Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-28 19:28:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
1465 commits 8 branches 18 tags 388 MiB
Commit graph

1465 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sebastian Haderecker
2fb51f3b3a
Add MEDICAL to tpot.conf.dist 2021-01-08 11:31:58 +01:00
t3chn0m4g3
d2dc43e1ef Update internet IF retrieval 
To be consistent with @adepasquale PR #746 fatt, glutton and p0f Dockerfiles were updated accordingly.
 2021-01-06 17:05:09 +00:00
Marco Ochse
db73a0656e
Merge pull request #746 from adepasquale/master 
Change method to get default Suricata interface

@adepasquale Thanks again!
 2021-01-06 17:45:32 +01:00
Andrea De Pasquale
b3b983afe6 Change method to get default Suricata interface 
On some systems, interface number 2 is not always the correct one.
With AWK we now collect the first active interface having both an
address and a broadcast.
 2021-01-06 11:14:24 +01:00
Marco Ochse
273cab4759
Update general-issue-for-t-pot.md 2021-01-05 16:03:42 +01:00
t3chn0m4g3
e1745bdea1 fix broken sqlite db 2020-12-28 21:49:28 +00:00
t3chn0m4g3
c34570f665 remove docker parallel pulls 2020-12-28 20:54:09 +00:00
t3chn0m4g3
020cbb5355 avoid ghcr.io because of slow transfers 2020-12-28 20:37:47 +00:00
t3chn0m4g3
aea14c9ead docker pull background 2020-12-28 17:46:05 +00:00
t3chn0m4g3
b57f6ddd1e remove netselect-apt 
causes too many unpredictable errors
#733 as the latest example
 2020-12-28 10:40:19 +00:00
t3chn0m4g3
af6ce8854d bump elastic stack to 7.10.1 2020-12-10 15:20:18 +00:00
t3chn0m4g3
6069b214a5 bump ewsposter to 1.12 2020-12-10 11:40:53 +00:00
Marco Ochse
252051dfe7
Merge pull request #731 from shaderecker/patch-1 
More Python 3 stuff
 2020-12-04 15:41:27 +01:00
Sebastian Haderecker
f9fa1bcc74 Fix setup on Debian 
On Debian there are not the same preinstalled packages as on Ubuntu.
Fix the compilation of netifaces, which requires gcc and python3-dev.
 2020-12-04 14:42:32 +01:00
t3chn0m4g3
f3f9f6ae72 cleanup 2020-12-03 00:01:38 +00:00
t3chn0m4g3
bdf095367d prep for ewsposter 1.11 2020-12-02 23:21:23 +00:00
Sebastian Haderecker
4abb0e5ce6
Missed this one 
Python 3 is our friend :D
 2020-12-02 23:56:54 +01:00
t3chn0m4g3
ba87ebfdaa update objects for Elastic Stack 7.10.0 2020-12-02 22:54:54 +00:00
t3chn0m4g3
8a7e81815e prep for Elastic Stack 7.10.0 2020-12-02 22:36:17 +00:00
Marco Ochse
17eff81e9c
Merge pull request #728 from shaderecker/patch-1 
Update pip dependency to Python3
 2020-11-30 20:06:05 +01:00
Marco Ochse
f8f1bc1757
Merge pull request #727 from adepasquale/suricata-update 
Suricata: use suricata-update for rule management
 2020-11-30 20:05:24 +01:00
Andrea De Pasquale
87a27e4f2b Suricata: use suricata-update for rule management 
As a bonus we can now run "suricata-update" using docker-exec,
triggering both a rule update and a Suricata rule reload.
 2020-11-30 17:56:14 +01:00
Sebastian Haderecker
7f8f3a01c3
Update pip dependency to Python3 2020-11-30 17:27:28 +01:00
Marco Ochse
2ecef8c607
enable MQTT 
as eagle eyed by @adepasquale
 2020-11-27 19:07:12 +01:00
Marco Ochse
d992a25a0a
Merge pull request #726 from adepasquale/suricata-yaml-6.0.x 
Suricata: update suricata.yaml config to 6.0.x
 2020-11-27 18:55:57 +01:00
Andrea De Pasquale
73a5847753 Suricata: update suricata.yaml config to 6.0.x 
Merge in the latest updates from suricata-6.0.x while at the same time
keeping the custom T-Pot configuration.

https://github.com/OISF/suricata/blob/suricata-6.0.0/suricata.yaml.in
 2020-11-26 19:16:01 +01:00
Marco Ochse
c976aea73e
Merge pull request #725 from adepasquale/suricata-yaml-5.x 
Suricata: update suricata.yaml config to 5.x
 2020-11-26 16:23:50 +01:00
t3chn0m4g3
4ada38988c bump cowrie to 2.2.0 2020-11-26 08:17:09 +00:00
Andrea De Pasquale
0010f99662 Suricata: disable eve.stats since it's unused 
Prevent the error below by disabling stats globally and in eve-log:

<Error> - [ERRCODE: SC_ERR_STATS_LOG_GENERIC(278)] - eve.stats: stats are disabled globally: set stats.enabled to true.
 2020-11-25 17:07:49 +01:00
Andrea De Pasquale
e2f76c44cb Suricata: update suricata.yaml config to 5.x 
Merge in the latest updates from suricata-5.x while at the same time
keeping the custom T-Pot configuration.

https://github.com/OISF/suricata/blob/master-5.0.x/suricata.yaml.in
 2020-11-25 15:51:41 +01:00
t3chn0m4g3
e26853c7fa bump suricata to 5.0.4 2020-10-28 17:53:23 +00:00
t3chn0m4g3
d64cbe6741 bump ipphoney to latest master 2020-10-28 17:34:28 +00:00
t3chn0m4g3
c3809b5a98 bump heralding to latest master 2020-10-28 17:27:09 +00:00
t3chn0m4g3
a3d40cc57c bump spiderfoot to 3.2.1 2020-10-28 17:08:55 +00:00
t3chn0m4g3
e3fda4d464 bump dionaea to 0.9.2 2020-10-28 16:45:53 +00:00
t3chn0m4g3
4bf245d13b bump conpot to latest master 2020-10-28 13:56:52 +00:00
t3chn0m4g3
92925cecbd bump dicompot to latest master 2020-10-27 21:30:33 +00:00
t3chn0m4g3
f204cdf9b8 bump elk to 7.3 2020-10-27 19:43:32 +00:00
t3chn0m4g3
ff4a394e3b reverting elk to 7.9.1 2020-10-15 12:24:46 +00:00
Marco Ochse
ce7b79b71a
Merge pull request #707 from brianlechthaler/patch-3 
Bump Elastic dependencies to 7.9.2
 2020-10-15 13:37:11 +02:00
t3chn0m4g3
b28cc2edd0 prepare for new ewsposter 2020-10-15 09:14:30 +00:00
Brian Lechthaler
84a741ec64
IMPORTANT: Fix Node Version 
Bump node version to `10.22.1-alpine`

**KIBANA WILL NOT WORK WITHOUT THIS**
 2020-10-07 13:53:21 -07:00
Marco Ochse
6b37578d8d
Merge pull request #706 from brianlechthaler/patch-2 
Debian 10.6 AMI + Add AWS Regions
 2020-10-07 14:28:19 +02:00
Brian Lechthaler
d351a89096
Bump Kibana version to 7.9.2 2020-10-04 18:05:16 -07:00
Brian Lechthaler
488da48df7
Bump Logstash version to 7.9.2 2020-10-04 18:04:15 -07:00
Brian Lechthaler
85da099cd0
Bump Elasticsearch to 7.9.2 2020-10-04 18:03:00 -07:00
Brian Lechthaler
bd8a9ca92d
Debian 10.6 AMI + Add AWS Regions 
# Changes:
1) 🇿🇦 Add AWS Capetown, South Africa Region (`af-south-1`)
2) 🇮🇹 Add AWS Milan, Italy Region (`eu-south-1`)
3) Bump all AMIs to Debian Buster 10.6

# References:
1) Debian 10 (Buster) Wiki Article on Official EC2 Images: https://wiki.debian.org/Cloud/AmazonEC2Image/Buster?action=recall&rev=16
2) For information on Debian 10.6, see: https://www.debian.org/News/2020/20200926
3) Official AWS Documentation on Regions and Zones can be found here: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html
 2020-10-03 22:22:57 -07:00
Marco Ochse
1afbb89ef4
Merge pull request #691 from brianlechthaler/patch-1 
Update Suricata Capture Filter for New Docker Repo
 2020-09-08 20:08:28 +02:00
Brian Lechthaler
b1d8e293de
add DockerHub back in cap filter 
see https://github.com/telekom-security/tpotce/pull/691#issuecomment-688648225
 2020-09-08 10:45:58 -07:00
Brian Lechthaler
7fdf9edb60
Update Suricata Capture Filter for New Docker Repo 2020-09-07 19:57:15 -07:00