trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
475 Commits 1 Branch 0 Tags
d4a9699cdd8525199dcd8a6cdac87ef243ad3165
Commit Graph

75 Commits

Author SHA1 Message Date
Ahmed Shawky
d4a9699cdd Fix a typeo that stopped the Defender exclusions of \tools directory 2020-03-15 09:40:01 +04:00
Chris Long
068e9d8c05 Merge branch 'master' into ESXi 2020-03-09 14:46:54 -07:00
Chris Long
4e850a5ee6 Adding final ESXI deployment code 2020-03-09 14:42:58 -07:00
Chris Long
47d4696147 Update install-redteam.ps1 2020-03-09 00:49:32 -07:00
Chris Long
361b9b0b48 Adding exclusion folders to install-redteam.ps1 2020-03-07 23:11:44 -08:00
Chris Long
c630b88961 Removing reference to Invoke-AtomicRedTeam.psm1 
Fixes https://github.com/clong/DetectionLab/issues/385
 2020-03-07 20:02:25 -08:00
Chris Long
2bd2f20776 Merge branch 'master' into libvirt_provider 2020-02-17 14:45:09 -08:00
Ahmed Shawky
fea8f35f0e Force powershell to use TLS 1.2 as chocolatey.org throws a TLS error 2020-02-05 02:47:03 +04:00
Selora
2a6cb92f51 Libvirt provider 
Adding Packer Qemu builder:
* Packer/answer_files/*_virtio: Install the virtio drivers from the ISO (NOT provided)
* windows_*.json needs some manual tweaks to match the virtio drivers ISO path

Adding Vagrant-libvirt provider:
* Uses the QEMU qcow2 images provided by packer to build the DetectionLab
* Vagrantfile needs manual tweaking to match libvirt's host configuration (backing store, network interfaces, etc)

README:
* Added separate README with instructions for libvirt
 2020-01-15 17:28:54 +00:00
Chris Long
b5c73ce647 Include Invoke-AtomicTest in Powershell 2019-12-20 23:46:35 -08:00
Chris Long
7e17727cbb Logger bump to Ubuntu 18.04 & Migrate to Zeek 2019-12-20 15:48:13 -08:00
Chris Long
0393d627ad Convert ADSI:Exists to Get-ADOrganizationalUnit 2019-12-04 18:49:28 -08:00
Chris Long
4a8485c28e Disable IPv6 on Windows adapters 2019-12-04 13:45:43 -08:00
Chris Long
f64ff20aaf Disabling default windows inputs. Adding powershell command for event channel perms 2019-12-04 11:27:35 -08:00
Chris Long
ee9a1f87fd Removing Splunk forwarder from Windows hosts 2019-12-03 00:42:02 -08:00
Chris Long
2b608addb0 Fixing issue #341 
Add TLS1.2 support
 2019-11-07 23:44:03 -08:00
Chris Long
280bce8252 Updating bginfo.bgi to point to the correct .bmp 2019-07-08 00:41:32 -07:00
Chris Long
df718b4408 Update to 1903 2019-07-06 18:29:29 -07:00
Sunny Neo
8d7bc4b9dc Explicitly define the file directory 
Osquery was not working with Fleet after deployment due to wrong directories. 

The following command installs the osqueryd service with --flagfile=\ProgramData\osquery\osquery.flags" however osquery.flags found at "C:\Program Files\osquery\osquery.flags" 

``` "c:\Program Files\osquery\osqueryd\osqueryd.exe" -ArgumentList "--install" -Wait  
```

The original osquery.flags defines the certfile.crt to be in "C:\programdata\osquery", it should be in  "c:\Program Files\osquery\" instead.
 2019-06-16 22:56:11 +08:00
Chris Long
9dcc235a55 Update osquery paths in v3.4.0 2019-05-25 12:36:45 -07:00
Chris Long
6b40e372bd Actually include the files 2019-05-11 01:42:35 -07:00
Chris Long
1261c0dfd8 Adding timestamps to scripts, Vagrantfile_prebuilt, logo 2019-05-06 09:26:59 -07:00
Chris Long
1746b49811 Add Atomic Red Team, Poll Packet for Provisioning, Fixes 2019-04-28 22:02:11 -07:00
Chris Long
88cd120e6e Don't try to re-disable Defender 2019-04-28 01:42:25 -07:00
Chris Long
7d844fd988 Removing Caldera 2019-04-27 22:36:06 -07:00
Chris Long
614af67405 Update to Caldera 2.0, reduce verbosity 2019-04-27 21:05:23 -07:00
Chris Long
4accd72069 Add a retry for SplunkForwarder stoppage 
Attempt at fixing https://github.com/clong/DetectionLab/issues/243
 2019-04-26 01:14:22 -07:00
Chris Long
dae0393b00 Fixing issues 228, 252, 255 2019-04-25 23:06:07 -07:00
Chris Long
d3e00c8d57 Install WinPcap to fix network interface issue 
Addresses https://github.com/clong/DetectionLab/issues/246
 2019-04-09 22:51:51 -07:00
Chris Long
c19f924de9 Update install-redteam.ps1 2019-04-07 23:42:09 -07:00
Jonathan Johnson
6f2b788f76 Update install-redteam.ps1 2019-04-02 14:43:24 -05:00
Chris Long
7c25cd1e00 Hardcode caldera config settings 2019-03-27 11:20:27 +07:00
Chris Long
f656b82db4 Update configure-ou.ps1 2019-03-25 08:13:44 +07:00
Chris Long
03b0c894d0 Update configure-wef-gpo.ps1 2019-03-25 08:11:54 +07:00
Chris Long
a30eb41737 Update create-domain.ps1 2019-03-24 22:11:32 +07:00
Chris Long
11b1ae4963 Update configure-ou.ps1 2019-03-24 22:11:10 +07:00
Chris Long
173723d96f Bash -> Powershell 2019-03-24 10:08:19 +07:00
Chris Long
57003667e0 More debugging 2019-03-23 16:33:35 +07:00
Chris Long
1d7cc0ed3e fix typo 2019-03-12 14:16:03 -07:00
Chris Long
23f0b30dab Add try/catch to configure-ou.ps1 2019-03-11 22:37:37 -07:00
Chris Long
a4a074ad24 Removing Microsoft-Message-Analyzer as it conflicts with Microsoft ATA 2019-03-02 10:28:05 -08:00
Chris Long
ebdaa07080 Fixing working in choco and redteam 2019-03-01 22:51:26 -08:00
Chris Long
93183a95e2 Update Splunk apps, create vagrantfile_minimum, bugfixes 2019-03-01 22:45:37 -08:00
Chris Long
020af3c936 Add ShutUp10, Upgrade Vagrant, Issue 12 2019-02-18 21:47:03 -08:00
Chris Long
05f1f41930 Update osquery paths to reflect updates to repo 2018-12-20 19:02:08 -08:00
Chris Long
8b9178685a Adding Olaf's Threat Hunting App. Fixes. Updates. 2018-12-11 00:52:46 -08:00
Chris Long
553ecbaaf4 Add TLSv1.2 support to install-bginfo.ps1 2018-10-30 14:13:50 -07:00
Chris Long
d763d66dc2 Drop the firewall in Win10 host [ci skip] 2018-09-25 22:48:26 -07:00
Chris Long
3af54d5003 Merge branch 'master' into patch-3 2018-09-25 22:44:47 -07:00
Chris Long
ba7784e0e8 Multiple fixes, additions 2018-09-06 22:58:36 -07:00