archive
/
PurpleDome
mirror of https://github.com/avast/PurpleDome
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
develop
polishing2
presentation_gpn_2022
more_unit_tests
extending_page
main
caldera_4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b0822522c6'
${ noResults }
PurpleDome/plugins/default/adversary_emulations/FIN7/local_experiment_config.yaml

179 lines
4.1 KiB
YAML
Raw Blame History

###
# Caldera configuration
caldera:
###
# API key for caldera. See caldera configuration. Default is ADMIN123
apikey: ADMIN123
###
# Attacks configuration
attackers:
###
# Configuration for the first attacker. One should normally be enough
- name: attacker
###
# Defining VM controller settings for this machine
vm_controller:
###
# Type of the VM controller, Options are "vagrant"
vm_type: vagrant
###
# # path where the vagrantfile is in
vagrantfilepath: systems
###
# Name of machine in Vagrantfile
vm_name: attacker
nicknames:
###
# machinepath is a path where the machine specific files and logs are stored. Relative to the Vagrantfile path
# and will be mounted internally as /vagrant/<name>
# If machinepath is not set PurpleDome will try "vm_name"
machinepath: attacker1
###
# OS of the VM guest. Options are so far "windows", "linux"
os: linux
###
# Do not destroy/create the machine: Set this to "yes".
use_existing_machine: yes
###
# List of targets
targets:
- name: target2
#root: systems/target1
vm_controller:
vm_type: vagrant
vagrantfilepath: systems
###
# simple switch if targets is used in attack simulation. Default is true. If set to false the machine will not be started
active: yes
vm_name: target2
# TODO: itadmin must be moved to another target
nicknames:
- hotelmanager
- itadmin
- accounting
os: windows
paw: target2w
group: red_windows
machinepath: target2w
# Do not destroy/create the machine: Set this to "yes".
use_existing_machine: yes
###
# Optional setting to activate force when halting the machine. Windows guests sometime get stuck
halt_needs_force: yes
###
# If SSH without vagrant support is used (Windows !) we need a user name (uppercase)
ssh_user: ATTACKX
###
# If SSH without vagrant support is used (Windows !) we maybe need a password
ssh_password: AttackX
###
# For non-vagrant ssh connections a ssh keyfile stored in the machinepath is required.
ssh_keyfile: systems/target2w/id_rsa.3
###
# The folder all the implants will be installed into
# Windows can only use default playground at the moment !
# playground: C:\\Users\\AttackX
# Sensors to run on this machine
sensors:
- osquery
vulnerabilities:
- weak_user_passwords
- rdp_config_vul
###
# General attack config
attacks:
###
# configure the seconds the system idles between the attacks. Makes it slower. But attack and defense logs will be simpler to match
nap_time: 5
###
# The obfuscator to use between the implant and the server. Not all obfuscators are supported by all implants. Existing obfuscators:
# plain-text, base64, base64jumble, caesar, base64noPadding, steganography
caldera_obfuscator: plain-text
###
# Jitter settings for the implant. it is min/max seconds. The first number has to be smaller. Default is 4/8
caldera_jitter: 4/8
###
# Plugin based attacks. Will result in plugins being called
plugin_based_attacks:
###
# Linux specific attacks, a list
linux:
###
# Windows specific attacks, a list
windows:
- fin7_1
###
# A list of caldera attacks to run against the targets.
caldera_attacks:
###
# Linux specific attacks. A list of caldera ability IDs
linux:
###
# Windows specific attacks. A list of caldera ability IDs
windows:
###
# Configuration for the plugin based attack tools
attack_conf:
###
# Hydra configuration
hydra:
###
# A list of protocols to brute force against. Supported: "ssh"
protocols:
- ssh
- rdp
#- ftps
###
# A file containing potential user names
userfile: users.txt
###
# A file containing potential passwords
pwdfile: passwords.txt
nmap:
###
# General sensor config config
sensor_conf:
###
# Windows sensor plugin configuration
osquery:
foo: bar
###
# Settings for the results being harvested
results:
###
# The directory the loot will be in
loot_dir: loot
Reference in New Issue View Git Blame Copy Permalink