Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-11-03 22:12:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
2134 commits 9 branches 18 tags 393 MiB
Commit graph

769 commits

Author SHA1 Message Date
t3chn0m4g3
a28ee97f13 rebuild ciscoasa for alpine 3.13 2021-02-15 10:01:03 +00:00
t3chn0m4g3
f2c48d7efc bump cyberchef to latest release 2021-02-12 17:09:44 +00:00
t3chn0m4g3
039f3c115a update adbhoney image 2021-02-12 14:21:31 +00:00
t3chn0m4g3
80d9efa729 bump elk stack images to alpine 3.13 2021-02-12 13:54:42 +00:00
t3chn0m4g3
e5f29f3c90 bump elk stack to 7.11.0 2021-02-12 13:21:35 +00:00
t3chn0m4g3
ee3d667615 bump dionaea to 0.11.0 2021-01-19 10:59:32 +00:00
t3chn0m4g3
d2dc43e1ef Update internet IF retrieval 
To be consistent with @adepasquale PR #746 fatt, glutton and p0f Dockerfiles were updated accordingly.
 2021-01-06 17:05:09 +00:00
Andrea De Pasquale
b3b983afe6 Change method to get default Suricata interface 
On some systems, interface number 2 is not always the correct one.
With AWK we now collect the first active interface having both an
address and a broadcast.
 2021-01-06 11:14:24 +01:00
t3chn0m4g3
e1745bdea1 fix broken sqlite db 2020-12-28 21:49:28 +00:00
t3chn0m4g3
af6ce8854d bump elastic stack to 7.10.1 2020-12-10 15:20:18 +00:00
t3chn0m4g3
6069b214a5 bump ewsposter to 1.12 2020-12-10 11:40:53 +00:00
t3chn0m4g3
f3f9f6ae72 cleanup 2020-12-03 00:01:38 +00:00
t3chn0m4g3
bdf095367d prep for ewsposter 1.11 2020-12-02 23:21:23 +00:00
t3chn0m4g3
8a7e81815e prep for Elastic Stack 7.10.0 2020-12-02 22:36:17 +00:00
Andrea De Pasquale
87a27e4f2b Suricata: use suricata-update for rule management 
As a bonus we can now run "suricata-update" using docker-exec,
triggering both a rule update and a Suricata rule reload.
 2020-11-30 17:56:14 +01:00
Marco Ochse
2ecef8c607
enable MQTT 
as eagle eyed by @adepasquale
 2020-11-27 19:07:12 +01:00
Andrea De Pasquale
73a5847753 Suricata: update suricata.yaml config to 6.0.x 
Merge in the latest updates from suricata-6.0.x while at the same time
keeping the custom T-Pot configuration.

https://github.com/OISF/suricata/blob/suricata-6.0.0/suricata.yaml.in
 2020-11-26 19:16:01 +01:00
Marco Ochse
c976aea73e
Merge pull request #725 from adepasquale/suricata-yaml-5.x 
Suricata: update suricata.yaml config to 5.x
 2020-11-26 16:23:50 +01:00
t3chn0m4g3
4ada38988c bump cowrie to 2.2.0 2020-11-26 08:17:09 +00:00
Andrea De Pasquale
0010f99662 Suricata: disable eve.stats since it's unused 
Prevent the error below by disabling stats globally and in eve-log:

<Error> - [ERRCODE: SC_ERR_STATS_LOG_GENERIC(278)] - eve.stats: stats are disabled globally: set stats.enabled to true.
 2020-11-25 17:07:49 +01:00
Andrea De Pasquale
e2f76c44cb Suricata: update suricata.yaml config to 5.x 
Merge in the latest updates from suricata-5.x while at the same time
keeping the custom T-Pot configuration.

https://github.com/OISF/suricata/blob/master-5.0.x/suricata.yaml.in
 2020-11-25 15:51:41 +01:00
t3chn0m4g3
e26853c7fa bump suricata to 5.0.4 2020-10-28 17:53:23 +00:00
t3chn0m4g3
d64cbe6741 bump ipphoney to latest master 2020-10-28 17:34:28 +00:00
t3chn0m4g3
c3809b5a98 bump heralding to latest master 2020-10-28 17:27:09 +00:00
t3chn0m4g3
a3d40cc57c bump spiderfoot to 3.2.1 2020-10-28 17:08:55 +00:00
t3chn0m4g3
e3fda4d464 bump dionaea to 0.9.2 2020-10-28 16:45:53 +00:00
t3chn0m4g3
4bf245d13b bump conpot to latest master 2020-10-28 13:56:52 +00:00
t3chn0m4g3
92925cecbd bump dicompot to latest master 2020-10-27 21:30:33 +00:00
t3chn0m4g3
f204cdf9b8 bump elk to 7.3 2020-10-27 19:43:32 +00:00
t3chn0m4g3
ff4a394e3b reverting elk to 7.9.1 2020-10-15 12:24:46 +00:00
Marco Ochse
ce7b79b71a
Merge pull request #707 from brianlechthaler/patch-3 
Bump Elastic dependencies to 7.9.2
 2020-10-15 13:37:11 +02:00
t3chn0m4g3
b28cc2edd0 prepare for new ewsposter 2020-10-15 09:14:30 +00:00
Brian Lechthaler
84a741ec64
IMPORTANT: Fix Node Version 
Bump node version to `10.22.1-alpine`

**KIBANA WILL NOT WORK WITHOUT THIS**
 2020-10-07 13:53:21 -07:00
Brian Lechthaler
d351a89096
Bump Kibana version to 7.9.2 2020-10-04 18:05:16 -07:00
Brian Lechthaler
488da48df7
Bump Logstash version to 7.9.2 2020-10-04 18:04:15 -07:00
Brian Lechthaler
85da099cd0
Bump Elasticsearch to 7.9.2 2020-10-04 18:03:00 -07:00
Brian Lechthaler
b1d8e293de
add DockerHub back in cap filter 
see https://github.com/telekom-security/tpotce/pull/691#issuecomment-688648225
 2020-09-08 10:45:58 -07:00
Brian Lechthaler
7fdf9edb60
Update Suricata Capture Filter for New Docker Repo 2020-09-07 19:57:15 -07:00
t3chn0m4g3
0e7abb8d2c restore mibfix for conpot 2020-09-07 15:46:52 +00:00
t3chn0m4g3
1ee9c29805 set new container registry, point installer to branch 2020-09-04 13:29:14 +00:00
t3chn0m4g3
2e5639a50b fix links 2020-09-04 13:01:21 +00:00
listbot
47dca8b835 continue pin / prep images ghcr 2020-09-04 12:37:28 +00:00
listbot
1ac79d6be7 begin prep for move to GitHub Container Registry 
Start pinning Dockerfiles to specific releases / commits
 2020-09-02 15:18:32 +00:00
t3chn0m4g3
54a6a944aa prep for ipphoney 2020-08-25 12:25:59 +00:00
t3chn0m4g3
b86d2c715b prep for ipphoney 2020-08-24 21:36:08 +00:00
t3chn0m4g3
8f06b5b499 start prepping for ipphoney 2020-08-24 15:55:50 +00:00
t3chn0m4g3
6ec5a04802 fix deps issue with conpot 2020-08-24 15:55:10 +00:00
t3chn0m4g3
5080151b7c prep for elk 7.9 2020-08-24 10:35:46 +00:00
t3chn0m4g3
c1f7146800 prep elk stack for 7.9.0 2020-08-20 15:03:16 +00:00
t3chn0m4g3
743616fa09 update conpot to latest working master 2020-08-13 16:30:37 +00:00
t3chn0m4g3
6e18b6f660 bump elasticpot to latest master 2020-08-13 10:37:03 +00:00
t3chn0m4g3
50d67fc286 bump spiderfoot to 3.1 final 
Fix Spiderfoot issue not showing current scan
 2020-08-13 09:06:49 +00:00
t3chn0m4g3
c28642932a bump elk stack to 7.8.1 2020-08-13 08:34:44 +00:00
t3chn0m4g3
8af45c9440 prevent cowrie from unwanted log rotation 2020-07-07 00:00:57 +00:00
t3chn0m4g3
6d29f504df provide fix for #669 2020-07-06 23:30:11 +00:00
t3chn0m4g3
618ee3c6e9 tweaking 
add kibana export / import config function
ewsposter remove transmitting old elasticpot data (need update)
final export of all objects
 2020-06-29 10:45:33 +00:00
t3chn0m4g3
3a418534d8 tweaking 
random reboot times for crontab
remix compose files
some tweaking
 2020-06-28 20:03:14 +00:00
t3chn0m4g3
4e6510b5c7 dicompot tweaking 2020-06-27 00:37:12 +00:00
t3chn0m4g3
16a7cdb975 tweaking 
Update logstash config for new Dicompot fields
Revert Dionaea back to 0.8.0, latest master was unstable
 2020-06-26 23:48:48 +00:00
t3chn0m4g3
0031980416 cleanup and prepare for docker image rebuilds 2020-06-26 14:34:05 +00:00
t3chn0m4g3
6a98496e8c cleanup and prepare for docker image rebuilds 2020-06-25 22:58:23 +00:00
t3chn0m4g3
ec8f5d9b66 cleanup and prepare for docker image rebuilds 2020-06-25 16:14:37 +00:00
t3chn0m4g3
238a08b055 tweaking 
cleanup index-pattern
add dicompot log to logstash
 2020-06-24 13:21:29 +00:00
t3chn0m4g3
99d8cf9b32 fix for query fields 2020-06-24 10:22:09 +00:00
t3chn0m4g3
81c6351cf1 fix for keeping daily index 2020-06-23 21:40:38 +00:00
t3chn0m4g3
65e849cf33 bump elk stack to 7.8 2020-06-21 21:11:21 +00:00
t3chn0m4g3
a396356785 add honeysap logstash config 2020-06-19 22:53:56 +00:00
t3chn0m4g3
a7c653e7fe start integrating honeysap 2020-06-19 11:54:50 +00:00
t3chn0m4g3
697c5cb3f6 begin integration of dicompot 2020-06-18 16:38:43 +00:00
t3chn0m4g3
2882668826 Add a new elasticsearch honeypot 
adjust installer
adjust elasticpot configs to T-Pot's environment
create Dockerfile
adjust logstash config
update Readme
 2020-06-17 18:09:59 +00:00
t3chn0m4g3
27a5db9edf alpine 3.11 needs py3-pip in extra package 2020-06-16 11:28:56 +00:00
t3chn0m4g3
4cc1aa08c2 tweaking 
Bump ELK stack to 7.7.1
Install curator via pip
Some tweaks
 2020-06-08 21:56:16 +00:00
t3chn0m4g3
be918033e0 bump to ELK 7.7.0 2020-05-14 16:27:57 +00:00
t3chn0m4g3
680194adf7 prep for new listbot FQDN 2020-05-12 09:19:09 +00:00
Marco Ochse
be7afd8042
Merge pull request #636 from dtag-dev-sec/master 
merge master to dev
 2020-05-12 10:31:34 +02:00
Marco Ochse
fea6b8a646
correct typo 
fixes #635
 2020-05-11 17:21:22 +02:00
Marco Ochse
cbefe6a074
Update capture-filter.bpf 2020-04-22 17:49:59 +02:00
Marco Ochse
ed73d83317
Update update.sh 2020-04-22 17:48:32 +02:00
Marco Ochse
34bbbf59ac
Update Dockerfile 2020-04-22 17:16:19 +02:00
Marco Ochse
a6c8d3d712
Update Dockerfile 2020-04-22 17:15:44 +02:00
Marco Ochse
1a7b3b3795
Load listbot data from OTC 2020-04-22 16:50:41 +02:00
t3chn0m4g3
73e1842c16 offload listbot from netlify CDN 2020-04-02 13:12:11 +00:00
t3chn0m4g3
2201e072f6 testing honeysap 2020-03-12 16:02:43 +00:00
t3chn0m4g3
fb06c46793 Merge branch 'dev' of https://github.com/dtag-dev-sec/tpotce into dev 2020-03-09 10:44:36 +00:00
t3chn0m4g3
f76d8ab161 update delivery window 2020-03-09 10:43:52 +00:00
Marco Ochse
a256ecedc8
Merge branch 'master' into dev 2020-03-09 11:20:39 +01:00
t3chn0m4g3
fb3777141b tanner, prepare merger w/ master 2020-03-09 09:44:26 +00:00
t3chn0m4g3
a18304dfdc tanner, prepare merger w/ master 2020-03-09 09:35:19 +00:00
t3chn0m4g3
6a703544c6 tweaking 2020-03-05 23:58:27 +00:00
t3chn0m4g3
941a0e1587 tweaking 2020-03-05 23:22:03 +00:00
t3chn0m4g3
692a21ddb1 tanner tweaking and testing 
include unsecure, fix name bug
 2020-03-05 23:12:49 +00:00
t3chn0m4g3
df22adb45d bump elk stack to 7.6.1 2020-03-05 21:20:11 +00:00
t3chn0m4g3
07c68c85bb tweaking 2020-03-04 14:36:03 +00:00
t3chn0m4g3
a4227e6a9f tweaking 2020-03-04 12:12:12 +00:00
t3chn0m4g3
3b8c959c66 tweaking 2020-03-03 12:30:57 +00:00
t3chn0m4g3
5d7a6f3270 tweaking 2020-03-02 15:23:05 +00:00
t3chn0m4g3
53e9470d58 cleanup 2020-02-27 10:35:50 +00:00
t3chn0m4g3
bf7d1299ca tweaking 2020-02-26 14:22:48 +00:00
t3chn0m4g3
70dca02ce4 tweaking 2020-02-25 16:59:22 +00:00
t3chn0m4g3
6bfcf8b1c4 tweaking 2020-02-24 16:43:34 +00:00
t3chn0m4g3
bd0e6936eb bump heralding to latest master 
fixed by https://github.com/johnnykv/heralding/issues/129#event-3058184614
 2020-02-21 11:38:29 +00:00
t3chn0m4g3
545209dce6 fix for honeytrap 2020-02-15 15:40:47 +00:00
t3chn0m4g3
153f7be9dc cleanup 2020-02-14 17:26:53 +00:00
t3chn0m4g3
faa5667246 bump adbhoney, cowrie, honeytrap to 20.06 2020-02-14 17:22:30 +00:00
t3chn0m4g3
f11ad6b523 tweaking 
ELK 7.6.0 is not ready for production, however it works if APM is enabled (disabled in config, so image wont build as precaution)
Remove SISSDEN from ewsposter, suricata
Bump suricata to 5.0.1
Alpine now support suricata incl. enabled JA3 support, move back to Alpine install
 2020-02-14 15:28:06 +00:00
Marco Ochse
b31225b97c
Merge pull request #524 from pisces-period/pisces-period-cowrie-patch 
make Dockerfile compatible with any Python version
 2020-02-03 17:17:25 +01:00
t3chn0m4g3
ad861200de update mailoney 2020-02-03 14:46:43 +00:00
t3chn0m4g3
5ce5911ec1 cleanup 2020-02-03 12:59:21 +00:00
t3chn0m4g3
b9da9f04af adjust default field 2020-02-03 12:18:43 +00:00
t3chn0m4g3
984ba958fb logstash template not upgraded 
with daily index enabled logstash will not be able to put new events into ES
simple solution, just deleting logstash template upon logstash start and leave it to logstash to upload the latest template
.
 2020-02-01 14:08:23 +00:00
t3chn0m4g3
64729f5064 remove ilm support, breaks existing index at upgrade 2020-01-31 15:50:34 +00:00
t3chn0m4g3
5a4724bcba elk 7.x dev test 2020-01-31 14:21:55 +00:00
t3chn0m4g3
64907a2eba random loop timer ewsposter 2020-01-30 11:07:28 +00:00
t3chn0m4g3
fa0fdbb579 prepare for ELK migration to 7.x 2020-01-29 14:21:40 +00:00
t3chn0m4g3
33222a92b6 finish heimdall integration 2020-01-27 17:03:44 +00:00
t3chn0m4g3
62b519999e tweaking 2020-01-24 15:38:00 +00:00
t3chn0m4g3
8b19228d99 tweaking heimdall, read only for now 2020-01-24 15:16:25 +00:00
t3chn0m4g3
2d16a9c9f6 tweaking new landing page 2020-01-24 14:14:09 +00:00
t3chn0m4g3
95a075e764 start working on new landing page 2020-01-24 02:21:33 +00:00
pisces-period
dc75b5567a
make Dockerfile compatible with any Python version 
adding a temporary variable to store the current (updated) version of Python, thus fixing the situation where the version is != 3.7 (e.g. Alpine python package at version 3.8.1-r1), causing lines 39-41 to break in the original code (install path is hard-coded at 3.7).
 2020-01-23 17:42:48 +01:00
t3chn0m4g3
f110eb08b0 prepare for mailoney json logging 2020-01-22 12:17:30 +00:00
t3chn0m4g3
1d0aad3b34 tweak logstash.conf for citrixhoneypot 2020-01-16 18:04:29 +00:00
t3chn0m4g3
a6ed6613a5 prepare citrixhoneypot for ELK integration 2020-01-16 15:13:58 +00:00
t3chn0m4g3
a953542f8f rebase citrixhoneypot 2020-01-16 10:29:58 +00:00
t3chn0m4g3
be3e998a92 prepare citrixhoneypot for JSON logging 2020-01-15 13:59:11 +00:00
t3chn0m4g3
8a844e6dd3 prepare for CitrixHoneypot 2020-01-15 12:14:23 +00:00
t3chn0m4g3
755cbb77db prepare for citrixhoneypot 2020-01-15 10:37:48 +00:00
t3chn0m4g3
2ed0f939d1 rebuild, tweak spiderfoot 2020-01-03 17:04:18 +00:00
t3chn0m4g3
af3ef271d4 rebuild cyberchef 2020-01-03 16:25:33 +00:00
t3chn0m4g3
3713139fc6 rebuild snare, tanner 2020-01-03 14:06:29 +00:00
t3chn0m4g3
0928e37326 rebuild Dionaea, Heralding 2020-01-02 17:37:08 +00:00
t3chn0m4g3
7c5fc000c0 rebuild fatt 2019-12-27 20:52:23 +00:00
t3chn0m4g3
64628c1293 rebuild rdpy 2019-12-27 20:09:15 +00:00
t3chn0m4g3
29d223865f tweaking, rebuild honeypy 2019-12-27 19:58:22 +00:00
t3chn0m4g3
1442a257e5 conpot tweaking 2019-12-27 18:34:13 +00:00
t3chn0m4g3
a1d903db01 bump conpot to latest master 2019-12-27 16:21:12 +00:00
t3chn0m4g3
02bdc8194a bump adbhoney to latest master with py3 support 2019-11-21 13:56:38 +00:00
t3chn0m4g3
78135df9e7 Bump Suricata to 5.0.0 2019-10-22 15:20:23 +00:00
t3chn0m4g3
3d85ca94f1 bump cowrie to v2.0.0 2019-10-21 20:59:36 +00:00
t3chn0m4g3
6921857573 bump heralding to latest master 2019-10-16 14:46:58 +00:00
t3chn0m4g3
42c19e4d81 bump glutton, tune down noisy log 2019-10-15 14:50:39 +00:00
t3chn0m4g3
b9fb3d4695 tune down noisy log 2019-10-15 07:49:30 +00:00
t3chn0m4g3
487ce4bed5 bump ewsposter to latest master 2019-09-21 12:09:17 +00:00
t3chn0m4g3
24ac6d203f bump medpot to latest master 2019-08-28 14:52:25 +00:00
t3chn0m4g3
08ff1377fd prep mailoney rebuild 2019-08-28 14:41:35 +00:00
t3chn0m4g3
42c57636b9 prep honeytrap rebuild 2019-08-28 14:34:20 +00:00
t3chn0m4g3
c86d6f15af prep rebuild for elasticpot 2019-08-28 14:12:52 +00:00
t3chn0m4g3
670dddfea0 bump nginx to 1.16.1 2019-08-28 14:09:16 +00:00
t3chn0m4g3
2132f80988 prep rebuild for ciscoasa 2019-08-28 13:59:41 +00:00
t3chn0m4g3
cae95ebe20 bump adbhoney to latest master 2019-08-28 12:46:19 +00:00
t3chn0m4g3
66bb9443f9 bump elk stack to 6.8.2 2019-08-28 11:49:03 +00:00
t3chn0m4g3
bc6e94d329 spiderfoot, head bump to latest master 2019-08-16 17:29:41 +00:00
t3chn0m4g3
78d9d1f7c7 bump cyberchef to latest master 2019-08-16 17:14:58 +00:00
t3chn0m4g3
f1275e5b07 fix 2019-08-16 16:55:36 +00:00
Marco Ochse
4164b75bea
Fixed 
DockerHub already uses 3.7
 2019-08-16 17:59:05 +02:00
Marco Ochse
c2afdc0f1f
Fix for DockerHub 
Works just fine on local build.
 2019-08-16 17:46:17 +02:00
t3chn0m4g3
e0427cfc21 bump tanner to latest master 2019-08-16 14:43:10 +00:00
t3chn0m4g3
786ab5c082 adjust dionaea, fixes #435 2019-08-16 12:18:28 +00:00
t3chn0m4g3
bf39c0f5b2 bump elastic stack to 6.7.2 2019-08-15 15:38:12 +00:00
t3chn0m4g3
364831ae58 fix cd 2019-08-15 08:32:04 +00:00
t3chn0m4g3
31d7707d19 download instead of git pull 
download translation maps rather than running a git pull
translation maps will now be bzip2 compressed to reduce traffic to a minimum
fixes #432
 2019-08-14 14:43:47 +00:00
t3chn0m4g3
28f5491977 bump suricata to 4.1.4 2019-06-07 13:00:20 +00:00
t3chn0m4g3
5e22afd10b finalize fatt support 2019-06-04 14:21:35 +00:00
t3chn0m4g3
8b03fb8f28 remove glastopf 2019-06-03 20:04:50 +00:00
t3chn0m4g3
bbf226aeda remove glastopf 2019-06-03 19:57:50 +00:00
t3chn0m4g3
a7e553efe9 still working on fatt 2019-06-03 16:13:58 +00:00
t3chn0m4g3
f870c8e885 continue working on fatt 2019-06-03 10:22:07 +00:00
t3chn0m4g3
4e902b6560 add fatt to nextgen 2019-06-01 17:47:14 +00:00
t3chn0m4g3
d3239b78c4 start working on fatt 2019-05-31 17:52:39 +00:00
listbot
867bda6ad7 increase number of fields limit 
#382
 2019-05-31 15:34:29 +00:00
listbot
b658a01637 fixes #381 2019-05-26 09:47:20 +00:00
Marco Ochse
efdd2fc11d
optimize build 2019-05-25 19:35:03 +02:00
listbot
c09547e3a4 adjust group and permissions for /data 2019-05-08 11:16:48 +00:00
t3chn0m4g3
d4654f2bbc prepare for hpfeeds opt in 2019-04-01 07:42:24 +00:00
t3chn0m4g3
c0d0e016e6 tweaking 
Update Heralding to support SOCKS5
Correct Readme
Resize tped.sh
 2019-03-27 13:39:23 +00:00
t3chn0m4g3
20711cb633 clean up 2019-03-26 16:30:14 +00:00
t3chn0m4g3
c7e9015a5a Bump Suricata to 4.1.3 
Build with Rust
Enable JA3
Enable more protocols
Improve payload logging
... and more.
 2019-03-26 16:26:47 +00:00
t3chn0m4g3
349982baf7 update ewsposter 2019-03-20 14:43:21 +00:00
t3chn0m4g3
e8d8773863 tweaking 2019-03-19 11:08:23 +00:00
t3chn0m4g3
573ceb98a1 bump elk stack to 6.6.2, replace wget with aria2 to speed up d/l 2019-03-15 22:23:30 +00:00
t3chn0m4g3
5dae44b5e9 prepare for sissden opt-in 2019-03-15 15:59:02 +00:00
Marco Ochse
86715ccf7c
hpfeeds ca cert sissden 2019-03-15 13:38:19 +01:00
t3chn0m4g3
2b7d8ee01e update ewsposter 2019-03-13 22:04:07 +00:00
t3chn0m4g3
0b92b56c55 store data as ascii, adjust config 2019-03-13 21:13:36 +00:00
t3chn0m4g3
6f30322ad5 prepare for honeypy 2019-03-10 18:15:59 +00:00
t3chn0m4g3
d9e5331a84 fix #313 2019-03-09 21:25:58 +00:00
t3chn0m4g3
bfa54853ab add honeypy docker 2019-03-08 21:32:09 +00:00
t3chn0m4g3
869f05ca8b cleanup 2019-03-01 21:08:36 +00:00
t3chn0m4g3
8d59602a75 tweaking 2019-03-01 13:57:21 +00:00
listbot
e1fe025dd7 remove fallback 2019-02-28 21:03:07 +00:00
listbot
6467a03d19 fix suricata ref location 2019-02-28 20:59:20 +00:00
listbot
65f242d322 cleanup 2019-02-28 15:01:12 +00:00
listbot
728607a2da bump elk stack to 6.6.1 2019-02-28 14:52:42 +00:00
t3chn0m4g3
06ccf17c5f add openssl 2019-02-26 13:25:06 +00:00
t3chn0m4g3
32043158bf bump cowrie to 1.5.3 2019-02-26 13:07:07 +00:00
t3chn0m4g3
00f068980e pin nginx to tls v1.3 2019-02-26 07:55:42 +00:00
t3chn0m4g3
9664d7b6c3 kibana pin to alpine 3.8 2019-02-25 15:49:26 +00:00
t3chn0m4g3
4e34e5c77d cyberchef pin to alpine 3.8 2019-02-25 15:28:54 +00:00
t3chn0m4g3
28d6487ff5 rdpy fix dockerfile alpine 3.9 2019-02-25 15:12:48 +00:00
t3chn0m4g3
238fc05854 glastopf fix dockerfile alpine 3.9 2019-02-25 14:48:43 +00:00
t3chn0m4g3
fd150699f2 heralding fix dockerfile alpine 3.9 2019-02-25 13:55:46 +00:00
Marco Ochse
ec30cf89b9
Update Dockerfile 2019-02-06 17:11:08 +01:00
Marco Ochse
a0fcc62bf1
Fix names for Suricata daemons 2019-02-06 16:15:51 +01:00
t3chn0m4g3
4754526884 bump elk stack to 6.5.4 2019-01-14 20:41:08 +00:00
Marco Ochse
2fa03671e2
Bump to 8.20.0 2019-01-10 10:33:24 +01:00
t3chn0m4g3
526674b5e0 fix build for tanner testing 2018-12-12 08:48:45 +00:00
t3chn0m4g3
c4bae5f715 bump elk stack to 6.5.2 2018-12-10 17:25:46 +00:00
t3chn0m4g3
9f905f70de prepare for new release 
fix for installer, now always pointing to master repo
include adbhoney and dashboard
 2018-12-07 17:50:39 +01:00
t3chn0m4g3
c7873554c3 prepare for adbhoney 2018-12-05 16:59:08 +00:00
t3chn0m4g3
223aed6676 bump cyberchef to 8.12.3 2018-12-03 10:58:44 +00:00
Marco Ochse
e939bb3545
Update README.md 2018-11-24 01:13:26 +01:00
t3chn0m4g3
1c8074bce3 update docs, screenshots 2018-11-24 01:05:21 +01:00
t3chn0m4g3
aa17604a7a change defaults for kibana.yml 2018-11-23 22:32:11 +00:00
t3chn0m4g3
5e8345695f bump elk stack to 6.5.1 
fix docker hub build
 2018-11-22 23:18:59 +00:00
t3chn0m4g3
d6a700d2b2 fix conpot 2018-11-21 12:36:13 +00:00
t3chn0m4g3
b978065a43 fix ewsposter deps 2018-11-21 10:29:03 +00:00
t3chn0m4g3
9a834c5607 avoid error on docker hub 2018-11-21 10:06:30 +00:00
t3chn0m4g3
ece169dd76 update docker-compose files 2018-11-21 09:26:31 +00:00
t3chn0m4g3
ed921d31f8 cleaning up 2018-11-19 12:34:07 +00:00
t3chn0m4g3
53383f7313 rename fields 2018-11-19 11:33:00 +00:00
listbot
7d7bdd27c1 open links in new window or tab 2018-11-15 10:17:29 +00:00
t3chn0m4g3
5754c79086 clean up log sources 2018-11-13 15:46:57 +00:00
t3chn0m4g3
106193fac5 fix for CVE-2018-17244 2018-11-09 14:36:54 +00:00
t3chn0m4g3
89a1553429 add trailing slash 2018-10-30 09:06:59 +00:00
t3chn0m4g3
fb012ae683 tls v1.3 testing 2018-10-29 15:39:22 +00:00
t3chn0m4g3
c46d3e4f6f bump elk to 6.4.2 2018-10-12 16:07:20 +00:00
t3chn0m4g3
0c86bd9a5a tweaking 2018-09-11 12:19:26 +00:00
t3chn0m4g3
992d453b9a medpot tweaking 2018-09-11 07:59:14 +00:00
t3chn0m4g3
f0f6981f34 add medpot to ELK 2018-09-10 01:15:21 +00:00
t3chn0m4g3
39fb972589 add medpot 
great work by @schmalle, thank you!
 2018-09-09 18:00:59 +00:00
Marco Ochse
6869ceb548
Update Dockerfile 2018-09-04 22:51:41 +02:00
t3chn0m4g3
47ab206f68 clean up dockerfile, prepare for s 2018-09-04 15:28:46 +00:00
t3chn0m4g3
660a046bcc tweaking 2018-09-03 20:13:29 +00:00
t3chn0m4g3
0abb518177 update glutton 2018-09-03 13:33:54 +00:00
t3chn0m4g3
28fd8532b5 upstream changes 2018-08-30 16:26:53 +00:00
t3chn0m4g3
a4ead73672 cleanup 2018-08-30 16:20:03 +00:00
t3chn0m4g3
5fcb7ed4ce glutton structured json logging 2018-08-30 16:19:11 +00:00
t3chn0m4g3
64fed3d15b tweaking 2018-08-29 10:54:30 +00:00
listbot
775c7aeb95 conpot cleanup 2018-08-28 13:47:20 +00:00
Marco Ochse
79bb324a4a
rename conpot fields to match index pattern 2018-08-28 13:30:58 +02:00
Marco Ochse
d19d3823f6
prevent status field from being indexed as string 2018-08-28 12:41:11 +02:00
listbot
59c8c5b34c bump ELK to 6.4.0 
YES! Index patterns can finally exported through Kibana! A joy to the ELK world :-)
 2018-08-24 17:07:00 +00:00
listbot
ea1bf604c8 tweaking conpot 2018-08-24 16:01:27 +00:00
listbot
d02e34764e bump conpot to 0.6.x 2018-08-22 13:43:27 +00:00
t3chn0m4g3
5ce77c6f60 snare tweaking, change ports 2018-08-21 18:30:37 +00:00
listbot
6b77e64ff4 tweaking updater, conpot 2018-08-20 15:06:10 +00:00
t3chn0m4g3
e2613e7d17 add 10 personas for snare 2018-08-14 14:20:55 +00:00
t3chn0m4g3
f6a30dd973 update ews.cfg 2018-08-08 11:58:26 +00:00
t3chn0m4g3
3d259bbc34 tanner finetuning 2018-08-08 11:49:32 +00:00
t3chn0m4g3
00e909ea24 bump tanner to 0.6.0 2018-08-07 09:33:38 +00:00
t3chn0m4g3
78adc5a0e1 bump snare to 0.3.0 2018-08-02 22:17:03 +00:00
t3chn0m4g3
a6d996d016 fix kibana ci color for highlighted elements 2018-08-02 17:36:11 +00:00
t3chn0m4g3
a5f027e896 update glutton 2018-08-02 14:52:50 +00:00
t3chn0m4g3
67d5c5a26c get FQDN for ES head from open window 2018-08-01 20:09:05 +00:00
t3chn0m4g3
7945961cee Bump ELK to 6.3.2 2018-07-31 14:31:49 +00:00
t3chn0m4g3
0373d7145d Update Dionaea to version 0.8.0 
Thanks to @Dbof for noticing and supplying #222
 2018-07-31 13:31:50 +00:00
listbot
d91714cdf2 add cyberchef as tool 2018-07-12 09:03:33 +00:00
t3chn0m4g3
38112755ce Fix ci logo 2018-06-28 12:30:27 +00:00
t3chn0m4g3
00482df95b Bump ELK Stack to 6.3.0 2018-06-26 17:34:14 +00:00
Marco Ochse
b8a650002e
Update favicon 2018-06-26 12:09:23 +02:00
Marco Ochse
804f47f7ab
Fix IPv6 error 
fix an error where upstream site is not found while trying to connect with both IPv4 and IPv6. Setting `localhost` to `127.0.0.1` fixes it.
 2018-06-26 10:19:35 +02:00
Marco Ochse
b19aa6d5c8
update favicon 2018-06-26 10:09:33 +02:00
Marco Ochse
cd55b3c51f update logfile for tanner in ews 2018-06-24 23:16:19 +02:00
Marco Ochse
1dd57d8022 NGINX logs are in /data/nginx/log/ 
Syslog should be viewed in Cockpit now, storing events of Syslog in ELK
is ineffective
 2018-06-24 03:24:51 +02:00
t3chn0m4g3
a13f06f33d update ews for tanner 2018-06-23 22:10:55 +00:00
t3chn0m4g3
d6077792b9 continue working on installer 
remove portainer
remove wetty
remove netdata
add cockpit
tweak fail2ban for cockpit, sshd, nginx
update logo to 18.10
remove configs with regard to portainer, wetty, netdata
adjust packages for install.sh, preseed
 2018-06-23 21:23:33 +00:00
Marco Ochse
d047d1edbb
disable 3rd party plugins 
At least one of them was corrupt on Github which seems unlikely, hence not trustworthy
 2018-06-13 19:20:52 +02:00
Marco Ochse
eb6e877ae4
Clone Dionaea 0.7.0 instead master 2018-06-13 18:51:27 +02:00
Marco Ochse
42577b6016 Editions 
start work on new editions
 2018-06-07 16:39:13 +02:00
Marco Ochse
09ad1941b7 just a push 2018-06-07 12:38:46 +00:00
Marco Ochse
e901334748 change repo 2018-06-05 13:50:37 +00:00
Marco Ochse
bf6fd94ea9 merge hpfeeds changes from vorband 2018-06-05 14:14:41 +02:00
Marco Ochse
52ecc767f8 performance tweak template 2018-06-04 16:05:22 +00:00
Marco Ochse
650b4a9b51 clean up 2018-06-04 13:45:09 +00:00
Marco Ochse
e8621fbba1 tweaking 2018-06-04 13:43:59 +00:00
Marco Ochse
e211a19c37 change ports, add emu_scripts.yaml, tweaking 2018-06-04 11:29:25 +00:00
Marco Ochse
fbc11fa12c add hpfeeds broker for testing 2018-05-30 15:46:18 +00:00
Marco Ochse
62b02a7500 add hpfeeds support 2018-05-30 11:20:55 +00:00
Marco Ochse
37424eb541 cleanup 2018-05-29 12:06:20 +00:00
Marco Ochse
72313a600d include tanner patterns, tweaking 2018-05-29 12:05:07 +00:00
Marco Ochse
428ee43c18 prepare for tanner 2018-05-28 21:46:51 +00:00
Marco Ochse
cabd5a3941 cleanup 2018-05-28 21:46:26 +00:00
Marco Ochse
a4bfa08393 tweaking 2018-05-28 21:45:43 +00:00
Marco Ochse
5b11952899 cleanup 2018-05-28 16:43:32 +00:00
Marco Ochse
1b0d11177b prepare for snare, tanner 2018-05-28 16:42:39 +00:00
Marco Ochse
4bbc63fd02 begin with hardening, tweaking 2018-05-28 16:36:02 +00:00
Marco Ochse
88e252fbfb tanner, snare, deps 2018-05-26 23:09:31 +00:00
Marco Ochse
1b5e39e448 tweaking 2018-05-25 16:19:15 +00:00
Marco Ochse
b406c9b4e0 include hpfeeds support 
thank you @vorband
 2018-05-25 16:18:05 +00:00
Marco Ochse
35221f56c9 tweaking 2018-05-23 14:18:46 +00:00
Marco Ochse
2f8cbcb2d1 tweaking 2018-05-23 14:16:37 +00:00
Marco Ochse
e1c806ebe8 tweaking 2018-05-23 14:16:13 +00:00
Marco Ochse
2128c6a2b0 tweaking 2018-05-23 13:30:26 +00:00
Marco Ochse
38fce345cf tweaking 
fix condition when no internet connection is available
check internet connection before download of rules and avoid errors
check internet connection before setting up capture filters (with FQDNs, resulted in endless restart of suricata) and unset capture filters if no internet connection is available
 2018-05-23 13:02:19 +00:00
Marco Ochse
fbe1fff088 let mailoney run on tcp/25 within container 2018-05-23 07:58:01 +00:00
Marco Ochse
4e8d629b63 tweaking, fix build error 2018-05-19 22:01:03 +00:00
Marco Ochse
a07776d16c tweaking 2018-05-19 21:35:24 +00:00
Marco Ochse
551a3c2168 tweaking 2018-05-19 21:20:32 +00:00
Marco Ochse
52cf2a6094 tweaking 2018-05-19 21:18:35 +00:00
Marco Ochse
7638fb89d6 tweaking 2018-05-19 21:02:52 +00:00
Marco Ochse
84c51afe17 tweaking, hardening 2018-05-19 20:40:01 +00:00
Marco Ochse
eb55ad5870 tweaking 2018-05-19 19:43:02 +00:00
Marco Ochse
48b8915689 hardening 2018-05-19 19:13:03 +00:00
Marco Ochse
779dc7fc7e cleanup 2018-05-18 21:26:15 +00:00
Marco Ochse
0e64b48388 turn logging noiselevel down 2018-05-18 20:47:54 +00:00
Marco Ochse
77cd9df8f7 hardening 2018-05-18 20:05:52 +00:00
Marco Ochse
114997308b tweaking, hardening 2018-05-18 16:05:28 +00:00
Marco Ochse
913cccf98a tweaking 2018-05-18 15:50:01 +00:00
Marco Ochse
4fde6ac15f tweaking, hardening 2018-05-18 15:40:07 +00:00
Marco Ochse
b151397d85 fix some compile errors, tweaking 2018-05-17 17:38:09 +00:00
Marco Ochse
3e4985da8c tweaking 2018-05-16 16:37:41 +00:00
Marco Ochse
e72ef5c094 finetuning, tweaking 2018-05-16 16:37:10 +00:00
Marco Ochse
5447978191 finetuning, tweaking 2018-05-16 14:57:52 +00:00
Marco Ochse
842bec2cb3 tweaking 2018-05-15 20:49:06 +00:00
Marco Ochse
213c3c8566 tweaking 2018-05-15 20:30:44 +00:00
Marco Ochse
4e1340ab9e reduce image size 2018-05-15 19:42:21 +00:00
Marco Ochse
6119c3a30a tweaking 2018-05-15 16:24:10 +00:00
Marco Ochse
aa5751ac20 reduce ciscoasa image size 2018-05-15 15:56:00 +00:00
Marco Ochse
3bea740632 tweaking 2018-05-09 16:43:37 +00:00
Marco Ochse
731e18d083 tweaking 2018-05-09 14:29:06 +00:00
Marco Ochse
94af9493b1 heralding tweaking 2018-05-07 20:25:00 +00:00
Marco Ochse
3b852385d3 tweaking 2018-05-07 10:19:40 +00:00
Marco Ochse
a5745cbeb1 tweaking 2018-05-07 10:17:33 +00:00
Marco Ochse
85aa874f5e tweaking 2018-05-04 21:31:33 +00:00
Marco Ochse
b1fbcd9532 tweaking, hardening 2018-05-04 16:29:55 +00:00
Marco Ochse
915d3f1b89 ciscoasa tweaking, viz and dashboard finished 2018-04-28 12:26:27 +00:00
Marco Ochse
40244d3bcb ciscoasa, tweaking, hardening, logging, logstash 2018-04-27 23:10:45 +00:00
Marco Ochse
a944925124 tweaking 2018-04-26 15:18:23 +00:00
Marco Ochse
dbd78921c9 ci colors 2018-04-24 14:03:57 +00:00
Marco Ochse
4bac26bef9 set magenta color 2018-04-23 17:16:17 +00:00
Marco Ochse
5e5723334e add kibana visualization fixes 
thank you @robcowart
 2018-04-23 12:29:38 +00:00
Marco Ochse
89d31ffbe0 finalize elk6.x docker images 
continue working on elk6.x helper scripts
cleaning up
 2018-04-20 21:22:46 +00:00
Marco Ochse
fd40fc96a6 elk 6.x 
start adjusting helper scripts for elk 6.x
migrate patterns, dashboards, viz, search, etc.
tweaking
 2018-04-19 22:38:45 +00:00
Marco Ochse
6e072980a0 start on elk6.x 2018-04-18 15:21:32 +00:00
Marco Ochse
004af6dec7 tweaking glutton, signals 2018-04-17 13:54:57 +00:00
Marco Ochse
d1756fa934 playing with signals 2018-04-16 23:25:50 +00:00
Marco Ochse
446880de55 tweaking 2018-04-16 22:05:16 +00:00
Marco Ochse
edfd5eaa5b tweaking glutton, automatic iptables rules 2018-04-16 12:39:46 +00:00
Marco Ochse
83fbc3eee0 start working on glutton 2018-04-13 18:22:49 +00:00
Marco Ochse
13c56c6ea1 tweaking, hardening 2018-03-31 21:44:11 +00:00
Marco Ochse
2f6a8014bc tweaking, hardening 2018-03-31 15:18:28 +00:00
Marco Ochse
4ee334aee8 tweaking 2018-03-30 21:47:59 +00:00
Marco Ochse
5c403a5cce tweaking, hardening 2018-03-30 20:54:44 +00:00
Marco Ochse
594361a056 tweaking 2018-03-30 17:17:17 +00:00
Marco Ochse
df6e4dcd44 update logrotating, cleanup.sh, add Suricata ET Pro support, tweaking 2018-03-30 16:41:46 +00:00
Marco Ochse
201aa85e68 rdpy add shuffle 2018-03-29 21:45:55 +00:00
Marco Ochse
640f8e85fb prepare some fixes, tweaking 2018-03-29 20:56:11 +00:00
Marco Ochse
136e741334 tweaking 2018-03-29 16:21:00 +00:00
Marco Ochse
8257ae0a09 tweaking 2018-03-25 20:58:46 +00:00
Marco Ochse
c9a33870ff prep for 18.04 2018-03-25 18:35:32 +00:00
Marco Ochse
fc0f3ad0fb update conpot, pull from master 2018-02-27 17:49:58 +00:00
Marco Ochse
7a507156bd finetuning nginx 2018-02-26 17:55:56 +00:00
Marco Ochse
2f063b28c0 start work on ciscoasa honeypot 2018-02-20 17:40:34 +00:00
Marco Ochse
50fab2207c prepare for wetty docker image 2018-02-19 16:47:59 +01:00
Marco Ochse
46c92047cb prepare for nginx docker image 2018-02-16 15:17:34 +01:00
Marco Ochse
d2f1a27908 update elk stack to 5.6.5 2018-01-15 13:34:17 +00:00
Marco Ochse
c28dfa6bc7 update elk stack to 5.6.5 2018-01-15 13:33:48 +00:00
Marco Ochse
44731a54bf add py-requests 
per request issue #165
 2018-01-15 13:13:02 +00:00
Marco Ochse
a995358d21 finetuning dionaea config 2018-01-10 15:22:48 +00:00
Marco Ochse
78feb12d5a
Update config for Mailoney, RDPY, VNClowpot 2017-11-17 15:29:16 +01:00
Marco Ochse
f2f2fcdd57 update documentation 2017-10-23 15:08:37 +02:00
Marco Ochse
fb37cb6152 Continue cleaning up and update documentation 2017-10-23 14:56:37 +02:00
Marco Ochse
50d1c212ad Continue cleaning up 2017-10-23 13:10:47 +02:00
Marco Ochse
46264774b3 Start cleaning up and update documentation 2017-10-23 13:02:04 +02:00
Marco Ochse
70f75d51ee remove listbot sources 2017-10-21 16:32:14 +02:00
Marco Ochse
f2880ec3d6 refine ip matching 
fix regex to only match IPs at the beginning of a line
 2017-10-21 16:00:03 +02:00
Marco Ochse
8e3967f2e1 disable netdata version check 2017-10-13 21:25:11 +00:00
Marco Ochse
c2c76459a1 fix rdpy dep 2017-10-13 20:41:24 +00:00
Marco Ochse
0d5d80b1e3 include docker repos 
... skip emobility since it is a dev repo
 2017-10-13 18:58:14 +00:00