trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
450 Commits 1 Branch 0 Tags
d1cc369e8743d1e6f77549c9158ec4c457ee415e
Commit Graph

64 Commits

Author SHA1 Message Date
Chris Long
d1cc369e87 Adding www.splunk.com to DNS cache 
Logger is sometimes failing to resolve www.splunk.com
 2020-02-29 23:12:21 -08:00
Chris Long
43cc095193 Merge branch 'master' into libvirt_provider 2020-01-18 00:10:43 -08:00
Ahmed Shawky
fefbb9ac54 Fix a monir bug when importing windows-application-security osquery config into fleet. 2020-01-17 23:08:47 +04:00
Selora
2a6cb92f51 Libvirt provider 
Adding Packer Qemu builder:
* Packer/answer_files/*_virtio: Install the virtio drivers from the ISO (NOT provided)
* windows_*.json needs some manual tweaks to match the virtio drivers ISO path

Adding Vagrant-libvirt provider:
* Uses the QEMU qcow2 images provided by packer to build the DetectionLab
* Vagrantfile needs manual tweaking to match libvirt's host configuration (backing store, network interfaces, etc)

README:
* Added separate README with instructions for libvirt
 2020-01-15 17:28:54 +00:00
Chris Long
85563d7742 Fix issue #362 
https://github.com/clong/DetectionLab/issues/362
 2019-12-21 01:17:32 -08:00
Chris Long
b5c73ce647 Include Invoke-AtomicTest in Powershell 2019-12-20 23:46:35 -08:00
Chris Long
ffbca14bd0 Adding mirrors back 2019-12-20 18:03:48 -08:00
Chris Long
7e17727cbb Logger bump to Ubuntu 18.04 & Migrate to Zeek 2019-12-20 15:48:13 -08:00
Chris Long
ee9a1f87fd Removing Splunk forwarder from Windows hosts 2019-12-03 00:42:02 -08:00
Chris Long
905eaca9fa Adding Guacamole for multi-machine management 2019-11-19 21:01:19 -08:00
Chris Long
9f392c76cc Re-create DC Auditing GPO. Update ThreatHunting Splunk App. 2019-11-11 23:01:57 -08:00
Chris Long
0bd64eb04b Updating bootstrap.sh 2019-11-06 22:13:19 -08:00
Chris Long
466b54e385 Installing yq via apt-get 
Fixing the yq issue by using the apt repository
 2019-11-04 22:43:25 -08:00
Chris Long
b0b124243b Updating yq installation check 2019-11-01 08:43:21 -07:00
Chris Long
a9d743ef49 Addressing issue #329 
Thanks to @protodroidbot for the fix!
 2019-10-31 21:33:14 -07:00
Chris Long
84287c4c17 Updating bootstrap.sh to not install BOTSv2 by default 2019-09-30 20:32:19 -07:00
Mike Haag
2d5d6f508e Add BOTS to Logger 
This will add the BOTSv2 dataset to DetectionLab.

One app required for BOTS:
Splunk Stream - https://splunkbase.splunk.com/app/1809/

Recommended:
Boss of the SOC (BOTS) Advanced APT Hunting Companion App for Splunk -  https://splunkbase.splunk.com/app/4430/
 2019-09-05 10:02:05 -06:00
Chris Long
a07e9cbaac Fix bro-pkg issue 
https://github.com/abiteboul
 2019-07-20 23:44:19 -07:00
Chris Long
9cceafa28e Update ThreatHunting app to 1.3.4 2019-07-20 00:49:35 -07:00
Chris Long
95d1fb31f4 Updating ASNGen App 2019-06-09 17:53:21 -07:00
Chris Long
e78c312bc5 Actually add files 2019-05-26 21:36:10 -07:00
Olaf Hartong
04bbd7d25e Updated ThreatHunting app to 1.3 2019-05-19 21:06:04 +02:00
Chris Long
6b40e372bd Actually include the files 2019-05-11 01:42:35 -07:00
Chris Long
1261c0dfd8 Adding timestamps to scripts, Vagrantfile_prebuilt, logo 2019-05-06 09:26:59 -07:00
Chris Long
1746b49811 Add Atomic Red Team, Poll Packet for Provisioning, Fixes 2019-04-28 22:02:11 -07:00
Chris Long
3de47b621a Fix WEF inputs for Splunk 2019-04-28 13:12:53 -07:00
Chris Long
e1039c8090 Adding back repository for apt-fast 2019-04-27 23:07:11 -07:00
Chris Long
65381681c9 Removing remnants of python3.6 and pip 2019-04-27 22:53:13 -07:00
Chris Long
7d844fd988 Removing Caldera 2019-04-27 22:36:06 -07:00
Chris Long
614af67405 Update to Caldera 2.0, reduce verbosity 2019-04-27 21:05:23 -07:00
Chris Long
0d3ba24cfc Update README, fix incorrect comment 2019-04-10 22:26:44 -07:00
Chris Long
fcb74cbd0c Migrate boxes to Vagrant Cloud, add tests to Logger 2019-04-10 22:17:26 -07:00
Chris Long
42b70d627c Update Splunk to v7.2.5.1 2019-04-07 23:16:08 -07:00
Chris Long
53feb06c95 Fix typo 2019-03-31 12:04:32 -07:00
Chris Long
bd2847603e Update bootstrap.sh 2019-03-31 12:02:13 -07:00
Chris Long
9c3a7f3188 Speed up logger provisioning by using apt-fast 2019-03-31 12:00:31 -07:00
Chris Long
7c25cd1e00 Hardcode caldera config settings 2019-03-27 11:20:27 +07:00
Chris Long
f6c5fd521b Fix ThreatHunting app macros.conf 
- Fixes https://github.com/clong/DetectionLab/issues/223
- Update Splunk to 7.2.4.2
 2019-03-11 21:46:40 -07:00
Chris Long
ed74fdcb71 Update bootstrap.sh 
Address Issues #214 and #215
 2019-03-08 23:22:08 -08:00
Chris Long
93183a95e2 Update Splunk apps, create vagrantfile_minimum, bugfixes 2019-03-01 22:45:37 -08:00
Chris Long
020af3c936 Add ShutUp10, Upgrade Vagrant, Issue 12 2019-02-18 21:47:03 -08:00
Franci Šacer
cf802a1ea3 Issues with dpkg resolved 
This fixed my issues: https://serverfault.com/questions/500764/dpkg-reconfigure-unable-to-re-open-stdin-no-file-or-directory
 2019-01-29 07:32:49 +01:00
Chris Long
91012842b1 Update Fleet and use Fleetctl for pack imports. 2018-12-20 14:48:59 -08:00
Chris Long
8b9178685a Adding Olaf's Threat Hunting App. Fixes. Updates. 2018-12-11 00:52:46 -08:00
Chris Long
a6bcbab794 Fix typo in bootstrap [ci skip] 2018-09-08 17:39:50 -07:00
Chris Long
0f667e3818 Give suricata time to start [ci skip] 
The pgrep check is failing if Suricata doesn't start fast enough
 2018-09-08 09:55:36 -07:00
Chris Long
a95143a2d3 Fix formatting, add Splunk ASN lookup app 2018-09-07 14:57:53 -07:00
Chris Long
ba7784e0e8 Multiple fixes, additions 2018-09-06 22:58:36 -07:00
Jeff Beley
234646af53 added sed line to fix suricata build 2018-09-05 02:57:34 -05:00
Jeff Beley
875c4c7a5a migrated to bro packge from opensuse.org 2018-09-03 08:50:13 -05:00