143fc added ata install script 2018-05-04 13:15:42 +02:00
Chris Long
0fd7d0647b Fix compile script, update VM tools, Vagrant -> 2.0.3 2018-03-21 18:02:54 -07:00
Chris Long
33e9d3ea64 Updating Splunk 2018-03-01 00:36:54 -08:00
Chris Long
3d1ba91ad9 Updating Powershell web calls to use TLS1.2 2018-02-28 23:04:16 -08:00
Filippo Anarratone
e389b3f97e Fix hostname variable when disabling Windows Defender 2018-02-10 14:46:26 +00:00
Filippo Anarratone
349ee4f76d Prevent Windows Defender from blocking CALDERA 2018-02-08 17:17:02 +00:00
Chris Long
f10f4a2f67 Adding build scripts, continuous integration, upping timeout 2018-02-01 22:10:22 -08:00
Chris Long
248ae8e52a Configure mongod and caldera services to start at boot 2018-01-30 17:32:07 -08:00
Chris Long
a648915bf4 Merge branch 'master' of https://github.com/clong/detectionlab into logger_python_3.6.4 2018-01-22 23:19:40 -08:00
Chris Long
8bce148a89 Updating logger to use Python 3.6.4 for better Caldera support 2018-01-22 23:05:21 -08:00
Olaf Hartong
c9b826fcf4 newer Splunk Sysmon TA 2018-01-20 22:28:18 +01:00
Olaf Hartong
425c94fb7e Delete add-on-for-microsoft-sysmon_605.tgz 2018-01-20 22:27:49 +01:00
Olaf Hartong
99b7f6290f newer sysmon ta for splunk 2018-01-20 22:26:51 +01:00
Olaf Hartong
0c971c81eb newer sysmon TA 2018-01-20 22:22:17 +01:00
Olaf Hartong
9a42d8729e Delete add-on-for-microsoft-sysmon_600.tgz 2018-01-20 22:21:42 +01:00
Olaf Hartong
503b771314 newer sysmon TA 2018-01-20 22:21:14 +01:00
Chris Long
8112bfac42 Adding Caldera to DetectionLab 2018-01-18 21:39:41 -08:00
Chris Long
d431d007a4 Modify the schema of Sysmon Schema to 4.0 
Addresses https://github.com/clong/DetectionLab/issues/38
 2018-01-16 19:48:31 -08:00
Chris Long
f0cc38f850 Removing port forwarding from Vagrantfile 
Removing port_forwards due to poor support from Vagrant
 2018-01-11 23:56:27 -08:00
Chris Long
25174fc641 Remove extraneous config stanza from WEF inputs 2017-12-29 07:36:38 +07:00
Chris Long
a99d9d4c9b Adding SQL to enable snapshot event splitting in Fleet 2017-12-17 15:59:02 -08:00
Chris Long
30341aa3ea Adding download_palantir_wef.ps1 back into Win10 Vagrantfile 2017-12-14 11:36:31 -08:00