trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
f65eab38ca9df67274654d35d47754ed44e62741
DetectionLab/Vagrant/Vagrantfile
Chris Long 1577341ce9 Initial commit
2017-12-11 08:49:25 -08:00

166 lines
8.4 KiB
Ruby
Raw Blame History

Vagrant.configure("2") do |config|
config.vm.define "logger" do |cfg|
cfg.vm.box = "bento/ubuntu-16.04"
cfg.vm.hostname = "logger"
config.vm.provision :shell, path: "bootstrap.sh"
cfg.vm.network :private_network, ip: "192.168.38.5", gateway: "192.168.38.1", dns: "8.8.8.8"
config.vm.network :forwarded_port, guest: 8000, host: 8000
config.vm.network :forwarded_port, guest: 8412, host: 8412
cfg.vm.provider "vmware_fusion" do |v, override|
v.memory = 2048
v.cpus = 1
v.gui = true
end
cfg.vm.provider "virtualbox" do |vb, override|
vb.gui = true
vb.customize ["modifyvm", :id, "--memory", 2048]
vb.customize ["modifyvm", :id, "--cpus", 1]
vb.customize ["modifyvm", :id, "--vram", "32"]
vb.customize ["modifyvm", :id, "--clipboard", "bidirectional"]
vb.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
end
end
config.vm.define "dc" do |cfg|
cfg.vm.box = "../Boxes/windows_2016_virtualbox.box"
cfg.vm.hostname = "dc"
# use the plaintext WinRM transport and force it to use basic authentication.
# NB this is needed because the default negotiate transport stops working
# after the domain controller is installed.
# see https://groups.google.com/forum/#!topic/vagrant-up/sZantuCM0q4
cfg.winrm.transport = :plaintext
cfg.winrm.basic_auth_only = true
cfg.vm.communicator = "winrm"
cfg.vm.network :forwarded_port, guest: 5985, host: 5985, id: "winrm", auto_correct: true
cfg.vm.network :forwarded_port, guest: 22, host: 2222, id: "ssh", auto_correct: true
cfg.vm.network :forwarded_port, guest: 3389, host: 3389, id: "rdp", auto_correct: true
cfg.vm.network :private_network, ip: "192.168.38.2", gateway: "192.168.38.1"
cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: false, args: "192.168.38.2"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "reload"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/download_palantir_wef.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/download_palantir_osquery.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-splunkuf.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-inputsconf.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-utilities.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-osquery.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-sysinternals.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/configure-ou.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/configure-wef-gpo.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/configure-powershelllogging.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-autorunstowineventlog.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/configure-AuditingPolicyGPOs.ps1", privileged: true
cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: true
cfg.vm.provider "vmware_fusion" do |v, override|
override.vm.box = "../Boxes/windows_2016_vmware.box"
v.memory = 2048
v.cpus = 1
v.gui = true
end
cfg.vm.provider "virtualbox" do |vb, override|
vb.gui = true
vb.customize ["modifyvm", :id, "--memory", 2048]
vb.customize ["modifyvm", :id, "--cpus", 1]
vb.customize ["modifyvm", :id, "--vram", "32"]
vb.customize ["modifyvm", :id, "--clipboard", "bidirectional"]
vb.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
end
end
config.vm.define "wef" do |cfg|
cfg.vm.box = "../Boxes/windows_2016_virtualbox.box"
cfg.vm.hostname = "wef"
cfg.vm.communicator = "winrm"
cfg.vm.network :forwarded_port, guest: 5985, host: 5986, id: "winrm", auto_correct: true
cfg.vm.network :forwarded_port, guest: 22, host: 2223, id: "ssh", auto_correct: true
cfg.vm.network :forwarded_port, guest: 3389, host: 3390, id: "rdp", auto_correct: true
cfg.vm.network :private_network, ip: "192.168.38.3", gateway: "192.168.38.1", dns: "192.168.38.2"
cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: false, args: "-ip 192.168.38.3 -dns 192.168.38.2"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "reload"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/download_palantir_wef.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/download_palantir_osquery.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-wefsubscriptions.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-splunkuf.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-windows_ta.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-utilities.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-osquery.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-inputsconf.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-sysinternals.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/configure-pslogstranscriptsshare.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-autorunstowineventlog.ps1", privileged: true
cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: true
cfg.vm.provider "vmware_fusion" do |v, override|
override.vm.box = "../Boxes/windows_2016_vmware.box"
v.memory = 2048
v.cpus = 1
v.gui = true
end
cfg.vm.provider "virtualbox" do |vb, override|
vb.gui = true
vb.customize ["modifyvm", :id, "--memory", 2048]
vb.customize ["modifyvm", :id, "--cpus", 1]
vb.customize ["modifyvm", :id, "--vram", "32"]
vb.customize ["modifyvm", :id, "--clipboard", "bidirectional"]
vb.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
end
end
config.vm.define "win10" do |cfg|
cfg.vm.box = "../Boxes/windows_10_virtualbox.box"
cfg.vm.hostname = "win10"
cfg.vm.communicator = "winrm"
cfg.vm.network :forwarded_port, guest: 5985, host: 5987, id: "winrm", auto_correct: true
cfg.vm.network :forwarded_port, guest: 22, host: 2224, id: "ssh", auto_correct: true
cfg.vm.network :forwarded_port, guest: 3389, host: 3391, id: "rdp", auto_correct: true
cfg.vm.network :private_network, ip: "192.168.38.4", gateway: "192.168.38.1", dns: "192.168.38.2"
cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: false, args: "-ip 192.168.38.4 -dns 192.168.38.2"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "reload"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/download_palantir_osquery.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-splunkuf.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-utilities.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-osquery.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-inputsconf.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-sysinternals.ps1", privileged: true
cfg.vm.provision "shell", path: "scripts/install-autorunstowineventlog.ps1", privileged: true
cfg.vm.provider "vmware_fusion" do |v, override|
override.vm.box = "../Boxes/windows_10_vmware.box"
v.vmx["gui.fullscreenatpoweron"] = "FALSE"
v.vmx["gui.viewModeAtPowerOn"] = "windowed"
v.vmx["gui.fitguestusingnativedisplayresolution"] = "FALSE"
v.memory = 2048
v.cpus = 1
v.gui = true
end
cfg.vm.provider "virtualbox" do |vb, override|
vb.gui = true
vb.customize ["modifyvm", :id, "--memory", 2048]
vb.customize ["modifyvm", :id, "--cpus", 1]
vb.customize ["modifyvm", :id, "--vram", "32"]
vb.customize ["modifyvm", :id, "--clipboard", "bidirectional"]
vb.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
end
end
end
Reference in New Issue View Git Blame Copy Permalink