forked from splunk/attack_range
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
29 changed files
with
134 additions
and
50 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
15 changes: 15 additions & 0 deletions
15
packer/ansible/roles/linux_common/tasks/update_sshd_config.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
--- | ||
|
||
- name: Configure sshd | ||
lineinfile: | ||
path: "/etc/ssh/sshd_config" | ||
line: "{{item.key}} {{item.value}}" | ||
loop: | ||
- { key: "HostKeyAlgorithms", value: "+ssh-rsa" } | ||
- { key: "PubkeyAcceptedKeyTypes", value: "+ssh-rsa" } | ||
|
||
- name: Restart SSHd | ||
become: true | ||
service: | ||
name: sshd | ||
state: restarted |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
--- | ||
|
||
- name: Run Atomic Red Team | ||
become: true | ||
shell: | | ||
pwsh -Command 'IEX (IWR https://raw.githubusercontent.com/redcanaryco/invoke-atomicredteam/master/install-atomicsfolder.ps1 -UseBasicParsing); | ||
Install-AtomicsFolder -Force; | ||
IEX (IWR https://raw.githubusercontent.com/redcanaryco/invoke-atomicredteam/master/install-atomicredteam.ps1); | ||
Install-AtomicRedTeam -Force' | ||
register: output_art | ||
|
||
- debug: | ||
var: output_art.stdout_lines |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,6 @@ | ||
#!/bin/bash | ||
export OSQUERY_KEY=1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B | ||
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys $OSQUERY_KEY | ||
sudo add-apt-repository 'deb [arch=amd64] https://pkg.osquery.io/deb deb main' | ||
sudo add-apt-repository --yes 'deb [arch=amd64] https://pkg.osquery.io/deb deb main' | ||
sudo apt-get update | ||
sudo apt-get install osquery |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,6 @@ | ||
#!/bin/bash | ||
export OSQUERY_KEY=1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B | ||
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys $OSQUERY_KEY | ||
sudo add-apt-repository 'deb [arch=amd64] https://pkg.osquery.io/deb deb main' | ||
sudo add-apt-repository --yes 'deb [arch=amd64] https://pkg.osquery.io/deb deb main' | ||
sudo apt-get update | ||
sudo apt-get install osquery |
42 changes: 42 additions & 0 deletions
42
packer/ansible/roles/windows_install_attack_simulation/tasks/main.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
--- | ||
|
||
- name: Enable strong dotnet crypto | ||
win_regedit: | ||
key: "{{ item }}" | ||
value: SchUseStrongCrypto | ||
datatype: dword | ||
data: 1 | ||
with_items: | ||
- "HKLM:\\SOFTWARE\\Microsoft\\.NetFramework\\v4.0.30319" | ||
- "HKLM:\\SOFTWARE\\Wow6432Node\\Microsoft\\.NetFramework\\v4.0.30319" | ||
|
||
- name: Check installed providers | ||
win_shell: Get-PackageProvider -ListAvailable | ||
register: providers | ||
|
||
- name: Install NuGet Provider | ||
win_shell: | | ||
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force | ||
when: providers.stdout is not search("NuGet") | ||
|
||
- name: Install Atomic Red Team | ||
win_shell: | | ||
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Internet Explorer\Main" -Name "DisableFirstRunCustomize" -Value 2 | ||
IEX (IWR https://raw.githubusercontent.com/redcanaryco/invoke-atomicredteam/master/install-atomicredteam.ps1) | ||
Install-AtomicRedTeam -Force | ||
IEX (IWR 'https://raw.githubusercontent.com/redcanaryco/invoke-atomicredteam/master/install-atomicsfolder.ps1' -UseBasicParsing) | ||
Install-AtomicsFolder -Force -RepoOwner "{{ atomic_red_team_repo }}" -Branch "{{ atomic_red_team_branch }}" | ||
register: install_art | ||
|
||
- debug: | ||
var: install_art | ||
|
||
- name: Download Latest PurpleSharp Binary | ||
win_shell: | | ||
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls, [Net.SecurityProtocolType]::Tls11, [Net.SecurityProtocolType]::Tls12, [Net.SecurityProtocolType]::Ssl3 | ||
[Net.ServicePointManager]::SecurityProtocol = 'Tls, Tls11, Tls12, Ssl3' | ||
If (-not (Test-Path c:\Tools\PurpleSharp)) { New-Item -Path c:\Tools\ -Name PurpleSharp -ItemType directory } | ||
$tag = (Invoke-WebRequest 'https://api.github.com/repos/mvelazc0/PurpleSharp/releases' -UseBasicParsing | ConvertFrom-Json)[0].tag_name | ||
$purplesharpDownloadUrl = 'https://github.com/mvelazc0/PurpleSharp/releases/download/' + $tag + '/PurpleSharp_x64.exe' | ||
If (-not (Test-Path c:\Tools\PurpleSharp\PurpleSharp.exe)) { Invoke-WebRequest -Uri $purplesharpDownloadUrl -OutFile c:\Tools\PurpleSharp\PurpleSharp.exe } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.