├── .github ├── auto-merge.yml ├── auto_assign.yml ├── config.yml ├── dependabot.yml ├── stale.yml └── workflows │ ├── build_attack_destroy_aws.yml │ ├── destroy_old_attack_ranges.yml │ ├── release.yml │ └── update_splunk_tas.yml ├── .gitignore ├── .readthedocs.yaml ├── .vscode └── launch.json ├── Dockerfile ├── LICENSE ├── README.md ├── apps └── .gitkeep ├── attack_data └── .gitkeep ├── attack_range.py ├── capattack ├── LICENSE ├── README.md ├── capattack.psd1 ├── capattack.psm1 ├── config.ini ├── modules │ ├── helpers.ps1 │ ├── install.ps1 │ ├── start.ps1 │ ├── status.ps1 │ └── stop.ps1 ├── sysmon_off.xml ├── sysmon_snapattack.xml └── version.yaml ├── configs ├── AttackRangeSysmon.xml ├── SwiftOnSecurity.xml ├── SysMonLinux-CatchAll.xml ├── attack_range_default.yml ├── github_actions_config_aws.yml ├── github_actions_config_azure.yml ├── github_actions_config_gcp.yml ├── osquery.conf ├── purplesharp_playbook_T1003.001.pb └── rsyslog_logrotate ├── docker-entrypoint.sh ├── docs ├── CONTRIBUTING.md ├── Makefile ├── attack_range.png ├── attack_range_architecture.png ├── demo.gif ├── make.bat ├── requirements.txt └── source │ ├── Attack_Data.md │ ├── Attack_Range_AWS.md │ ├── Attack_Range_Azure.md │ ├── Attack_Range_Cloud.md │ ├── Attack_Range_Config.md │ ├── Attack_Range_Features.md │ ├── Attack_Range_GCP.md │ ├── Attack_Simulation.md │ ├── Cap_Attack.md │ ├── Control_Attack_Range.md │ ├── Cost_Explorer.md │ ├── Total_Replay.md │ ├── conf.py │ └── index.md ├── modules ├── DataManipulation.py ├── DataManipulation_old.py ├── ansible │ ├── atomic_red_team.yml │ ├── cap_attack.yml │ ├── data_replay.yml │ ├── purplesharp.yml │ └── roles │ │ ├── atomic_red_team │ │ └── tasks │ │ │ ├── install_art_linux.yml │ │ │ ├── main.yml │ │ │ ├── run_art_linux.yml │ │ │ └── run_art_test_windows.yml │ │ ├── cap_attack │ │ ├── defaults │ │ │ └── main.yml │ │ └── tasks │ │ │ └── main.yml │ │ ├── data_replay │ │ └── tasks │ │ │ └── main.yml │ │ └── purplesharp │ │ └── tasks │ │ ├── main.yml │ │ ├── run_simulation_playbook.yml │ │ └── run_simulation_techniques.yml ├── art_simulation_controller.py ├── attack_range_controller.py ├── aws_controller.py ├── aws_service.py ├── azure_controller.py ├── azure_service.py ├── config_handler.py ├── configuration.py ├── gcp_controller.py ├── gcp_service.py ├── logger.py ├── purplesharp_simulation_controller.py ├── simulation_controller.py ├── splunk_sdk.py └── yml_reader.py ├── pyproject.toml ├── requirements.txt ├── scripts ├── apps │ └── .gitkeep ├── attack_range_destroyer.py ├── attack_range_ta_update.py └── helpers │ ├── attack_range_apps.py │ └── splunk_app.py └── terraform ├── ansible ├── caldera_server.yml ├── linux_server.yml ├── nginx_server.yml ├── phantom_server.yml ├── roles │ ├── azure_logging │ │ ├── tasks │ │ │ ├── azure_logging.yml │ │ │ └── main.yml │ │ └── templates │ │ │ ├── inputs.conf.j2 │ │ │ ├── mscs_azure_accounts.conf.j2 │ │ │ └── mscs_azure_audit_inputs.conf.j2 │ ├── bad_blood │ │ └── tasks │ │ │ ├── install_badblood.yml │ │ │ ├── main.yml │ │ │ └── run_badblood.yml │ ├── caldera_agent │ │ └── tasks │ │ │ ├── linux.yml │ │ │ ├── main.yml │ │ │ └── windows.yml │ ├── caldera_server │ │ ├── files │ │ │ └── caldera.service │ │ ├── handlers │ │ │ └── main.yml │ │ └── tasks │ │ │ ├── caldera.yml │ │ │ ├── dependencies.yml │ │ │ ├── go.yml │ │ │ ├── hostname.yml │ │ │ ├── main.yml │ │ │ ├── node.yml │ │ │ ├── path.yml │ │ │ ├── update_ip.yml │ │ │ └── upx.yml │ ├── carbon_black_cloud_agent_win │ │ └── tasks │ │ │ ├── install.yml │ │ │ └── main.yml │ ├── carbon_black_cloud_logs │ │ ├── files │ │ │ └── local.meta │ │ ├── tasks │ │ │ ├── config.yml │ │ │ └── main.yml │ │ └── templates │ │ │ └── inputs.conf.j2 │ ├── cisco_secure_endpoint_linux │ │ └── tasks │ │ │ ├── config.yml │ │ │ └── main.yml │ ├── cisco_secure_endpoint_logs │ │ ├── tasks │ │ │ ├── config.yml │ │ │ └── main.yml │ │ └── templates │ │ │ └── inputs.conf.j2 │ ├── cisco_secure_endpoint_win │ │ └── tasks │ │ │ ├── cisco_secure_endpoint.yml │ │ │ └── main.yml │ ├── cloudtrail_logs │ │ ├── tasks │ │ │ ├── configure_inputs.yml │ │ │ └── main.yml │ │ └── templates │ │ │ ├── aws_account_ext.conf.j2 │ │ │ └── aws_inputs.conf.j2 │ ├── contentctl │ │ └── tasks │ │ │ ├── contentctl.yml │ │ │ ├── docker.yml │ │ │ └── main.yml │ ├── create_domain_controller │ │ └── tasks │ │ │ ├── main.yml │ │ │ └── windows-create-domain.yml │ ├── crowdstrike_falcon_agent_linux │ │ └── tasks │ │ │ ├── crowdstrike_install.yml │ │ │ └── main.yml │ ├── crowdstrike_falcon_agent_win │ │ └── tasks │ │ │ ├── crowdstrike_install.yml │ │ │ └── main.yml │ ├── crowdstrike_falcon_logging │ │ ├── tasks │ │ │ ├── config.yml │ │ │ └── main.yml │ │ └── templates │ │ │ ├── inputs.conf.j2 │ │ │ └── splunk_ta_crowdstrike_fdr_aws_collections.conf.j2 │ ├── guacamole │ │ ├── files │ │ │ ├── guacamole.properties │ │ │ └── tomcat.service │ │ ├── tasks │ │ │ ├── guacamole_client.yml │ │ │ ├── guacamole_server.yml │ │ │ ├── guacamole_server_post.yml │ │ │ ├── install_packages.yml │ │ │ ├── main.yml │ │ │ └── setup_tomcat.yml │ │ └── templates │ │ │ ├── user-mapping-local.xml │ │ │ └── user-mapping.xml │ ├── join_domain │ │ ├── files │ │ │ └── join_domain.ps1 │ │ └── tasks │ │ │ ├── create.yml │ │ │ ├── create_local.yml │ │ │ ├── main.yaml │ │ │ └── windows-disable-firewall.yml │ ├── linux_common │ │ ├── files │ │ │ └── 20auto-upgrades │ │ ├── tasks │ │ │ ├── disable-autoupgrade.yml │ │ │ ├── disable-dnssec.yml │ │ │ ├── main.yml │ │ │ ├── set-hostname.yml │ │ │ ├── update_packages.yml │ │ │ ├── update_rsyslog_logrotate.yml │ │ │ └── update_sshd_config.yml │ │ └── templates │ │ │ └── disable-dnssec.conf.j2 │ ├── linux_install_art │ │ ├── files │ │ │ └── Microsoft.PowerShell_profile.ps1 │ │ ├── tasks │ │ │ ├── cap_attack.yml │ │ │ └── main.yml │ │ └── templates │ │ │ ├── Microsoft.PowerShell_profile.ps1.j2 │ │ │ └── config.ini.j2 │ ├── linux_install_auditd │ │ ├── files │ │ │ └── inputs.conf │ │ └── tasks │ │ │ ├── configure_inputs_splunk.yml │ │ │ ├── install_auditd.yml │ │ │ └── main.yml │ ├── linux_osquery │ │ ├── files │ │ │ ├── custom_osquery.conf │ │ │ ├── custom_osquery.flags │ │ │ ├── inputs.conf │ │ │ ├── osquery_install.sh │ │ │ └── template.osquery.conf │ │ └── tasks │ │ │ ├── collect_osquery_logs.yml │ │ │ ├── install_osquery_linux.yml │ │ │ └── main.yml │ ├── linux_server_post │ │ └── tasks │ │ │ ├── change_splunk_password.yml │ │ │ └── main.yml │ ├── linux_sysmon │ │ ├── files │ │ │ ├── AttackRangeSysmon.xml │ │ │ ├── SwiftOnSecurity.xml │ │ │ └── inputs.conf │ │ └── tasks │ │ │ ├── configure_inputs.yml │ │ │ ├── install_sysmon_linux.yml │ │ │ └── main.yml │ ├── linux_universal_forwarder │ │ ├── tasks │ │ │ ├── install_universal_forwarder.yml │ │ │ └── main.yml │ │ └── templates │ │ │ └── outputs.conf.j2 │ ├── nginx_server_post │ │ ├── tasks │ │ │ └── main.yml │ │ └── templates │ │ │ └── default.conf.j2 │ ├── nginx_web_proxy │ │ ├── files │ │ │ ├── default.conf │ │ │ ├── inputs.conf │ │ │ └── nginx.conf │ │ ├── tasks │ │ │ ├── configure_inputs.yml │ │ │ ├── main.yml │ │ │ └── nginx_web_proxy.yml │ │ └── templates │ │ │ ├── default.conf.j2 │ │ │ ├── deploymentclient.conf.j2 │ │ │ └── outputs.conf.j2 │ ├── phantom │ │ └── tasks │ │ │ ├── configure_phantom.yml │ │ │ ├── configure_phantom_old.yml │ │ │ ├── install_phantom_aws.yml │ │ │ ├── install_phantom_azure.yml │ │ │ ├── install_phantom_gcp.yml │ │ │ ├── install_phantom_local.yml │ │ │ └── main.yml │ ├── phantom_byo_splunk │ │ ├── files │ │ │ └── phantom.conf │ │ └── tasks │ │ │ ├── config.yml │ │ │ └── main.yml │ ├── red_team_tools │ │ └── tasks │ │ │ └── main.yml │ ├── set_hostname_linux │ │ └── tasks │ │ │ └── main.yml │ ├── set_hostname_nginx │ │ └── tasks │ │ │ └── main.yml │ ├── set_hostname_win │ │ └── tasks │ │ │ └── main.yml │ ├── snort │ │ ├── files │ │ │ ├── inputs.conf │ │ │ ├── snort.lua │ │ │ ├── snort.service │ │ │ ├── snort3-nic.service │ │ │ ├── snort3-nic_gcp.service │ │ │ └── snort_gcp.service │ │ └── tasks │ │ │ ├── configure_network_interface.yml │ │ │ ├── configure_snort.yml │ │ │ ├── configure_splunk_input.yml │ │ │ ├── install_snort.yml │ │ │ └── main.yml │ ├── splunk_byo_linux │ │ ├── files │ │ │ └── aurora_agent_inputs.conf │ │ ├── tasks │ │ │ ├── collect_aurora_agent_logs.yml │ │ │ ├── config.yml │ │ │ └── main.yml │ │ └── templates │ │ │ └── outputs.conf.j2 │ ├── splunk_byo_windows │ │ ├── tasks │ │ │ ├── config.yml │ │ │ └── main.yml │ │ └── templates │ │ │ └── outputs.conf.j2 │ ├── splunk_server │ │ ├── files │ │ │ ├── DigiCertGlobalRootCA.pem │ │ │ ├── authorize.conf │ │ │ ├── datamodels.conf │ │ │ ├── docker.conf │ │ │ ├── indexes.conf │ │ │ ├── inputs.conf │ │ │ ├── limits.conf │ │ │ ├── local.meta │ │ │ ├── mltk.local.meta │ │ │ ├── phantom.conf │ │ │ ├── props.conf │ │ │ ├── proxy.conf │ │ │ ├── server.conf │ │ │ ├── serverclass.conf │ │ │ ├── user-prefs.conf │ │ │ └── web.conf │ │ ├── handlers │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── configure_attack_range_dashboard.yml │ │ │ ├── configure_cim.yml │ │ │ ├── configure_dltk.yml │ │ │ ├── configure_escu.yml │ │ │ ├── configure_indexes.yml │ │ │ ├── configure_inputs.yml │ │ │ ├── configure_limits.yml │ │ │ ├── configure_phantom.yml │ │ │ ├── configure_props.yml │ │ │ ├── configure_server_conf.yml │ │ │ ├── configure_web_conf.yml │ │ │ ├── create_serverclass.yml │ │ │ ├── install_app_from_s3.yml │ │ │ ├── install_botsv1_dataset.yml │ │ │ ├── install_botsv1a_dataset.yml │ │ │ ├── install_botsv2_dataset.yml │ │ │ ├── install_botsv2a_dataset.yml │ │ │ ├── install_botsv3_dataset.yml │ │ │ ├── install_dsp.yml │ │ │ ├── install_stream_app.yml │ │ │ ├── main.yml │ │ │ ├── share_zeek_TA_system.yml │ │ │ └── splunk.yml │ │ └── templates │ │ │ └── inputs_stream.conf.j2 │ ├── splunk_server_post │ │ ├── files │ │ │ ├── docker.conf │ │ │ └── mltk.local.meta │ │ └── tasks │ │ │ ├── change_splunk_password.yml │ │ │ ├── install_botsv3_dataset.yml │ │ │ ├── install_dltk.yml │ │ │ ├── install_enterprise_security.yml │ │ │ ├── main.yml │ │ │ ├── phantom_server_configure.yml │ │ │ └── phantom_server_configure_local.yml │ ├── sysmon │ │ ├── handlers │ │ │ └── main.yml │ │ ├── tasks │ │ │ ├── main.yml │ │ │ ├── windows-logging-registry.yml │ │ │ └── windows-sysmon.yml │ │ └── templates │ │ │ ├── SysmonConfig-Neo23x0-server.xml.j2 │ │ │ ├── SysmonConfig-Neo23x0-workstations.xml.j2 │ │ │ ├── SysmonConfig-TSwift.xml.j2 │ │ │ ├── SysmonConfig-TSwift2.xml.j2 │ │ │ ├── SysmonConfig-Verbose.xml.j2 │ │ │ ├── SysmonConfig-moti.xml.j2 │ │ │ ├── SysmonConfig.xml.j2 │ │ │ └── SysmonConfigCustom.xml.j2 │ ├── update_sysmon_config │ │ ├── files │ │ │ ├── AttackRangeSysmon.xml │ │ │ └── SwiftOnSecurity.xml │ │ └── tasks │ │ │ ├── main.yml │ │ │ └── windows-sysmon.yml │ ├── update_sysmon_config_linux │ │ └── tasks │ │ │ ├── main.yml │ │ │ └── update_sysmon_config.yml │ ├── windows_aurora_agent │ │ ├── files │ │ │ └── aurora-lite.lic │ │ └── tasks │ │ │ ├── install_aurora_agent.yml │ │ │ └── main.yml │ ├── windows_common │ │ └── tasks │ │ │ ├── advanced_logging.yml │ │ │ ├── install_7zip.yml │ │ │ ├── install_app_chocolatey.yml │ │ │ ├── install_choco.yml │ │ │ ├── install_firefox.yml │ │ │ ├── install_git.yml │ │ │ ├── install_notepadplusplus.yml │ │ │ ├── main.yml │ │ │ ├── set-hostname.yml │ │ │ ├── windows-disable-defender.yml │ │ │ ├── windows-enable-4688-cmd-line-audit.yml │ │ │ └── windows-enable-ps-logging.yml │ ├── windows_install_attack_simulation │ │ ├── tasks │ │ │ ├── cap_attack.yml │ │ │ └── main.yml │ │ └── templates │ │ │ ├── config.ini.j2 │ │ │ └── profile.ps1.j2 │ ├── windows_splunk_post │ │ └── tasks │ │ │ └── main.yml │ ├── windows_universal_forwarder │ │ ├── files │ │ │ ├── atomic_red_team_execution_inputs.conf │ │ │ ├── aurora_agent_inputs.conf │ │ │ ├── nxlog.conf │ │ │ ├── nxlog_inputs.conf │ │ │ ├── outputs.conf │ │ │ ├── powershell_inputs.conf │ │ │ ├── sysmon_inputs.conf │ │ │ ├── win_event_log_inputs.conf │ │ │ └── win_event_log_inputs_plain.conf │ │ ├── tasks │ │ │ ├── collect_attack_simulation_logs.yml │ │ │ ├── collect_aurora_agent_logs.yml │ │ │ ├── collect_nxlog_logs.yml │ │ │ ├── collect_powershell_logs.yml │ │ │ ├── collect_sysmon_logs.yml │ │ │ ├── collect_windows_event_logs.yml │ │ │ ├── configure_outputs.yml │ │ │ ├── create_deploymentclient.yml │ │ │ ├── install_splunk_uf.yml │ │ │ └── main.yml │ │ └── templates │ │ │ └── outputs.conf.j2 │ ├── zeek_sensor │ │ ├── files │ │ │ ├── capture-int.service │ │ │ ├── capture-int_gcp.service │ │ │ └── inputs.conf │ │ └── tasks │ │ │ ├── main.yml │ │ │ ├── splunkuf.yml │ │ │ └── zeek.yml │ └── zeek_server_post │ │ └── tasks │ │ └── main.yml ├── snort_server.yml ├── splunk_server.yml ├── vars │ └── .gitkeep ├── windows.yml └── zeek_server.yml ├── aws ├── backend.tf.tmp ├── main.tf ├── modules │ ├── caldera-server │ │ ├── resources.tf │ │ └── variable.tf │ ├── kali-server │ │ ├── resources.tf │ │ └── variable.tf │ ├── linux-server │ │ ├── outputs.tf │ │ ├── resources.tf │ │ └── variable.tf │ ├── network │ │ ├── output.tf │ │ ├── resources.tf │ │ └── variable.tf │ ├── nginx-server │ │ ├── resources.tf │ │ └── variable.tf │ ├── phantom-server │ │ ├── outputs.tf │ │ ├── resources.tf │ │ └── variable.tf │ ├── snort-server │ │ ├── resources.tf │ │ └── variables.tf │ ├── splunk-server │ │ ├── resources.tf │ │ └── variable.tf │ ├── windows │ │ ├── outputs.tf │ │ ├── resources.tf │ │ └── variables.tf │ └── zeek-server │ │ ├── resources.tf │ │ └── variables.tf ├── resources.tf └── variables.tf ├── azure ├── main.tf ├── modules │ ├── kali-server │ │ ├── resources.tf │ │ └── variable.tf │ ├── linux-server │ │ ├── resources.tf │ │ └── variable.tf │ ├── network │ │ ├── output.tf │ │ ├── resources.tf │ │ └── variable.tf │ ├── phantom-server │ │ ├── resources.tf │ │ └── variable.tf │ ├── splunk-server │ │ ├── resources.tf │ │ └── variable.tf │ └── windows │ │ ├── files │ │ ├── AnsibleSetup.ps1 │ │ ├── FirstLogonCommands.xml │ │ └── winrm.ps1 │ │ ├── resources.tf │ │ └── variables.tf ├── ressources.tf └── variable.tf └── gcp ├── locals.tf ├── main.tf ├── modules ├── iam │ ├── output.tf │ ├── outputs.tf │ ├── resources.tf │ └── variables.tf ├── kali-server │ ├── outputs.tf │ ├── resources.tf │ └── variables.tf ├── linux-server │ ├── outputs.tf │ ├── resources.tf │ └── variables.tf ├── logging │ ├── outputs.tf │ ├── resources.tf │ └── variables.tf ├── network │ ├── outputs.tf │ ├── resources.tf │ └── variables.tf ├── nginx-server │ ├── outputs.tf │ ├── resources.tf │ └── variables.tf ├── phantom-server │ ├── outputs.tf │ ├── resources.tf │ └── variables.tf ├── snort-server │ ├── outputs.tf │ ├── resources.tf │ └── variables.tf ├── splunk-server │ ├── outputs.tf │ ├── resources.tf │ └── variables.tf ├── windows-server │ ├── outputs.tf │ ├── resources.tf │ └── variables.tf └── zeek-server │ ├── outputs.tf │ ├── resources.tf │ └── variables.tf ├── outputs.tf ├── resources.tf └── variables.tf /.github/auto-merge.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/.github/auto-merge.yml -------------------------------------------------------------------------------- /.github/auto_assign.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/.github/auto_assign.yml -------------------------------------------------------------------------------- /.github/config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/.github/config.yml -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/.github/dependabot.yml -------------------------------------------------------------------------------- /.github/stale.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/.github/stale.yml -------------------------------------------------------------------------------- /.github/workflows/build_attack_destroy_aws.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/.github/workflows/build_attack_destroy_aws.yml -------------------------------------------------------------------------------- /.github/workflows/destroy_old_attack_ranges.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/.github/workflows/destroy_old_attack_ranges.yml -------------------------------------------------------------------------------- /.github/workflows/release.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/.github/workflows/release.yml -------------------------------------------------------------------------------- /.github/workflows/update_splunk_tas.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/.github/workflows/update_splunk_tas.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/.gitignore -------------------------------------------------------------------------------- /.readthedocs.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/.readthedocs.yaml -------------------------------------------------------------------------------- /.vscode/launch.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/.vscode/launch.json -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/Dockerfile -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/README.md -------------------------------------------------------------------------------- /apps/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /attack_data/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /attack_range.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/attack_range.py -------------------------------------------------------------------------------- /capattack/LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/capattack/LICENSE -------------------------------------------------------------------------------- /capattack/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/capattack/README.md -------------------------------------------------------------------------------- /capattack/capattack.psd1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/capattack/capattack.psd1 -------------------------------------------------------------------------------- /capattack/capattack.psm1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/capattack/capattack.psm1 -------------------------------------------------------------------------------- /capattack/config.ini: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/capattack/config.ini -------------------------------------------------------------------------------- /capattack/modules/helpers.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/capattack/modules/helpers.ps1 -------------------------------------------------------------------------------- /capattack/modules/install.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/capattack/modules/install.ps1 -------------------------------------------------------------------------------- /capattack/modules/start.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/capattack/modules/start.ps1 -------------------------------------------------------------------------------- /capattack/modules/status.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/capattack/modules/status.ps1 -------------------------------------------------------------------------------- /capattack/modules/stop.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/capattack/modules/stop.ps1 -------------------------------------------------------------------------------- /capattack/sysmon_off.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/capattack/sysmon_off.xml -------------------------------------------------------------------------------- /capattack/sysmon_snapattack.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/capattack/sysmon_snapattack.xml -------------------------------------------------------------------------------- /capattack/version.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/capattack/version.yaml -------------------------------------------------------------------------------- /configs/AttackRangeSysmon.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/configs/AttackRangeSysmon.xml -------------------------------------------------------------------------------- /configs/SwiftOnSecurity.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/configs/SwiftOnSecurity.xml -------------------------------------------------------------------------------- /configs/SysMonLinux-CatchAll.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/configs/SysMonLinux-CatchAll.xml -------------------------------------------------------------------------------- /configs/attack_range_default.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/configs/attack_range_default.yml -------------------------------------------------------------------------------- /configs/github_actions_config_aws.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/configs/github_actions_config_aws.yml -------------------------------------------------------------------------------- /configs/github_actions_config_azure.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/configs/github_actions_config_azure.yml -------------------------------------------------------------------------------- /configs/github_actions_config_gcp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/configs/github_actions_config_gcp.yml -------------------------------------------------------------------------------- /configs/osquery.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/configs/osquery.conf -------------------------------------------------------------------------------- /configs/purplesharp_playbook_T1003.001.pb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/configs/purplesharp_playbook_T1003.001.pb -------------------------------------------------------------------------------- /configs/rsyslog_logrotate: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/configs/rsyslog_logrotate -------------------------------------------------------------------------------- /docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | poetry shell -------------------------------------------------------------------------------- /docs/CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/CONTRIBUTING.md -------------------------------------------------------------------------------- /docs/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/Makefile -------------------------------------------------------------------------------- /docs/attack_range.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/attack_range.png -------------------------------------------------------------------------------- /docs/attack_range_architecture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/attack_range_architecture.png -------------------------------------------------------------------------------- /docs/demo.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/demo.gif -------------------------------------------------------------------------------- /docs/make.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/make.bat -------------------------------------------------------------------------------- /docs/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/requirements.txt -------------------------------------------------------------------------------- /docs/source/Attack_Data.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/source/Attack_Data.md -------------------------------------------------------------------------------- /docs/source/Attack_Range_AWS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/source/Attack_Range_AWS.md -------------------------------------------------------------------------------- /docs/source/Attack_Range_Azure.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/source/Attack_Range_Azure.md -------------------------------------------------------------------------------- /docs/source/Attack_Range_Cloud.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/source/Attack_Range_Cloud.md -------------------------------------------------------------------------------- /docs/source/Attack_Range_Config.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/source/Attack_Range_Config.md -------------------------------------------------------------------------------- /docs/source/Attack_Range_Features.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/source/Attack_Range_Features.md -------------------------------------------------------------------------------- /docs/source/Attack_Range_GCP.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/source/Attack_Range_GCP.md -------------------------------------------------------------------------------- /docs/source/Attack_Simulation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/source/Attack_Simulation.md -------------------------------------------------------------------------------- /docs/source/Cap_Attack.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/source/Cap_Attack.md -------------------------------------------------------------------------------- /docs/source/Control_Attack_Range.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/source/Control_Attack_Range.md -------------------------------------------------------------------------------- /docs/source/Cost_Explorer.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/source/Cost_Explorer.md -------------------------------------------------------------------------------- /docs/source/Total_Replay.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/source/Total_Replay.md -------------------------------------------------------------------------------- /docs/source/conf.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/source/conf.py -------------------------------------------------------------------------------- /docs/source/index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/docs/source/index.md -------------------------------------------------------------------------------- /modules/DataManipulation.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/DataManipulation.py -------------------------------------------------------------------------------- /modules/DataManipulation_old.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/DataManipulation_old.py -------------------------------------------------------------------------------- /modules/ansible/atomic_red_team.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/ansible/atomic_red_team.yml -------------------------------------------------------------------------------- /modules/ansible/cap_attack.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/ansible/cap_attack.yml -------------------------------------------------------------------------------- /modules/ansible/data_replay.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/ansible/data_replay.yml -------------------------------------------------------------------------------- /modules/ansible/purplesharp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/ansible/purplesharp.yml -------------------------------------------------------------------------------- /modules/ansible/roles/atomic_red_team/tasks/install_art_linux.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/ansible/roles/atomic_red_team/tasks/install_art_linux.yml -------------------------------------------------------------------------------- /modules/ansible/roles/atomic_red_team/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/ansible/roles/atomic_red_team/tasks/main.yml -------------------------------------------------------------------------------- /modules/ansible/roles/atomic_red_team/tasks/run_art_linux.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/ansible/roles/atomic_red_team/tasks/run_art_linux.yml -------------------------------------------------------------------------------- /modules/ansible/roles/atomic_red_team/tasks/run_art_test_windows.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/ansible/roles/atomic_red_team/tasks/run_art_test_windows.yml -------------------------------------------------------------------------------- /modules/ansible/roles/cap_attack/defaults/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/ansible/roles/cap_attack/defaults/main.yml -------------------------------------------------------------------------------- /modules/ansible/roles/cap_attack/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/ansible/roles/cap_attack/tasks/main.yml -------------------------------------------------------------------------------- /modules/ansible/roles/data_replay/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/ansible/roles/data_replay/tasks/main.yml -------------------------------------------------------------------------------- /modules/ansible/roles/purplesharp/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/ansible/roles/purplesharp/tasks/main.yml -------------------------------------------------------------------------------- /modules/ansible/roles/purplesharp/tasks/run_simulation_playbook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/ansible/roles/purplesharp/tasks/run_simulation_playbook.yml -------------------------------------------------------------------------------- /modules/ansible/roles/purplesharp/tasks/run_simulation_techniques.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/ansible/roles/purplesharp/tasks/run_simulation_techniques.yml -------------------------------------------------------------------------------- /modules/art_simulation_controller.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/art_simulation_controller.py -------------------------------------------------------------------------------- /modules/attack_range_controller.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/attack_range_controller.py -------------------------------------------------------------------------------- /modules/aws_controller.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/aws_controller.py -------------------------------------------------------------------------------- /modules/aws_service.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/aws_service.py -------------------------------------------------------------------------------- /modules/azure_controller.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/azure_controller.py -------------------------------------------------------------------------------- /modules/azure_service.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/azure_service.py -------------------------------------------------------------------------------- /modules/config_handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/config_handler.py -------------------------------------------------------------------------------- /modules/configuration.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/configuration.py -------------------------------------------------------------------------------- /modules/gcp_controller.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/gcp_controller.py -------------------------------------------------------------------------------- /modules/gcp_service.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/gcp_service.py -------------------------------------------------------------------------------- /modules/logger.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/logger.py -------------------------------------------------------------------------------- /modules/purplesharp_simulation_controller.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/purplesharp_simulation_controller.py -------------------------------------------------------------------------------- /modules/simulation_controller.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/simulation_controller.py -------------------------------------------------------------------------------- /modules/splunk_sdk.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/splunk_sdk.py -------------------------------------------------------------------------------- /modules/yml_reader.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/modules/yml_reader.py -------------------------------------------------------------------------------- /pyproject.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/pyproject.toml -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/requirements.txt -------------------------------------------------------------------------------- /scripts/apps/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /scripts/attack_range_destroyer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/scripts/attack_range_destroyer.py -------------------------------------------------------------------------------- /scripts/attack_range_ta_update.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/scripts/attack_range_ta_update.py -------------------------------------------------------------------------------- /scripts/helpers/attack_range_apps.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/scripts/helpers/attack_range_apps.py -------------------------------------------------------------------------------- /scripts/helpers/splunk_app.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/scripts/helpers/splunk_app.py -------------------------------------------------------------------------------- /terraform/ansible/caldera_server.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/caldera_server.yml -------------------------------------------------------------------------------- /terraform/ansible/linux_server.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/linux_server.yml -------------------------------------------------------------------------------- /terraform/ansible/nginx_server.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/nginx_server.yml -------------------------------------------------------------------------------- /terraform/ansible/phantom_server.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/phantom_server.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/azure_logging/tasks/azure_logging.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/azure_logging/tasks/azure_logging.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/azure_logging/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/azure_logging/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/azure_logging/templates/inputs.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/azure_logging/templates/inputs.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/azure_logging/templates/mscs_azure_accounts.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/azure_logging/templates/mscs_azure_accounts.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/azure_logging/templates/mscs_azure_audit_inputs.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/azure_logging/templates/mscs_azure_audit_inputs.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/bad_blood/tasks/install_badblood.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/bad_blood/tasks/install_badblood.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/bad_blood/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/bad_blood/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/bad_blood/tasks/run_badblood.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/bad_blood/tasks/run_badblood.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/caldera_agent/tasks/linux.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/caldera_agent/tasks/linux.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/caldera_agent/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/caldera_agent/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/caldera_agent/tasks/windows.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/caldera_agent/tasks/windows.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/caldera_server/files/caldera.service: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/caldera_server/files/caldera.service -------------------------------------------------------------------------------- /terraform/ansible/roles/caldera_server/handlers/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/caldera_server/handlers/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/caldera_server/tasks/caldera.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/caldera_server/tasks/caldera.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/caldera_server/tasks/dependencies.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/caldera_server/tasks/dependencies.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/caldera_server/tasks/go.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/caldera_server/tasks/go.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/caldera_server/tasks/hostname.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/caldera_server/tasks/hostname.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/caldera_server/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/caldera_server/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/caldera_server/tasks/node.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/caldera_server/tasks/node.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/caldera_server/tasks/path.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/caldera_server/tasks/path.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/caldera_server/tasks/update_ip.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/caldera_server/tasks/update_ip.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/caldera_server/tasks/upx.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/caldera_server/tasks/upx.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/carbon_black_cloud_agent_win/tasks/install.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/carbon_black_cloud_agent_win/tasks/install.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/carbon_black_cloud_agent_win/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/carbon_black_cloud_agent_win/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/carbon_black_cloud_logs/files/local.meta: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/carbon_black_cloud_logs/files/local.meta -------------------------------------------------------------------------------- /terraform/ansible/roles/carbon_black_cloud_logs/tasks/config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/carbon_black_cloud_logs/tasks/config.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/carbon_black_cloud_logs/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/carbon_black_cloud_logs/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/carbon_black_cloud_logs/templates/inputs.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/carbon_black_cloud_logs/templates/inputs.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/cisco_secure_endpoint_linux/tasks/config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/cisco_secure_endpoint_linux/tasks/config.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/cisco_secure_endpoint_linux/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/cisco_secure_endpoint_linux/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/cisco_secure_endpoint_logs/tasks/config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/cisco_secure_endpoint_logs/tasks/config.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/cisco_secure_endpoint_logs/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/cisco_secure_endpoint_logs/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/cisco_secure_endpoint_logs/templates/inputs.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/cisco_secure_endpoint_logs/templates/inputs.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/cisco_secure_endpoint_win/tasks/cisco_secure_endpoint.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/cisco_secure_endpoint_win/tasks/cisco_secure_endpoint.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/cisco_secure_endpoint_win/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/cisco_secure_endpoint_win/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/cloudtrail_logs/tasks/configure_inputs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/cloudtrail_logs/tasks/configure_inputs.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/cloudtrail_logs/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/cloudtrail_logs/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/cloudtrail_logs/templates/aws_account_ext.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/cloudtrail_logs/templates/aws_account_ext.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/cloudtrail_logs/templates/aws_inputs.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/cloudtrail_logs/templates/aws_inputs.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/contentctl/tasks/contentctl.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/contentctl/tasks/contentctl.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/contentctl/tasks/docker.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/contentctl/tasks/docker.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/contentctl/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/contentctl/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/create_domain_controller/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/create_domain_controller/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/create_domain_controller/tasks/windows-create-domain.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/create_domain_controller/tasks/windows-create-domain.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/crowdstrike_falcon_agent_linux/tasks/crowdstrike_install.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/crowdstrike_falcon_agent_linux/tasks/crowdstrike_install.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/crowdstrike_falcon_agent_linux/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/crowdstrike_falcon_agent_linux/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/crowdstrike_falcon_agent_win/tasks/crowdstrike_install.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/crowdstrike_falcon_agent_win/tasks/crowdstrike_install.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/crowdstrike_falcon_agent_win/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/crowdstrike_falcon_agent_win/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/crowdstrike_falcon_logging/tasks/config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/crowdstrike_falcon_logging/tasks/config.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/crowdstrike_falcon_logging/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/crowdstrike_falcon_logging/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/crowdstrike_falcon_logging/templates/inputs.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/crowdstrike_falcon_logging/templates/inputs.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/crowdstrike_falcon_logging/templates/splunk_ta_crowdstrike_fdr_aws_collections.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/crowdstrike_falcon_logging/templates/splunk_ta_crowdstrike_fdr_aws_collections.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/guacamole/files/guacamole.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/guacamole/files/guacamole.properties -------------------------------------------------------------------------------- /terraform/ansible/roles/guacamole/files/tomcat.service: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/guacamole/files/tomcat.service -------------------------------------------------------------------------------- /terraform/ansible/roles/guacamole/tasks/guacamole_client.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/guacamole/tasks/guacamole_client.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/guacamole/tasks/guacamole_server.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/guacamole/tasks/guacamole_server.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/guacamole/tasks/guacamole_server_post.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/guacamole/tasks/guacamole_server_post.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/guacamole/tasks/install_packages.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/guacamole/tasks/install_packages.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/guacamole/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/guacamole/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/guacamole/tasks/setup_tomcat.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/guacamole/tasks/setup_tomcat.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/guacamole/templates/user-mapping-local.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/guacamole/templates/user-mapping-local.xml -------------------------------------------------------------------------------- /terraform/ansible/roles/guacamole/templates/user-mapping.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/guacamole/templates/user-mapping.xml -------------------------------------------------------------------------------- /terraform/ansible/roles/join_domain/files/join_domain.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/join_domain/files/join_domain.ps1 -------------------------------------------------------------------------------- /terraform/ansible/roles/join_domain/tasks/create.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/join_domain/tasks/create.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/join_domain/tasks/create_local.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/join_domain/tasks/create_local.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/join_domain/tasks/main.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/join_domain/tasks/main.yaml -------------------------------------------------------------------------------- /terraform/ansible/roles/join_domain/tasks/windows-disable-firewall.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/join_domain/tasks/windows-disable-firewall.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_common/files/20auto-upgrades: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_common/files/20auto-upgrades -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_common/tasks/disable-autoupgrade.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_common/tasks/disable-autoupgrade.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_common/tasks/disable-dnssec.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_common/tasks/disable-dnssec.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_common/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_common/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_common/tasks/set-hostname.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_common/tasks/set-hostname.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_common/tasks/update_packages.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_common/tasks/update_packages.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_common/tasks/update_rsyslog_logrotate.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_common/tasks/update_rsyslog_logrotate.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_common/tasks/update_sshd_config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_common/tasks/update_sshd_config.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_common/templates/disable-dnssec.conf.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | [Resolve] 3 | DNSSEC=false 4 | -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_install_art/files/Microsoft.PowerShell_profile.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_install_art/files/Microsoft.PowerShell_profile.ps1 -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_install_art/tasks/cap_attack.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_install_art/tasks/cap_attack.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_install_art/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_install_art/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_install_art/templates/Microsoft.PowerShell_profile.ps1.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_install_art/templates/Microsoft.PowerShell_profile.ps1.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_install_art/templates/config.ini.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_install_art/templates/config.ini.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_install_auditd/files/inputs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_install_auditd/files/inputs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_install_auditd/tasks/configure_inputs_splunk.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_install_auditd/tasks/configure_inputs_splunk.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_install_auditd/tasks/install_auditd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_install_auditd/tasks/install_auditd.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_install_auditd/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_install_auditd/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_osquery/files/custom_osquery.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_osquery/files/custom_osquery.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_osquery/files/custom_osquery.flags: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_osquery/files/custom_osquery.flags -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_osquery/files/inputs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_osquery/files/inputs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_osquery/files/osquery_install.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_osquery/files/osquery_install.sh -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_osquery/files/template.osquery.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_osquery/files/template.osquery.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_osquery/tasks/collect_osquery_logs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_osquery/tasks/collect_osquery_logs.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_osquery/tasks/install_osquery_linux.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_osquery/tasks/install_osquery_linux.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_osquery/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_osquery/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_server_post/tasks/change_splunk_password.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_server_post/tasks/change_splunk_password.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_server_post/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - include_tasks: change_splunk_password.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_sysmon/files/AttackRangeSysmon.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_sysmon/files/AttackRangeSysmon.xml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_sysmon/files/SwiftOnSecurity.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_sysmon/files/SwiftOnSecurity.xml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_sysmon/files/inputs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_sysmon/files/inputs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_sysmon/tasks/configure_inputs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_sysmon/tasks/configure_inputs.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_sysmon/tasks/install_sysmon_linux.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_sysmon/tasks/install_sysmon_linux.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_sysmon/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_sysmon/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_universal_forwarder/tasks/install_universal_forwarder.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_universal_forwarder/tasks/install_universal_forwarder.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_universal_forwarder/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - include_tasks: install_universal_forwarder.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/linux_universal_forwarder/templates/outputs.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/linux_universal_forwarder/templates/outputs.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/nginx_server_post/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/nginx_server_post/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/nginx_server_post/templates/default.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/nginx_server_post/templates/default.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/nginx_web_proxy/files/default.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/nginx_web_proxy/files/default.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/nginx_web_proxy/files/inputs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/nginx_web_proxy/files/inputs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/nginx_web_proxy/files/nginx.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/nginx_web_proxy/files/nginx.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/nginx_web_proxy/tasks/configure_inputs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/nginx_web_proxy/tasks/configure_inputs.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/nginx_web_proxy/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/nginx_web_proxy/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/nginx_web_proxy/tasks/nginx_web_proxy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/nginx_web_proxy/tasks/nginx_web_proxy.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/nginx_web_proxy/templates/default.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/nginx_web_proxy/templates/default.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/nginx_web_proxy/templates/deploymentclient.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/nginx_web_proxy/templates/deploymentclient.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/nginx_web_proxy/templates/outputs.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/nginx_web_proxy/templates/outputs.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/phantom/tasks/configure_phantom.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/phantom/tasks/configure_phantom.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/phantom/tasks/configure_phantom_old.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/phantom/tasks/configure_phantom_old.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/phantom/tasks/install_phantom_aws.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/phantom/tasks/install_phantom_aws.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/phantom/tasks/install_phantom_azure.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/phantom/tasks/install_phantom_azure.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/phantom/tasks/install_phantom_gcp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/phantom/tasks/install_phantom_gcp.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/phantom/tasks/install_phantom_local.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/phantom/tasks/install_phantom_local.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/phantom/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/phantom/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/phantom_byo_splunk/files/phantom.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/phantom_byo_splunk/files/phantom.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/phantom_byo_splunk/tasks/config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/phantom_byo_splunk/tasks/config.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/phantom_byo_splunk/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/phantom_byo_splunk/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/red_team_tools/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/red_team_tools/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/set_hostname_linux/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/set_hostname_linux/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/set_hostname_nginx/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/set_hostname_nginx/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/set_hostname_win/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/set_hostname_win/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/snort/files/inputs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/snort/files/inputs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/snort/files/snort.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/snort/files/snort.lua -------------------------------------------------------------------------------- /terraform/ansible/roles/snort/files/snort.service: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/snort/files/snort.service -------------------------------------------------------------------------------- /terraform/ansible/roles/snort/files/snort3-nic.service: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/snort/files/snort3-nic.service -------------------------------------------------------------------------------- /terraform/ansible/roles/snort/files/snort3-nic_gcp.service: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/snort/files/snort3-nic_gcp.service -------------------------------------------------------------------------------- /terraform/ansible/roles/snort/files/snort_gcp.service: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/snort/files/snort_gcp.service -------------------------------------------------------------------------------- /terraform/ansible/roles/snort/tasks/configure_network_interface.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/snort/tasks/configure_network_interface.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/snort/tasks/configure_snort.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/snort/tasks/configure_snort.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/snort/tasks/configure_splunk_input.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/snort/tasks/configure_splunk_input.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/snort/tasks/install_snort.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/snort/tasks/install_snort.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/snort/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/snort/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_byo_linux/files/aurora_agent_inputs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_byo_linux/files/aurora_agent_inputs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_byo_linux/tasks/collect_aurora_agent_logs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_byo_linux/tasks/collect_aurora_agent_logs.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_byo_linux/tasks/config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_byo_linux/tasks/config.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_byo_linux/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_byo_linux/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_byo_linux/templates/outputs.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_byo_linux/templates/outputs.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_byo_windows/tasks/config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_byo_windows/tasks/config.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_byo_windows/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_byo_windows/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_byo_windows/templates/outputs.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_byo_windows/templates/outputs.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/DigiCertGlobalRootCA.pem: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/files/DigiCertGlobalRootCA.pem -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/authorize.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/files/authorize.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/datamodels.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/files/datamodels.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/docker.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/files/docker.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/indexes.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/files/indexes.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/inputs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/files/inputs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/limits.conf: -------------------------------------------------------------------------------- 1 | [restapi] 2 | maxresultrows = 4294967295 3 | -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/local.meta: -------------------------------------------------------------------------------- 1 | [] 2 | export = system -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/mltk.local.meta: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/files/mltk.local.meta -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/phantom.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/files/phantom.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/props.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/files/props.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/proxy.conf: -------------------------------------------------------------------------------- 1 | [product_management] 2 | validate_cert = false 3 | -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/server.conf: -------------------------------------------------------------------------------- 1 | [general] 2 | allowRemoteLogin = always 3 | 4 | [diskUsage] 5 | minFreeSpace = 1000 6 | -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/serverclass.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/files/serverclass.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/user-prefs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/files/user-prefs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/files/web.conf: -------------------------------------------------------------------------------- 1 | [settings] 2 | max_upload_size = 1024 3 | splunkdConnectionTimeout = 600 4 | -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/handlers/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/handlers/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/configure_attack_range_dashboard.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/configure_attack_range_dashboard.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/configure_cim.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/configure_cim.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/configure_dltk.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/configure_dltk.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/configure_escu.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/configure_escu.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/configure_indexes.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/configure_indexes.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/configure_inputs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/configure_inputs.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/configure_limits.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/configure_limits.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/configure_phantom.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/configure_phantom.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/configure_props.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/configure_props.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/configure_server_conf.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/configure_server_conf.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/configure_web_conf.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/configure_web_conf.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/create_serverclass.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/create_serverclass.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/install_app_from_s3.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/install_app_from_s3.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/install_botsv1_dataset.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/install_botsv1_dataset.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/install_botsv1a_dataset.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/install_botsv1a_dataset.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/install_botsv2_dataset.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/install_botsv2_dataset.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/install_botsv2a_dataset.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/install_botsv2a_dataset.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/install_botsv3_dataset.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/install_botsv3_dataset.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/install_dsp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/install_dsp.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/install_stream_app.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/install_stream_app.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/share_zeek_TA_system.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/share_zeek_TA_system.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/tasks/splunk.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/tasks/splunk.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server/templates/inputs_stream.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server/templates/inputs_stream.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server_post/files/docker.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server_post/files/docker.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server_post/files/mltk.local.meta: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server_post/files/mltk.local.meta -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server_post/tasks/change_splunk_password.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server_post/tasks/change_splunk_password.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server_post/tasks/install_botsv3_dataset.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server_post/tasks/install_botsv3_dataset.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server_post/tasks/install_dltk.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server_post/tasks/install_dltk.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server_post/tasks/install_enterprise_security.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server_post/tasks/install_enterprise_security.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server_post/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server_post/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server_post/tasks/phantom_server_configure.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server_post/tasks/phantom_server_configure.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/splunk_server_post/tasks/phantom_server_configure_local.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/splunk_server_post/tasks/phantom_server_configure_local.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/sysmon/handlers/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/sysmon/handlers/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/sysmon/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/sysmon/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/sysmon/tasks/windows-logging-registry.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/sysmon/tasks/windows-logging-registry.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/sysmon/tasks/windows-sysmon.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/sysmon/tasks/windows-sysmon.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/sysmon/templates/SysmonConfig-Neo23x0-server.xml.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/sysmon/templates/SysmonConfig-Neo23x0-server.xml.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/sysmon/templates/SysmonConfig-Neo23x0-workstations.xml.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/sysmon/templates/SysmonConfig-Neo23x0-workstations.xml.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/sysmon/templates/SysmonConfig-TSwift.xml.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/sysmon/templates/SysmonConfig-TSwift.xml.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/sysmon/templates/SysmonConfig-TSwift2.xml.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/sysmon/templates/SysmonConfig-TSwift2.xml.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/sysmon/templates/SysmonConfig-Verbose.xml.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/sysmon/templates/SysmonConfig-Verbose.xml.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/sysmon/templates/SysmonConfig-moti.xml.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/sysmon/templates/SysmonConfig-moti.xml.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/sysmon/templates/SysmonConfig.xml.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/sysmon/templates/SysmonConfig.xml.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/sysmon/templates/SysmonConfigCustom.xml.j2: -------------------------------------------------------------------------------- 1 | {{ ansible_managed | comment('xml') }} 2 | 3 | -------------------------------------------------------------------------------- /terraform/ansible/roles/update_sysmon_config/files/AttackRangeSysmon.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/update_sysmon_config/files/AttackRangeSysmon.xml -------------------------------------------------------------------------------- /terraform/ansible/roles/update_sysmon_config/files/SwiftOnSecurity.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/update_sysmon_config/files/SwiftOnSecurity.xml -------------------------------------------------------------------------------- /terraform/ansible/roles/update_sysmon_config/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/update_sysmon_config/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/update_sysmon_config/tasks/windows-sysmon.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/update_sysmon_config/tasks/windows-sysmon.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/update_sysmon_config_linux/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/update_sysmon_config_linux/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/update_sysmon_config_linux/tasks/update_sysmon_config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/update_sysmon_config_linux/tasks/update_sysmon_config.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_aurora_agent/files/aurora-lite.lic: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_aurora_agent/files/aurora-lite.lic -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_aurora_agent/tasks/install_aurora_agent.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_aurora_agent/tasks/install_aurora_agent.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_aurora_agent/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_aurora_agent/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_common/tasks/advanced_logging.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_common/tasks/advanced_logging.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_common/tasks/install_7zip.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_common/tasks/install_7zip.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_common/tasks/install_app_chocolatey.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_common/tasks/install_app_chocolatey.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_common/tasks/install_choco.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_common/tasks/install_choco.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_common/tasks/install_firefox.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_common/tasks/install_firefox.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_common/tasks/install_git.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_common/tasks/install_git.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_common/tasks/install_notepadplusplus.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_common/tasks/install_notepadplusplus.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_common/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_common/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_common/tasks/set-hostname.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_common/tasks/set-hostname.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_common/tasks/windows-disable-defender.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_common/tasks/windows-disable-defender.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_common/tasks/windows-enable-4688-cmd-line-audit.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_common/tasks/windows-enable-4688-cmd-line-audit.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_common/tasks/windows-enable-ps-logging.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_common/tasks/windows-enable-ps-logging.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_install_attack_simulation/tasks/cap_attack.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_install_attack_simulation/tasks/cap_attack.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_install_attack_simulation/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_install_attack_simulation/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_install_attack_simulation/templates/config.ini.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_install_attack_simulation/templates/config.ini.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_install_attack_simulation/templates/profile.ps1.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_install_attack_simulation/templates/profile.ps1.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_splunk_post/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_splunk_post/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/files/atomic_red_team_execution_inputs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/files/atomic_red_team_execution_inputs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/files/aurora_agent_inputs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/files/aurora_agent_inputs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/files/nxlog.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/files/nxlog.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/files/nxlog_inputs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/files/nxlog_inputs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/files/outputs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/files/outputs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/files/powershell_inputs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/files/powershell_inputs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/files/sysmon_inputs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/files/sysmon_inputs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/files/win_event_log_inputs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/files/win_event_log_inputs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/files/win_event_log_inputs_plain.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/files/win_event_log_inputs_plain.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/tasks/collect_attack_simulation_logs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/tasks/collect_attack_simulation_logs.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/tasks/collect_aurora_agent_logs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/tasks/collect_aurora_agent_logs.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/tasks/collect_nxlog_logs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/tasks/collect_nxlog_logs.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/tasks/collect_powershell_logs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/tasks/collect_powershell_logs.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/tasks/collect_sysmon_logs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/tasks/collect_sysmon_logs.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/tasks/collect_windows_event_logs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/tasks/collect_windows_event_logs.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/tasks/configure_outputs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/tasks/configure_outputs.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/tasks/create_deploymentclient.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/tasks/create_deploymentclient.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/tasks/install_splunk_uf.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/tasks/install_splunk_uf.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/windows_universal_forwarder/templates/outputs.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/windows_universal_forwarder/templates/outputs.conf.j2 -------------------------------------------------------------------------------- /terraform/ansible/roles/zeek_sensor/files/capture-int.service: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/zeek_sensor/files/capture-int.service -------------------------------------------------------------------------------- /terraform/ansible/roles/zeek_sensor/files/capture-int_gcp.service: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/zeek_sensor/files/capture-int_gcp.service -------------------------------------------------------------------------------- /terraform/ansible/roles/zeek_sensor/files/inputs.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/zeek_sensor/files/inputs.conf -------------------------------------------------------------------------------- /terraform/ansible/roles/zeek_sensor/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/zeek_sensor/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/zeek_sensor/tasks/splunkuf.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/zeek_sensor/tasks/splunkuf.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/zeek_sensor/tasks/zeek.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/zeek_sensor/tasks/zeek.yml -------------------------------------------------------------------------------- /terraform/ansible/roles/zeek_server_post/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/roles/zeek_server_post/tasks/main.yml -------------------------------------------------------------------------------- /terraform/ansible/snort_server.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/snort_server.yml -------------------------------------------------------------------------------- /terraform/ansible/splunk_server.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/splunk_server.yml -------------------------------------------------------------------------------- /terraform/ansible/vars/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terraform/ansible/windows.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/windows.yml -------------------------------------------------------------------------------- /terraform/ansible/zeek_server.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/ansible/zeek_server.yml -------------------------------------------------------------------------------- /terraform/aws/backend.tf.tmp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/backend.tf.tmp -------------------------------------------------------------------------------- /terraform/aws/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/main.tf -------------------------------------------------------------------------------- /terraform/aws/modules/caldera-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/caldera-server/resources.tf -------------------------------------------------------------------------------- /terraform/aws/modules/caldera-server/variable.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/caldera-server/variable.tf -------------------------------------------------------------------------------- /terraform/aws/modules/kali-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/kali-server/resources.tf -------------------------------------------------------------------------------- /terraform/aws/modules/kali-server/variable.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/kali-server/variable.tf -------------------------------------------------------------------------------- /terraform/aws/modules/linux-server/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/linux-server/outputs.tf -------------------------------------------------------------------------------- /terraform/aws/modules/linux-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/linux-server/resources.tf -------------------------------------------------------------------------------- /terraform/aws/modules/linux-server/variable.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/linux-server/variable.tf -------------------------------------------------------------------------------- /terraform/aws/modules/network/output.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/network/output.tf -------------------------------------------------------------------------------- /terraform/aws/modules/network/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/network/resources.tf -------------------------------------------------------------------------------- /terraform/aws/modules/network/variable.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/network/variable.tf -------------------------------------------------------------------------------- /terraform/aws/modules/nginx-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/nginx-server/resources.tf -------------------------------------------------------------------------------- /terraform/aws/modules/nginx-server/variable.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/nginx-server/variable.tf -------------------------------------------------------------------------------- /terraform/aws/modules/phantom-server/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/phantom-server/outputs.tf -------------------------------------------------------------------------------- /terraform/aws/modules/phantom-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/phantom-server/resources.tf -------------------------------------------------------------------------------- /terraform/aws/modules/phantom-server/variable.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/phantom-server/variable.tf -------------------------------------------------------------------------------- /terraform/aws/modules/snort-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/snort-server/resources.tf -------------------------------------------------------------------------------- /terraform/aws/modules/snort-server/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/snort-server/variables.tf -------------------------------------------------------------------------------- /terraform/aws/modules/splunk-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/splunk-server/resources.tf -------------------------------------------------------------------------------- /terraform/aws/modules/splunk-server/variable.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/splunk-server/variable.tf -------------------------------------------------------------------------------- /terraform/aws/modules/windows/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/windows/outputs.tf -------------------------------------------------------------------------------- /terraform/aws/modules/windows/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/windows/resources.tf -------------------------------------------------------------------------------- /terraform/aws/modules/windows/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/windows/variables.tf -------------------------------------------------------------------------------- /terraform/aws/modules/zeek-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/zeek-server/resources.tf -------------------------------------------------------------------------------- /terraform/aws/modules/zeek-server/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/modules/zeek-server/variables.tf -------------------------------------------------------------------------------- /terraform/aws/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/resources.tf -------------------------------------------------------------------------------- /terraform/aws/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/aws/variables.tf -------------------------------------------------------------------------------- /terraform/azure/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/main.tf -------------------------------------------------------------------------------- /terraform/azure/modules/kali-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/kali-server/resources.tf -------------------------------------------------------------------------------- /terraform/azure/modules/kali-server/variable.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/kali-server/variable.tf -------------------------------------------------------------------------------- /terraform/azure/modules/linux-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/linux-server/resources.tf -------------------------------------------------------------------------------- /terraform/azure/modules/linux-server/variable.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/linux-server/variable.tf -------------------------------------------------------------------------------- /terraform/azure/modules/network/output.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/network/output.tf -------------------------------------------------------------------------------- /terraform/azure/modules/network/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/network/resources.tf -------------------------------------------------------------------------------- /terraform/azure/modules/network/variable.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/network/variable.tf -------------------------------------------------------------------------------- /terraform/azure/modules/phantom-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/phantom-server/resources.tf -------------------------------------------------------------------------------- /terraform/azure/modules/phantom-server/variable.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/phantom-server/variable.tf -------------------------------------------------------------------------------- /terraform/azure/modules/splunk-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/splunk-server/resources.tf -------------------------------------------------------------------------------- /terraform/azure/modules/splunk-server/variable.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/splunk-server/variable.tf -------------------------------------------------------------------------------- /terraform/azure/modules/windows/files/AnsibleSetup.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/windows/files/AnsibleSetup.ps1 -------------------------------------------------------------------------------- /terraform/azure/modules/windows/files/FirstLogonCommands.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/windows/files/FirstLogonCommands.xml -------------------------------------------------------------------------------- /terraform/azure/modules/windows/files/winrm.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/windows/files/winrm.ps1 -------------------------------------------------------------------------------- /terraform/azure/modules/windows/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/windows/resources.tf -------------------------------------------------------------------------------- /terraform/azure/modules/windows/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/modules/windows/variables.tf -------------------------------------------------------------------------------- /terraform/azure/ressources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/ressources.tf -------------------------------------------------------------------------------- /terraform/azure/variable.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/azure/variable.tf -------------------------------------------------------------------------------- /terraform/gcp/locals.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/locals.tf -------------------------------------------------------------------------------- /terraform/gcp/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/main.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/iam/output.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/iam/output.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/iam/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/iam/outputs.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/iam/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/iam/resources.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/iam/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/iam/variables.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/kali-server/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/kali-server/outputs.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/kali-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/kali-server/resources.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/kali-server/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/kali-server/variables.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/linux-server/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/linux-server/outputs.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/linux-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/linux-server/resources.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/linux-server/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/linux-server/variables.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/logging/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/logging/outputs.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/logging/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/logging/resources.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/logging/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/logging/variables.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/network/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/network/outputs.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/network/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/network/resources.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/network/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/network/variables.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/nginx-server/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/nginx-server/outputs.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/nginx-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/nginx-server/resources.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/nginx-server/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/nginx-server/variables.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/phantom-server/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/phantom-server/outputs.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/phantom-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/phantom-server/resources.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/phantom-server/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/phantom-server/variables.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/snort-server/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/snort-server/outputs.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/snort-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/snort-server/resources.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/snort-server/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/snort-server/variables.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/splunk-server/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/splunk-server/outputs.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/splunk-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/splunk-server/resources.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/splunk-server/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/splunk-server/variables.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/windows-server/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/windows-server/outputs.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/windows-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/windows-server/resources.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/windows-server/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/windows-server/variables.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/zeek-server/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/zeek-server/outputs.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/zeek-server/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/zeek-server/resources.tf -------------------------------------------------------------------------------- /terraform/gcp/modules/zeek-server/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/modules/zeek-server/variables.tf -------------------------------------------------------------------------------- /terraform/gcp/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/outputs.tf -------------------------------------------------------------------------------- /terraform/gcp/resources.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/resources.tf -------------------------------------------------------------------------------- /terraform/gcp/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/attack_range/HEAD/terraform/gcp/variables.tf --------------------------------------------------------------------------------