New encoding module example.

Encoding generators for hashes added:
String input: MD5, SHA1, SHA256, SHA384, SHA512
File (path) input: MD5, SHA1

modules/encoders/hash/md5_file/secgen_local/local.rb

@@ -0,0 +1,17 @@
+#!/usr/bin/ruby
+require 'fileutils'
+require 'digest'
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+class MD5Encoder < StringEncoder
+  def initialize
+    super
+    self.module_name = 'MD5 hash'
+  end
+
+  def encode(file_path)
+    Digest::MD5.file file_path
+  end
+
+end
+
+MD5Encoder.new.run

modules/encoders/hash/md5_file/secgen_metadata.xml

@@ -0,0 +1,17 @@
+<?xml version="1.0"?>
+
+<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
+               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+               xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
+  <name>MD5 hash encoder file</name>
+  <author>Jason Keighley</author>
+  <module_license>Apache v2</module_license>
+  <description>MD5 hash encoder module</description>
+
+  <type>hash</type>
+  <platform>windows</platform>
+
+  <read_fact>strings_to_encode</read_fact>
+
+  <output_type>hash</output_type>
+</encoder>

modules/encoders/hash/md5_string/secgen_local/local.rb

@@ -0,0 +1,17 @@
+#!/usr/bin/ruby
+require 'fileutils'
+require 'digest'
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+class MD5Encoder < StringEncoder
+  def initialize
+    super
+    self.module_name = 'MD5 hash'
+  end
+
+  def encode(str)
+    Digest::MD5.base64digest str
+  end
+
+end
+
+MD5Encoder.new.run

modules/encoders/hash/md5_string/secgen_metadata.xml

@@ -0,0 +1,17 @@
+<?xml version="1.0"?>
+
+<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
+               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+               xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
+  <name>MD5 hash encoder string</name>
+  <author>Jason Keighley</author>
+  <module_license>Apache v2</module_license>
+  <description>MD5 hash encoder module</description>
+
+  <type>hash</type>
+  <platform>windows</platform>
+
+  <read_fact>strings_to_encode</read_fact>
+
+  <output_type>hash</output_type>
+</encoder>

modules/encoders/hash/sha1_file/secgen_local/local.rb

@@ -0,0 +1,17 @@
+#!/usr/bin/ruby
+require 'fileutils'
+require 'digest'
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+class MD5Encoder < StringEncoder
+  def initialize
+    super
+    self.module_name = 'MD5 hash'
+  end
+
+  def encode(file_path)
+    Digest::SHA1.file file_path
+  end
+
+end
+
+MD5Encoder.new.run

modules/encoders/hash/sha1_file/secgen_metadata.xml

@@ -0,0 +1,17 @@
+<?xml version="1.0"?>
+
+<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
+               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+               xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
+  <name>SHA1 hash encoder file</name>
+  <author>Jason Keighley</author>
+  <module_license>Apache v2</module_license>
+  <description>SHA1 hash encoder module</description>
+
+  <type>hash</type>
+  <platform>windows</platform>
+
+  <read_fact>strings_to_encode</read_fact>
+
+  <output_type>hash</output_type>
+</encoder>

modules/encoders/hash/sha1_string/secgen_local/local.rb

@@ -0,0 +1,17 @@
+#!/usr/bin/ruby
+require 'fileutils'
+require 'digest'
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+class SHA1Encoder < StringEncoder
+  def initialize
+    super
+    self.module_name = 'MD5 hash'
+  end
+
+  def encode(str)
+    Digest::SHA1.base64digest str
+  end
+
+end
+
+SHA1Encoder.new.run

modules/encoders/hash/sha1_string/secgen_metadata.xml

@@ -0,0 +1,17 @@
+<?xml version="1.0"?>
+
+<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
+               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+               xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
+  <name>SHA1 hash encoder string</name>
+  <author>Jason Keighley</author>
+  <module_license>Apache v2</module_license>
+  <description>SHA1 hash encoder module</description>
+
+  <type>hash</type>
+  <platform>windows</platform>
+
+  <read_fact>strings_to_encode</read_fact>
+
+  <output_type>hash</output_type>
+</encoder>

modules/encoders/hash/sha256_string/secgen_local/local.rb

@@ -0,0 +1,17 @@
+#!/usr/bin/ruby
+require 'fileutils'
+require 'digest'
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+class SHA256Encoder < StringEncoder
+  def initialize
+    super
+    self.module_name = 'MD5 hash'
+  end
+
+  def encode(str)
+    Digest::SHA256.base64digest str
+  end
+
+end
+
+SHA256Encoder.new.run

modules/encoders/hash/sha256_string/secgen_metadata.xml

@@ -0,0 +1,17 @@
+<?xml version="1.0"?>
+
+<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
+               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+               xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
+  <name>SHA256 hash encoder string</name>
+  <author>Jason Keighley</author>
+  <module_license>Apache v2</module_license>
+  <description>SHA256 hash encoder module</description>
+
+  <type>hash</type>
+  <platform>windows</platform>
+
+  <read_fact>strings_to_encode</read_fact>
+
+  <output_type>hash</output_type>
+</encoder>

modules/encoders/hash/sha384_string/secgen_local/local.rb

@@ -0,0 +1,17 @@
+#!/usr/bin/ruby
+require 'fileutils'
+require 'digest'
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+class SHA256Encoder < StringEncoder
+  def initialize
+    super
+    self.module_name = 'MD5 hash'
+  end
+
+  def encode(str)
+    Digest::SHA384.base64digest str
+  end
+
+end
+
+SHA256Encoder.new.run

modules/encoders/hash/sha384_string/secgen_metadata.xml

@@ -0,0 +1,17 @@
+<?xml version="1.0"?>
+
+<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
+               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+               xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
+  <name>SHA384 hash encoder string</name>
+  <author>Jason Keighley</author>
+  <module_license>Apache v2</module_license>
+  <description>SHA384 hash encoder module</description>
+
+  <type>hash</type>
+  <platform>windows</platform>
+
+  <read_fact>strings_to_encode</read_fact>
+
+  <output_type>hash</output_type>
+</encoder>

modules/encoders/hash/sha512_string/secgen_local/local.rb

@@ -0,0 +1,17 @@
+#!/usr/bin/ruby
+require 'fileutils'
+require 'digest'
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+class SHA512Encoder < StringEncoder
+  def initialize
+    super
+    self.module_name = 'MD5 hash'
+  end
+
+  def encode(str)
+    Digest::SHA2.new(512).base64digest str
+  end
+
+end
+
+SHA512Encoder.new.run

modules/encoders/hash/sha512_string/secgen_metadata.xml

@@ -0,0 +1,17 @@
+<?xml version="1.0"?>
+
+<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
+               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+               xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
+  <name>SHA512 hash encoder string</name>
+  <author>Jason Keighley</author>
+  <module_license>Apache v2</module_license>
+  <description>SHA512 hash encoder module</description>
+
+  <type>hash</type>
+  <platform>windows</platform>
+
+  <read_fact>strings_to_encode</read_fact>
+
+  <output_type>hash</output_type>
+</encoder>

scenarios/simple_examples/forensic_examples/simple_encoders_example_scenario.xml

@@ -0,0 +1,48 @@
+<?xml version="1.0"?>
+
+<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
+          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+          xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
+
+  <!-- an example remote storage system, with a remotely exploitable vulnerability that can then be escalated to root -->
+  <system>
+    <system_name>windows_server</system_name>
+    <base platform="windows" name="Windows 2008 Virtualbox puppet 64"/>
+
+    <forensic type="file_manipulation" name="Create file">
+      <input into="new_file_path">
+        <value>C:\Users\vagrant\Desktop\Hash_file</value>
+      </input>
+      <input into="new_file_contents">
+        <encoder type="hash" name="MD5 hash encoder string">
+          <input into="strings_to_encode">
+            <value>String to demonstrate the module</value>
+          </input>
+        </encoder>
+        <encoder type="hash" name="SHA1 hash encoder string">
+          <input into="strings_to_encode">
+            <value>String to demonstrate the module</value>
+          </input>
+        </encoder>
+        <encoder type="hash" name="SHA256 hash encoder string">
+          <input into="strings_to_encode">
+            <value>String to demonstrate the module</value>
+          </input>
+        </encoder>
+        <encoder type="hash" name="SHA384 hash encoder string">
+          <input into="strings_to_encode">
+            <value>String to demonstrate the module</value>
+          </input>
+        </encoder>
+        <encoder type="hash" name="SHA512 hash encoder string">
+          <input into="strings_to_encode">
+            <value>String to demonstrate the module</value>
+          </input>
+        </encoder>
+      </input>
+    </forensic>
+
+    <network type="private_network" range="dhcp"/>
+  </system>
+
+</scenario>

scenarios/windows_scenario.xml

@@ -6,10 +6,48 @@
 
   <!-- an example remote storage system, with a remotely exploitable vulnerability that can then be escalated to root -->
   <system>
-    <system_name>storage_server</system_name>
+    <system_name>windows_server</system_name>
     <base platform="windows" name="Windows 2008 Virtualbox puppet 64"/>
 
-    <forensic type="internet_artifacts" name="Internet history chrome"/>
+    <utility type="registry" name="Access data registry viewer install"/>
+
+    <forensic type="registry" name="Add registry values">
+      <input into="key_locations">
+        <value>HKLM\System\CurrentControlSet\Services\Puppet</value>
+      </input>
+
+      <input into="key_value_type">
+        <value>string</value>
+      </input>
+
+      <input into="key_value">
+        <encoder type="hash" name="MD5 hash encoder string">
+          <input into="strings_to_encode">
+            <value>String to demonstrate the module</value>
+          </input>
+        </encoder>
+        <encoder type="hash" name="SHA1 hash encoder string">
+          <input into="strings_to_encode">
+            <value>String to demonstrate the module</value>
+          </input>
+        </encoder>
+        <encoder type="hash" name="SHA256 hash encoder string">
+          <input into="strings_to_encode">
+            <value>String to demonstrate the module</value>
+          </input>
+        </encoder>
+        <encoder type="hash" name="SHA384 hash encoder string">
+          <input into="strings_to_encode">
+            <value>String to demonstrate the module</value>
+          </input>
+        </encoder>
+        <encoder type="hash" name="SHA512 hash encoder string">
+          <input into="strings_to_encode">
+            <value>String to demonstrate the module</value>
+          </input>
+        </encoder>
+      </input>
+    </forensic>
 
     <network type="private_network" range="dhcp"/>
   </system>