PurpleCloud
varc
PurpleCloud | varc | |
---|---|---|
1 | 5 | |
481 | 233 | |
- | 1.7% | |
5.5 | 3.5 | |
3 months ago | 8 months ago | |
Python | Python | |
MIT License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
PurpleCloud
-
Anyone have experience building a Windows AD lab environment in Docker?
We looked into pre-configured, plug-and-play options. One project (leveraging Ansible) is called PurpleCloud. Probably because running even a handful of Windows VMs on a PC can get pretty slow, pretty fast, their project spins this network up on Azure. However, the estimated monthly cost of the cloud resources is not attractive; over $300 per month. While it's true that we would not need to run the lab every day resulting in lower cost, I think we would want to run new tests fairly often, especially if multiple analysts are using it (and I already know the burn of forgetting an EC2 instance on for a week or two).
varc
- GitHub - cado-security/varc: Volatile Artifact Collector -- Open Source Tool to Collect Volatile Data for Incident Response
- Open source tool for collecting volatile data on compromised systems
- Varc - Volatile Artifact Collector
- varc - Open Source tool for Volatile Artifact Collection
- Open Source Tool to Collect Volatile Data for Incident Response
What are some alternatives?
invoke-atomicredteam - Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team project.
turbinia - Automation and Scaling of Digital Forensics Tools
OpenSIEM-Logstash-Parsing - SIEM Logstash parsing for more than hundred technologies
metabadger - Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
ansible-pentest-deploy - Using Ansible as an orchestrator, this project is another solution for testers looking to configure and deploy a new VM or VPS box with the tools that they need for penetration testing.
introspector - A schema and set of tools for using SQL to query cloud infrastructure.
jupyter2kibana - A Workflow for Data Scientists to bring Jupyter Notebook Visualizations to Kibana Dashboards
AWSXenos - AWSXenos will list all the trust relationships in all the IAM roles and S3 buckets
hashlookup-forensic-analyser - Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/
timesketch - Collaborative forensic timeline analysis