Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
guides:lockdown_black_team [2020/04/14 23:13] aibekzhy python executables |
guides:lockdown_black_team [2020/06/08 05:49] aibekzhy |
||
---|---|---|---|
Line 35: | Line 35: | ||
- Install libselinux-python | - Install libselinux-python | ||
- Ensure Release of child OSes match supported OS: https://kb.vmware.com/s/article/1005870 | - Ensure Release of child OSes match supported OS: https://kb.vmware.com/s/article/1005870 | ||
+ | |||
+ | |||
* Windows: | * Windows: | ||
- VMWare tools | - VMWare tools | ||
Line 46: | Line 48: | ||
- Ensure Sleep is disabled | - Ensure Sleep is disabled | ||
- Try to Debloat as much as possible: https://github.com/Sycnex/Windows10Debloater (Might not worth it) | - Try to Debloat as much as possible: https://github.com/Sycnex/Windows10Debloater (Might not worth it) | ||
+ | - Sometimes windows may start randomly shutting down. In which case please look into the following | ||
+ | - Use High-performance Battery Profile | ||
+ | - Windows 10 Enterprise specific: | ||
+ | - Make sure when Template is deployed, it has an Ethernet Access. If it doesn't have one, it will reboot endlessly: https://superuser.com/questions/933754/why-does-windows-10-shut-down-hourly-with-initiated-power-off-on-behalf-of-nt-a | ||
+ | |||
* Pfsense: | * Pfsense: | ||
Line 57: | Line 64: | ||
* Ensure you take a snapshot of the entire infrastructure after deploying your malware | * Ensure you take a snapshot of the entire infrastructure after deploying your malware | ||
* Manually login to every VM after the red team is done pre-staging. This ensures that everything is still operational, and in addition, it loads a lot of things from disk to memory, which ensures a smoother experience at the start of the competition. | * Manually login to every VM after the red team is done pre-staging. This ensures that everything is still operational, and in addition, it loads a lot of things from disk to memory, which ensures a smoother experience at the start of the competition. | ||
+ | * If the performance of VMs is very slow, try to lower the number of snapshots or use the snapshots that were created are no longer than a day before the competition. | ||
Line 112: | Line 120: | ||
**Note: %02d just represents a padded 0.** | **Note: %02d just represents a padded 0.** | ||
+ | |||
+ | Aibek to Aibek: PLEASE FIX ANSIBLE RELATIVE PATHING |