digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-22 19:58:03 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,114 Commits 38 Branches 0 Tags
eee2b677103f623d8ea63ad4da5d05386b2b3a4d
Commit Graph

1293 Commits

Author SHA1 Message Date
thomashaw
d2fc9f917c fixing duplicate alerts in db 2022-10-28 19:47:31 +01:00
thomashaw
2d976262f4 CSL: AES Lab (wip 3/?) 2022-10-24 12:43:27 +01:00
thomashaw
9697ab10ab CSL: AES Lab (wip) 2022-10-24 11:07:05 +01:00
thomashaw
6132007ab3 sleep value + disabling web_actioner for demo 2022-10-19 21:18:54 +01:00
thomashaw
51ab148ae2 distccd goal username fix 2022-10-19 20:39:51 +01:00
thomashaw
a80e458644 Disable elasticsearch geoip update 2022-10-16 18:44:40 +01:00
thomashaw
2c224e4f44 Fixing unescaped ' characters breaking strings in message actioner command generation 2022-10-15 13:54:50 +01:00
thomashaw
7144dd8637 granluar mappings wip 2022-09-06 21:33:14 +01:00
thomashaw
98f8e15968 granluar mappings wip 2022-09-06 21:17:18 +01:00
thomashaw
0161754b34 Goal message granular mappings (WiP) 2022-09-06 20:13:11 +01:00
thomashaw
e846660a34 wip 2022-08-30 23:21:20 +01:00
thomashaw
293c993acc wip 2022-08-30 22:39:04 +01:00
thomashaw
afa7b3a23f alert_router.rb: added test_actions(alert_name) command. runs all actions associated w/ alert_name, even if already actioned. 2022-08-30 21:25:23 +01:00
thomashaw
9eeffbbd7f web_actioner.rb: Removing testing code. Commented out the request until merge. 2022-08-29 20:46:41 +01:00
thomashaw
7b1b9eec65 web_actioner.rb: adding post data (wip2) 2022-08-29 17:57:18 +01:00
thomashaw
67cb0b5525 web actioner update: form data correctly set 2022-08-29 17:55:54 +01:00
thomashaw
91e2f70d03 web_actioner.rb: adding post data (wip) 2022-08-29 17:40:04 +01:00
thomashaw
c6c9bd5b00 Testing Static Flags -> Hacktivity 2022-08-25 16:58:50 +01:00
thomashaw
04b837d84b WebActioner: Improved logging 2022-08-25 16:26:41 +01:00
thomashaw
15e9ddfd91 GCI -> CGI typo fix 2022-08-23 12:56:33 +01:00
thomashaw
99a60b1f36 fix 2022-08-17 17:57:00 +01:00
thomashaw
7486691694 install gci gem deps 2022-08-17 17:13:15 +01:00
thomashaw
29a486871a install gci gem 2022-08-17 16:08:35 +01:00
thomashaw
c2fb194835 goal flag to hacktivity config: updating hacktivity url to localhost for testing 2022-08-17 14:43:09 +01:00
thomashaw
c5f29cc821 fixed duplicate &amp in output 2022-08-17 14:41:05 +01:00
thomashaw
c2ddcd2309 web actioner update: wip 2022-07-13 12:10:33 +01:00
thomashaw
be74b59867 web actioner update: kind-of working but getting pushed back with 500 server error from Hacktivity. Due to CSP? 2022-07-13 12:03:35 +01:00
thomashaw
3e9b780051 updating hacktivity url 2022-07-12 19:07:24 +01:00
thomashaw
0aed5f61ad web actioner wip: updated the parsing so the url pulls through correctly. WIP code for testing post req, currently not working. 2022-07-10 22:00:56 +01:00
thomashaw
a9042addcf testing: proxy env var set in post too 2022-07-10 20:08:41 +01:00
thomashaw
b5a9faaf32 testing: removing command_actioner perform_action for now 2022-07-10 20:07:09 +01:00
thomashaw
7f9106f9f4 adding logger to web actioner 2022-07-10 20:06:15 +01:00
thomashaw
e8d4362164 adding google as test url 2022-07-10 19:16:55 +01:00
thomashaw
0573f60623 dynamic ip service file + requires changes 2022-07-10 18:58:18 +01:00
thomashaw
9f70a6d805 web_actioner: test whether this works by default 2022-07-10 17:52:19 +01:00
thomashaw
dfc73ba2ca web_test -- test if it works w/ proxy or not 2022-07-10 17:27:04 +01:00
thomashaw
b54e4d581e even cleaner 2022-07-10 16:13:34 +01:00
thomashaw
bf0131faa2 cleaner 2022-07-10 16:12:57 +01:00
thomashaw
d8b2537b50 added db id to alert actioners 2022-07-10 16:12:04 +01:00
thomashaw
4eca9b9530 added delete_db command 2022-07-08 00:24:01 +01:00
thomashaw
6b20a805fc wip 2022-07-08 00:17:45 +01:00
thomashaw
3ee1519278 print 2022-06-30 21:16:34 +01:00
thomashaw
ebb7cab445 actioner respects resets from external db changes 2022-06-30 21:14:44 +01:00
thomashaw
60570610c6 Update reset actioners (wip - test on laptop) 2022-06-30 17:26:08 +01:00
thomashaw
af89fc988d testing the actions - uncommented! 2022-04-23 21:28:02 +01:00
thomashaw
abda4c54c3 DO NOT MERGE -- temporary change for testing, TODO: parameterise elastalert.service rather than hard-coded aaa_admin 2022-04-23 12:04:15 +01:00
thomashaw
3c07201657 DO NOT MERGE -- temporary change for testing, TODO: add parameter for account to hidden_file module (check history) 2022-04-23 11:52:41 +01:00
thomashaw
3339432d9b Fixing scenario + adding an error message for if a file within '/' is monitored as a goal. 2022-04-21 15:15:57 +01:00
thomashaw
0e2edb803b use env file to avoid proxy on EA 2022-04-21 11:07:09 +01:00
thomashaw
6dbba54d6f wip fix 2022-04-19 20:07:25 +01:00