Releases: sonofagl1tch/AWSDetonationLab
Releases · sonofagl1tch/AWSDetonationLab
AWSDetonationLab-V2.1.1
Changelog
v2.1.1
Added
- Automate setting
wazuh-alerts-3.x-*
as Kibana's default index pattern (#64). - Automate import of custom dashboards and visualizations into Kibana (#68).
Fixed
- Retrieve AMI IDs dynamically instead of having hardcoded values (#66).
- @sonofagl1tch being dumb and pushing the wrong branch path to master. bad sonofagl1tch. bad.
AWSDetonationLab-V2.1
AWSDetonationLab-V2.0
This release Includes:
- implemented new method of logging Vpc flow directly to S3 without lambda function
- Virustotal integration
- Update Wazuh and Elastic Stack versions
- add wazuh agent to all other systems in the detonation lab
- instances with wazuh agent security group over privileged for network access corrected
- removed egress settings so all traffic can come from wazuh server
- updated java download script to work with the new oracle download requirements
- changed instance naming format to have stackname in it for uniqueness. This also allows for mulitple det labs to be deployed at once
- updated Wazuh agent registration to use authd
- modified cf template so username is now randomly generated and all functions support it
- increased default wazuh instance size due to performance issues
- Added parameters to select instance size/type in template
- Append AWS configuration to ossec.conf instead of replacing all ossec.conf file
- on linux victim we added the apache user to wheel group so bad things can happen to that system
- Fix bug installing wazuh kibana app
- Create a Wiki using README's information
- Add a low cost template option during deployment