-
Notifications
You must be signed in to change notification settings - Fork 315
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Master main forensic merge (Forensics and Windows modules) #109
base: master
Are you sure you want to change the base?
Commits on Mar 20, 2017
-
Windows modules (web browsers, languages and text editor) and chocola…
…tey repository manager.
Configuration menu - View commit details
-
Copy full SHA for b7293f3 - Browse repository at this point
Copy the full SHA b7293f3View commit details
Commits on Mar 21, 2017
-
Configuration menu - View commit details
-
Copy full SHA for c4bec37 - Browse repository at this point
Copy the full SHA c4bec37View commit details
Commits on Mar 27, 2017
-
Moved over ForGen internet history module need to modify into SecGen …
…structure IN PROGRESS: Creating URL generator and chrome history file generator, added forensic option to xml_report_generator. Need to find a way to efficiently pass history file from chrome_history_file_generator to chrome_history forensic module.
Configuration menu - View commit details
-
Copy full SHA for a13431f - Browse repository at this point
Copy the full SHA a13431fView commit details
Commits on Apr 3, 2017
-
Moved over ForGen internet history module need to modify into SecGen …
…structure IN PROGRESS: Creating URL generator and chrome history file generator, added forensic option to xml_report_generator. Need to find a way to efficiently pass history file from chrome_history_file_generator to chrome_history forensic module. ERRORING: Recieving error ==> storage_server: Error: Could not find class internet_history_chrome::init for vagrant-2008r2.lan on node vagrant-2008r2.lan Need to look into vagrant/puppet not findign forensics internet history class
Configuration menu - View commit details
-
Copy full SHA for ac41834 - Browse repository at this point
Copy the full SHA ac41834View commit details
Commits on Apr 13, 2017
-
Merge branch 'packer_build_from_iso' into master-forensics-new
icense. Will download ISO from microsoft site, will then build basebox (storing in VAGRANT_BASEBOX_STORAGE) and will then build with vagrant. If Basebox is not present SecGen will prompt whether to use packer (requires download from packer website in README.md and for the binary to be in the system path) to build the Basebox. *** Changes *** constants.rb 51-57: Added the 2 constants PUPPET_VERSION: version of puppet to install on the newly generated system, and VAGRANT_BASEBOX_STORAGE which stores generated baseboxes (currently set to SecGen_root/.generated). project_files_creator.rb 48-80: Added logic to check for existing basebox and to generate new basebox if not present. base_metadata_schema.xsd 11: Added windows to platform options type 45-50: Added extra packer helper tags, packerfile_path (path to packer file in the layout of base_module_name/Packerfile_name) and product_key (will use a trial version if product key is not present) vulnerability_metadata_schema.xsd 32: Added windows value to platformOptions type to allow for windows system implementation. Vagrantfile.erb 21: Changed --hwvirtex to default of on without gui output, problems can occur if this is not set to on. 23,28,31: Removed - tags before ending %>, this was causing an error with the vagrantfile as the options were not being placed on different lines. 48-56: Added the use of winrm instead of the default ssh for the base module if the base module is windows. puppet_install/LICENSE Added Mozilla Public License Version 2.0 (GPL v3 compatable) that came with the puppet_install/windows.ps1 script, the script to install puppet can be rewritten with a more simple implementation, however this script should do error checking to add an extra level of stability to the puppet install. puppet_install/windows.ps1 Will install puppet on the Windows machine. virtualbox_guest_install/windows.bat Will install the virtualbox guest additions on the Windows machine. Autounattend.xml.erb Aurounattend script that allows for setting out the system layout including system information, disk configuration and product keys. Packerfile.erb Packerfile that builds the machine via packer, was going to be fully parameterised with all options being in the SecGen metadata (it still can be converted to this easily) however this lead to a large SecGen_metadata file with multiple tags which were only used if the basebox is not present, therefore only the product_key and packerfile_path keys were added to the SecGen_metadata file. Although the product_key data may be moved to a central product_key file later on. secgen_metadata.xml SecGen metadata file for the new windows basebox. (cherry picked from commit 7960914) # Conflicts: # lib/templates/Vagrantfile.erb # Conflicts: # lib/templates/Vagrantfile.erb
Configuration menu - View commit details
-
Copy full SHA for 820e323 - Browse repository at this point
Copy the full SHA 820e323View commit details -
Merge branch 'forensic_image_creation' into master-forensics-new
# Conflicts: # secgen.rb
Configuration menu - View commit details
-
Copy full SHA for 4f89b1f - Browse repository at this point
Copy the full SHA 4f89b1fView commit details -
Merge branch 'master-forensics' into master-forensics-new
# Conflicts: # Gemfile # Gemfile.lock
Configuration menu - View commit details
-
Copy full SHA for d64ea06 - Browse repository at this point
Copy the full SHA d64ea06View commit details
Commits on Apr 15, 2017
-
Configuration menu - View commit details
-
Copy full SHA for 4acc433 - Browse repository at this point
Copy the full SHA 4acc433View commit details -
Now all timestamp modules have default randomisation. May need to fix specifying values manually.
Configuration menu - View commit details
-
Copy full SHA for c99c12e - Browse repository at this point
Copy the full SHA c99c12eView commit details -
Created timestamp scenario example for all main timestamp modules
Configuration menu - View commit details
-
Copy full SHA for 6600bd1 - Browse repository at this point
Copy the full SHA 6600bd1View commit details
Commits on Apr 16, 2017
-
Allows for the placing of cat images (represent illegal images). May have some difficulty with multiple cat images due to framework placing all base64 inputs and outputs into a single hash, this may need to be resolved for multiple modules
Configuration menu - View commit details
-
Copy full SHA for 6fb4968 - Browse repository at this point
Copy the full SHA 6fb4968View commit details -
Chrome Internet history module
Allows for the insertion of the chrome History file with choice of number of generic and cybercrime urls with inputted time range.
Configuration menu - View commit details
-
Copy full SHA for 1649f39 - Browse repository at this point
Copy the full SHA 1649f39View commit details -
Configuration menu - View commit details
-
Copy full SHA for d1152d0 - Browse repository at this point
Copy the full SHA d1152d0View commit details -
Ensured all modules done previously could accept input values by addi…
…ng process_options and get_options_array methods to the generator modules.
Configuration menu - View commit details
-
Copy full SHA for 3029312 - Browse repository at this point
Copy the full SHA 3029312View commit details -
Added scenario files to showcase some forensic modules and a chrome h…
…istory example scenario file.
Configuration menu - View commit details
-
Copy full SHA for 00e1f78 - Browse repository at this point
Copy the full SHA 00e1f78View commit details
Commits on Apr 18, 2017
-
Added powershell local requires to SecGen metadata of all modules tha…
…t require powershell. Also added manifests directory that was not commited to remote branch with initial module commit.
Configuration menu - View commit details
-
Copy full SHA for b95c96c - Browse repository at this point
Copy the full SHA b95c96cView commit details -
Added .no_puppet module to ensure manifests directory is uploaded to …
…GitHub to avoid error.
Configuration menu - View commit details
-
Copy full SHA for 004c740 - Browse repository at this point
Copy the full SHA 004c740View commit details -
Fixed error caused by total_memory option whereby the wrong type was …
…not changed to the right type for a calculation in the packerfile (string -> int)
Configuration menu - View commit details
-
Copy full SHA for aba2e2b - Browse repository at this point
Copy the full SHA aba2e2bView commit details
Commits on Apr 20, 2017
-
no_files file added to ensure makeshift puppet module files directory…
… is synced to GitHub
Configuration menu - View commit details
-
Copy full SHA for 7c2e7f6 - Browse repository at this point
Copy the full SHA 7c2e7f6View commit details -
Added registry module to add registry keys and registry key values.
Also added access data registry viewer install module to view registry, although regedit.exe can be used instead.
Configuration menu - View commit details
-
Copy full SHA for d33b4f8 - Browse repository at this point
Copy the full SHA d33b4f8View commit details -
Encoding generators for hashes added: String input: MD5, SHA1, SHA256, SHA384, SHA512 File (path) input: MD5, SHA1
Configuration menu - View commit details
-
Copy full SHA for 7e26b36 - Browse repository at this point
Copy the full SHA 7e26b36View commit details
Commits on Apr 22, 2017
-
Added VM configuration options to help so machines can be provisioned…
… to a faster extent if the host computer is powerful enough.
Configuration menu - View commit details
-
Copy full SHA for 9383eef - Browse repository at this point
Copy the full SHA 9383eefView commit details
Commits on Dec 11, 2017
-
Configuration menu - View commit details
-
Copy full SHA for fe2a879 - Browse repository at this point
Copy the full SHA fe2a879View commit details -
Configuration menu - View commit details
-
Copy full SHA for a5571d6 - Browse repository at this point
Copy the full SHA a5571d6View commit details
Commits on Dec 13, 2017
-
Need to check that all files are necessary, some may be redundant/unused code.
Configuration menu - View commit details
-
Copy full SHA for b287d67 - Browse repository at this point
Copy the full SHA b287d67View commit details -
Install procmon (Windows process monitor).
Install is for windows machines and will automatically also install chocolatey.
Configuration menu - View commit details
-
Copy full SHA for 8805880 - Browse repository at this point
Copy the full SHA 8805880View commit details
Commits on Dec 15, 2017
-
Merge branch 'master-forensics-new' into master-main-forensic-merge
# Conflicts: # Gemfile # lib/templates/Vagrantfile.erb # secgen.rb
Configuration menu - View commit details
-
Copy full SHA for 8365d2c - Browse repository at this point
Copy the full SHA 8365d2cView commit details
Commits on Apr 30, 2018
-
Merge branch 'master' into master-main-forensic-merge
# Conflicts: # Gemfile # Gemfile.lock # secgen.rb
Configuration menu - View commit details
-
Copy full SHA for dc5a37d - Browse repository at this point
Copy the full SHA dc5a37dView commit details
Commits on May 21, 2018
-
Conflict and non user input module quick fix:
- Fixes conflicts with the main SecGen branch. - Also adds a fix for the chocolatey module (removes registry value as seems to be incompatable with current registry module function RegistryKeyEx) - Adds notify to show end of install for sqlite browser module Note: - Currently only non user input modules work with the new SecGen code, this seems to be due to a lack of a windows secgen_functions build module (current module only runs for linux) - The user input modules will be addressed in the next commit.
Configuration menu - View commit details
-
Copy full SHA for b5b2941 - Browse repository at this point
Copy the full SHA b5b2941View commit details