trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
830 Commits 1 Branch 0 Tags
c681c30449addedb2e6ec7f0c933d40e5cdfc358
Commit Graph

830 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Long
84287c4c17 Updating bootstrap.sh to not install BOTSv2 by default 2019-09-30 20:32:19 -07:00
Chris Long
801dab26e0 Merge pull request #320 from MHaggis/master 
Add BOTSv2 to Logger
 2019-09-30 20:22:33 -07:00
Mike Haag
2d5d6f508e Add BOTS to Logger 
This will add the BOTSv2 dataset to DetectionLab.

One app required for BOTS:
Splunk Stream - https://splunkbase.splunk.com/app/1809/

Recommended:
Boss of the SOC (BOTS) Advanced APT Hunting Companion App for Splunk -  https://splunkbase.splunk.com/app/4430/
 2019-09-05 10:02:05 -06:00
Chris Long
d8389399df Merge pull request #314 from dtrizna/master 
Installation fails due resolve issues on all boxes
 2019-07-24 22:46:22 -07:00
dtrizna
9bfcc8296c Update Vagrantfile 2019-07-24 14:18:04 +03:00
dtrizna
9694416e33 Update Vagrantfile 2019-07-24 14:16:10 +03:00
Chris Long
279a94ae3c Remove default AMI IDs 2019-07-22 21:20:45 -07:00
Chris Long
a07e9cbaac Fix bro-pkg issue 
https://github.com/abiteboul
 2019-07-20 23:44:19 -07:00
Chris Long
9eec435ebf Merge pull request #312 from clong/threathunting_134 
Update ThreatHunting app to 1.3.4
 2019-07-20 00:50:58 -07:00
Chris Long
9cceafa28e Update ThreatHunting app to 1.3.4 2019-07-20 00:49:35 -07:00
Chris Long
6134b37630 Merge pull request #310 from clong/remove_packer_port_forwards 
Remove packer port forwards
 2019-07-17 22:46:36 -07:00
Chris Long
6a9474b70c Remove Packer Port Forwarding 
Removes port forwarding from Win2016 template
 2019-07-17 22:45:55 -07:00
Chris Long
926a1ab3ef Remove Packer Port Forwards 
Removes port forwarding from Win10 template
 2019-07-17 22:44:50 -07:00
Chris Long
0a7f7a16e8 Merge pull request #308 from strcrzy/aws_local_amis 
local AMI vars should override data sources
 2019-07-10 12:32:46 -07:00
jamie brim
68846d1d98 local AMI vars should override data sources 2019-07-09 15:14:32 -07:00
Chris Long
280bce8252 Updating bginfo.bgi to point to the correct .bmp 2019-07-08 00:41:32 -07:00
Chris Long
2480c27200 Remove Prebuilt Vagrantfile 2019-07-07 10:46:59 -07:00
Chris Long
53a535a8f0 Merge pull request #307 from clong/1903_update 
Update Windows 10 to 1903 & Add Sysprep
 2019-07-07 10:46:03 -07:00
Chris Long
8fe4e85251 Merge branch 'master' into 1903_update 2019-07-06 18:38:52 -07:00
Chris Long
f55b721da2 Remove debugging paths from Vagrantfile 2019-07-06 18:35:02 -07:00
Chris Long
df718b4408 Update to 1903 2019-07-06 18:29:29 -07:00
Chris Long
b162255275 Use get-command to auto-resolve packer path 
Resolves https://github.com/clong/DetectionLab/issues/279
 2019-06-20 14:21:29 -04:00
Chris Long
528633a72d Merge pull request #304 from sunnyneo/patch-2 
Explicitly define the file directory
 2019-06-17 23:40:10 -07:00
Sunny Neo
8d7bc4b9dc Explicitly define the file directory 
Osquery was not working with Fleet after deployment due to wrong directories. 

The following command installs the osqueryd service with --flagfile=\ProgramData\osquery\osquery.flags" however osquery.flags found at "C:\Program Files\osquery\osquery.flags" 

``` "c:\Program Files\osquery\osqueryd\osqueryd.exe" -ArgumentList "--install" -Wait  
```

The original osquery.flags defines the certfile.crt to be in "C:\programdata\osquery", it should be in  "c:\Program Files\osquery\" instead.
 2019-06-16 22:56:11 +08:00
Chris Long
85070d8f40 Merge pull request #300 from asvoboda/upgrade/terraform-0.12 
Upgrade to terraform 0.12
 2019-06-13 13:36:15 -07:00
Andrew Svoboda
c3a150353b Use 0.12.2 2019-06-13 13:28:46 +01:00
Andrew Svoboda
7efaeac715 Fix tf 12 list interpolation 2019-06-13 10:30:16 +01:00
Andrew Svoboda
b03249282f Merge branch 'master' into upgrade/terraform-0.12 2019-06-10 21:04:05 +01:00
Chris Long
95d1fb31f4 Updating ASNGen App 2019-06-09 17:53:21 -07:00
Andrew Svoboda
5b80450fd7 Use 0.12.1 2019-06-08 11:13:34 +01:00
Andrew Svoboda
739019d47a Fix 0.12 list of list syntax 2019-06-04 13:57:17 +01:00
Andrew Svoboda
28f1fc9372 Upgrade to terraform 0.12 
Resolves #291
 2019-06-04 13:53:53 +01:00
Chris Long
a68591a091 Merge pull request #299 from clong/vmtools_update 
Fix ThreatHunting App, add Lookup Editor, Update VM tools
 2019-05-26 21:41:29 -07:00
Chris Long
2f7dda82c3 Add TLS1.2 support back in to vm-guest-tools 2019-05-26 21:38:29 -07:00
Chris Long
e9ccc17e17 Revert Vagrantfile changes 2019-05-26 21:37:24 -07:00
Chris Long
e78c312bc5 Actually add files 2019-05-26 21:36:10 -07:00
Chris Long
cd722dab8b Fix ThreatHunting App, add Lookup Editor, Update VM tools 2019-05-26 21:34:45 -07:00
Chris Long
47aba8bcfd Merge pull request #298 from clong/osquery_v340 
Update osquery paths in v3.4.0
 2019-05-25 12:38:28 -07:00
Chris Long
9dcc235a55 Update osquery paths in v3.4.0 2019-05-25 12:36:45 -07:00
Chris Long
30068e1b4c Merge pull request #294 from clong/logger_aws_datasource 
Terraform: Update logger to use AWS data source for AMI resolution
 2019-05-23 23:45:01 -07:00
Chris Long
c9017580aa Terraform: Update logger to use AWS data source for AMI resolution 2019-05-23 23:40:12 -07:00
Chris Long
c5a2fcbd59 Merge pull request #290 from asvoboda/as/more-outputs 
Add user friendly outputs and run terraform fmt
 2019-05-23 16:43:51 -07:00
Andrew Svoboda
be0d273ec0 Merge branch 'master' into as/more-outputs 2019-05-23 16:33:32 -07:00
Andrew Svoboda
ec8b8c5f1b fixup circleci config 2019-05-23 16:28:41 -07:00
Andrew Svoboda
8a3529493e Add terraform fmt check 2019-05-23 16:25:39 -07:00
Andrew Svoboda
3866c64a9f Add outputs and run terraform fmt 2019-05-23 16:17:40 -07:00
Chris Long
e1c2f25b09 Update README.md 2019-05-23 14:27:14 -07:00
Chris Long
0f74025d44 Merge pull request #288 from clong/packet_external_storage 
Simplify CI build and support Packet external storage
 2019-05-20 01:34:32 -07:00
Chris Long
21df017d54 Simplify CI build and support Packet external storage 2019-05-20 00:01:25 -07:00
Chris Long
2757ca9bbc Merge pull request #287 from olafhartong/master 
Upgraded ThreatHunting app
 2019-05-19 20:04:43 -07:00