trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
723 Commits 1 Branch 0 Tags
c80063c4b39776f1bc36e7bd91d0028e50c9c6ab
Commit Graph

278 Commits

Author SHA1 Message Date
Chris Long
57003667e0 More debugging 2019-03-23 16:33:35 +07:00
Chris Long
1d7cc0ed3e fix typo 2019-03-12 14:16:03 -07:00
Chris Long
7aaf35efbb Merge branch 'master' into configure_ou 2019-03-11 22:37:53 -07:00
Chris Long
23f0b30dab Add try/catch to configure-ou.ps1 2019-03-11 22:37:37 -07:00
Chris Long
da57f05b4a Revert last change 2019-03-11 22:31:40 -07:00
Chris Long
f6c5fd521b Fix ThreatHunting app macros.conf 
- Fixes https://github.com/clong/DetectionLab/issues/223
- Update Splunk to 7.2.4.2
 2019-03-11 21:46:40 -07:00
Chris Long
612474c6da Change order of configure-ou.ps1 
Attempting to debug issue #221
 2019-03-10 20:03:30 -07:00
Chris Long
5978e1b750 Update caldera.service 
Updated python3.6 path after installing from apt rather than source
 2019-03-08 23:46:28 -08:00
Chris Long
ed74fdcb71 Update bootstrap.sh 
Address Issues #214 and #215
 2019-03-08 23:22:08 -08:00
Chris Long
a4a074ad24 Removing Microsoft-Message-Analyzer as it conflicts with Microsoft ATA 2019-03-02 10:28:05 -08:00
Chris Long
ebdaa07080 Fixing working in choco and redteam 2019-03-01 22:51:26 -08:00
Chris Long
c732ba6908 Reverting vagrantfile changes 2019-03-01 22:46:50 -08:00
Chris Long
93183a95e2 Update Splunk apps, create vagrantfile_minimum, bugfixes 2019-03-01 22:45:37 -08:00
Chris Long
020af3c936 Add ShutUp10, Upgrade Vagrant, Issue 12 2019-02-18 21:47:03 -08:00
Franci Šacer
cf802a1ea3 Issues with dpkg resolved 
This fixed my issues: https://serverfault.com/questions/500764/dpkg-reconfigure-unable-to-re-open-stdin-no-file-or-directory
 2019-01-29 07:32:49 +01:00
Chris Long
05f1f41930 Update osquery paths to reflect updates to repo 2018-12-20 19:02:08 -08:00
Chris Long
91012842b1 Update Fleet and use Fleetctl for pack imports. 2018-12-20 14:48:59 -08:00
Chris Long
75c91331aa Merge branch 'master' into threat_hunting 2018-12-11 00:55:41 -08:00
Chris Long
8b9178685a Adding Olaf's Threat Hunting App. Fixes. Updates. 2018-12-11 00:52:46 -08:00
Chris Long
52faea3e67 Override virtualbox NIC type 
Addressing  https://github.com/clong/DetectionLab/issues/170
 2018-12-06 23:47:26 -08:00
Chris Long
9e19393138 Ignore Microsoft-Windows-LiveId when clearing event channels 
Addresses https://github.com/clong/DetectionLab/issues/171
 2018-12-05 13:46:38 -08:00
Chris Long
e547dc1ff9 Set privilege to false for all windows shell cmds 
https://github.com/clong/DetectionLab/issues/172
 2018-12-05 01:22:10 -08:00
Chris Long
553ecbaaf4 Add TLSv1.2 support to install-bginfo.ps1 2018-10-30 14:13:50 -07:00
Chris Long
d763d66dc2 Drop the firewall in Win10 host [ci skip] 2018-09-25 22:48:26 -07:00
Chris Long
3af54d5003 Merge branch 'master' into patch-3 2018-09-25 22:44:47 -07:00
Chris Long
63e4b29e4a Add boot timeout to win10 host in Vagrantfile [ci skip] 2018-09-13 10:40:00 -07:00
Chris Long
a6bcbab794 Fix typo in bootstrap [ci skip] 2018-09-08 17:39:50 -07:00
Chris Long
0f667e3818 Give suricata time to start [ci skip] 
The pgrep check is failing if Suricata doesn't start fast enough
 2018-09-08 09:55:36 -07:00
Chris Long
9a82f140f4 Actually add the app 2018-09-07 14:58:11 -07:00
Chris Long
a95143a2d3 Fix formatting, add Splunk ASN lookup app 2018-09-07 14:57:53 -07:00
Chris Long
ba7784e0e8 Multiple fixes, additions 2018-09-06 22:58:36 -07:00
Chris Long
4529c7fd0b Merge branch 'master' into patch-1 2018-09-05 08:41:25 -07:00
Dmitry
04318c0bff Added vm names to vmmare providers 2018-09-05 22:24:49 +07:00
Jeff Beley
234646af53 added sed line to fix suricata build 2018-09-05 02:57:34 -05:00
Dmitry
4d21d2e885 Add code to section "Excluding NAT interface from DNS" 
Hi!
I want  you to add code to subj section. 
Here my qwuick and dirty example of a code
Here the list what it proposed to do.
1. remove NAT adapters IP Resource records in DNS Server.
2. Uncheck option "Register this connection's addresses in dns"
3. Remove all RR from NAT if already registered. (unnessesary, if NAT adapter RR not exist)
4. restart DNS server service.
 2018-09-04 15:28:44 +07:00
Dmitry
ac1cab0170 Rename virtualbox VM names to predictable 
Hi!
I suggest you to add this to make virtualbox vm names more predictable.
Now i suspect that virtualbox vm names are slightly random.

cfg.vm.provider "virtualbox" do |vb, override|
...
vb.name = "name.windomain.local"
...
end
 2018-09-04 13:36:04 +07:00
Jeff Beley
875c4c7a5a migrated to bro packge from opensuse.org 2018-09-03 08:50:13 -05:00
Jeff Beley
5501b69598 Added bro and suricata to the logger vagrant 
configured splunk to ingest both bro and suricata logs

reconfigured logger vagrant box to have 2 CPUs and 4GB of RAM
 2018-08-29 11:58:23 -05:00
Jeff Beley
5c57a47eb2 Added bro and suricata to the logger vagrant 
configured splunk to ingest both bro and suricata logs

reconfigured logger vagrant box to have 2 CPUs and 4GB of RAM
 2018-08-29 11:55:38 -05:00
Chris Long
95e177f5aa Fixing bugs 2018-07-30 21:54:42 -07:00
Chris Long
199075e412 Merge branch 'master' into H8to-patch-1 2018-07-26 15:12:06 -07:00
H8to
84297d0dc5 Disable screen turnoff 
This should fix the client machines from turning off and locking the screen.
 2018-07-26 17:04:04 +02:00
Chris Long
6370af1eae Updating windows_ta script to point to the correct version 2018-07-23 12:30:30 -07:00
Chris Long
ca7dec8eb1 Updating build scripts to use vmware_desktop, update TA's, update bootstrap 2018-07-20 22:28:44 -07:00
Chris Long
b9b65601a6 Updating hashes for pre-built boxes and small fixes 2018-06-28 23:20:24 -07:00
Chris Long
a105722872 Adding some small fixes 2018-06-26 23:48:11 -07:00
Chris Long
bd6c3520f3 Update Win10 to 1804 & Fixes 2018-06-23 23:27:23 -07:00
Chris Long
ac792cc0b1 Revert "Updated Splunk UF and changed sysmon config" 2018-05-23 23:26:15 -07:00
Chris Long
20c40a22f9 Merge pull request #92 from olafhartong/master 
Updated Splunk UF and changed sysmon config
 2018-05-23 13:21:32 -07:00
hhofs
387682e809 added pre and post checks for installations 2018-05-16 14:56:12 +02:00