Releases: orlikoski/Skadi
Releases · orlikoski/Skadi
Skadi 2019.4
Installation Files
Installing on an OS with Docker already installed (MacOS, Windows, and Linux)
OVA / OVF
Vagrant
Install on Existing Ubuntu 18.04 OS:
Skadi Desktop
- Follow this guide to install the Ubuntu Desktop on Skadi Server https://github.com/orlikoski/Skadi/wiki/Installing-Skadi-Desktop
SHA256 File Hashes:
7eb1c5e1fc9db2864b40e3af61e04e8fc7afea7c0aba916b301ac6a8f202f1c8 skadi_server-2019.4.ova
System Changes
- Refactored signed installer to be more modular and flow better
- Includes daemon (cdqr.d) version of CDQR Docker helper script
- Refactored docker-compose.yml file
- Reference only artifacts in the Skadi repository
- All items now in one file (22 containers configured to work together)
- Created Start/Stop/Reset Docker helper scripts for Powershell and Bash
- Updated signed installer to use the new components
- Removed Cerebro and now use Kibana Management page instead
- Enabled Skadi to run on any OS with Docker installed (MacOS, Windows, and Linux)
- Created
skadi-backendnetwork and reduced exposed ports to only 80, 5432, 9200 - Updated Secure Networking pack to work with these changes
- Fixes
- Yeti investigations now work
- Yeti settings and data now persist
- All containers now persist data
Skadi 2019.3
Installation Files
OVA / OVF
Skadi Server: Headless server ~4.7 GB in size
Vagrant
Install on Existing Ubuntu either 18.04 or 16.04 OS:
Skadi Desktop
- Follow this guide to install the Ubuntu Desktop on Skadi Server https://github.com/orlikoski/Skadi/wiki/Installing-Skadi-Desktop
SHA256 File Hashes:
42cf4a65cac20e078fcf821270b533f1030710e455daf0a3cc3a5f1c27c2b7a3 skadi_server-2019.3.ova
System Changes
- Added Yeti Threat Intelligence Open Source Project: https://github.com/yeti-platform/yeti
- Updated Skadi Portal Start Page
- Added Yeti (Threat Intelligence) link to portal
- Updated Docker Stack
- Added multiple Yeti services using skadi specific docker image of Yeti https://hub.docker.com/r/aorlikoski/skadi_yeti
- Modified Firewall and Nginx Reverse proxy configuration
- Added Yeti configuration
- Updated Digitally Signed Installer
- Now includes installing Yeti
- Small tweaks to Packer build
Skadi 2019.2
Installation Files
OVA / OVF
Skadi Server: Headless server ~4 GB in size
Vagrant
Install on Existing Ubuntu either 18.04 or 16.04 OS:
Skadi Desktop
- Follow this guide to install the Ubuntu Desktop on Skadi Server https://github.com/orlikoski/Skadi/wiki/Installing-Skadi-Desktop
SHA256 File Hashes:
5c2e2d8532fcb5172e3bbe7b52230ed690a9f76916a51c4972fd73e70d43ed3d *Skadi Server 2019.2.ova
System Changes
- Removed CyLR, Plaso, TimeSketch from Host OS (they are now all docker containers)
- Added CDQR helper script to host OS
- Updated Skadi Portal Start Page
- Single Point of Access to all tools
- Direct download links to all CyLR versions that are stored on skadi server
- Removed Glances web service link
- Added Portainer link
- Updated Remote Management and Monitoring tools
- Grafana (Host & Container monitoring)
- Removed Glances (Still on OS but no longer a web service)
- Added Portainer (Docker Management)
- Refactored to use containers for every component
- Updated and version locked the Docker Images for TimeSketch and CyberChef
- Modified Firewall and Nginx Reverse proxy configuration
- New add-on scripts available to add self signed or letsencrypt provided TLS certs
- Updated Digitally Signed Installer
- Now works on Ubuntu 18.04 (Bionic) and 16.04 (Xenial)
- Updated build script to heavily use environment variables for more flexibility
- Reworked Packer build scripts to automate over 90% of the build process
Updated Tools to Include the Following
- Docker Version 18.09.3
- CDQR Docker Version 4.4.1
- CyLR Version 2.1.0
- Kibana 6.6.2
- ElasticSearch 6.6.2
- Nginx 1.15
- Grafana 5.4.2
- Portainer 1.20.2
- Cerebro Version 0.8.1
- Redis Version 5
- Neo4j Version 3.5
- Postgres 11
- skadi_cyberchef 20190326
- skadi_dockprom Last Update Dec 12, 2018
- skadi_timesketch 20190326
Skadi 2019.1
Installation Files
OVA / OVF
Skadi Server: Headless server ~3.4 GB in size
Vagrant
Install on Existing Ubuntu 16.04 OS:
Skadi Desktop
- Follow this guide to install the Ubuntu Desktop on Skadi Server https://github.com/orlikoski/Skadi/wiki/Installing-Skadi-Desktop
SHA256 File Hashes:
c45914308dd71a2f0e170215f5f211c4245701ac48d1a4ec04fce5f7fc284f6c *Skadi Server 2019.1.ova
System Changes
- Created Skadi Portal Start Page
- Single Point of Access to all tools
- Direct download links to all CyLR versions that are stored on skadi server
- Added Remote Management and Monitoring tools
- Grafana (Host & Container monitoring)
- Glances (Detailed Process Monitoring)
- Refactored to use containers where possible
- Created Customized Docker Images for TimeSketch and CyberChef
- Modified Firewall and Nginx Reverse proxy configuration
- Container Support
- Longer, larger data uploads
- Subpath support for TimeSketch
- Updated Digitally Signed Installer
- Updated Packer and Vagrant build scripts
Updated All Tools to Include the Following
- Plaso Version 20181219
- Docker Version 18.09.0
- CDQR Version 4.2.1
- CyLR Version 2.0.0.0
- Kibana 6.5.1
- ElasticSearch 6.5.1
- Nginx 1.15
- Grafana 5.4.2
- Cerebro Version 0.8.1
- Redis Version 5
- Neo4j Version 3.5
- Postgres 10
- skadi_cyberchef Last update Dec 19, 2018
- skadi_dockprom Last Update Dec 12, 2018
- skadi_timesketch 1.2
Skadi 2018.4.2
What's New
Fixed an issue with the OVF files that prevented it from deploying in some instances
Install Skadi on Existing Ubuntu 16.04 OS:
Installation Files
Skadi Server: Headless server ~2GB in size
Skadi Desktop: Server Features plus Ubuntu 16.04 Default Desktop ~3GB in size
Skadi Portable 2018.4 ISO Image: Live Boot ISO that runs Skadi from a USB drive and can install Skadi from USB drive to the host hardware (no networking or virtualization required)
Skadi 2018.4.2 OVF and ISO File SHA256 Hashes:
81f37559bbb68f884046e3bf9f77d34d4b7e75f24005461742ffab5b16b65793 *Skadi 2018.4.zip
b5932ef91c0014ae0e8b14fe714fedc6ea22bc457ddb97b931637eeef00264f9 *Skadi Desktop 2018.4.zip
4a65c9c823ae2434648794b8014a88bf7199f187a9b39a5917020e502a136694 *skadi_portable_2018.4.iso
Skadi 2018.4.1
Installation Files
Skadi Server: Headless server ~2GB in size
Skadi Desktop: Server Features plus Ubuntu 16.04 Default Desktop ~3GB in size
Installers:
Skadi Portable 2018.4 ISO Image: Live Boot ISO that runs Skadi from a USB drive and can install Skadi from USB drive to the host hardware (no networking or virtualization required)
System Changes
- Now includes CyberChef
- Now uses ELK 6.x
- TimeSketch and Nginx configurations updated to now support larger Uploads
- TimeSketch was built from Master branch instead of pypi release in order to be compatible with ELK 6.x
- Updated Digitally Signed Installer
- Updated Packer and Vagrant build scripts
- Updated
/opt/skadi/update.shto download and install the new version of CyLR 2.0 - Added
/opt/skadi/healthcheck.shto aid in diagnostics
Updated All Tools to Include the Following
- Plaso Version 20180930
- CDQR Version 4.2.1
- CyLR Version 2.0.0.0
- Docker Version 18.06.1-ce
- ELK Version 6.4.2
- TimeSketch Version 20180613
- Redis Version 5.0.0
- Neo4j Version 3.4.9
- Celery Version 4.1.0
- Cerebro Version 0.8.1
- CyberChef
Other
- Updated README.md
Skadi 2018.3
OVF Files
Skadi Server 2018.3: Headless server ~2GB in size
Skadi Desktop 2018.3: Server plus Ubuntu 16.04 Default Desktop ~3GB in size
System Changes
- Disabled Logstash boot start (it's still installed)
- Applied Ubuntu system updates
Updated CDQR, Plaso, ELK, TimeSketch
- Updated CDQR to 4.1.7
- Updated Plaso to 20180630
- Updated ELK to latest version
- Updated TimeSketch to latest version with updated configuration file
Other
- Updated README.md
Skadi 2018.2
System Changes
- Added authenticated reverse proxy to default build
- Updated secure networking script to work with Skadi 2018.2
- Updated Digitally signed Skadi build script
Updated CDQR and Plaso
- Updated Plaso to 20180524
- Updated CDQR to 4.1.6
- Changed version of ELK to 5.x (Plaso now checks for it)
TimeSketch Stability Improvements
- Improved TimeSketch stability by adding Gunicorn to serve it through the reverse proxy
- Changed version of ELK to 5.x (TimeSketch works best with 5.x)
Upgrade Support
- Created Skadi 2018.1 to Skadi 2018.2 Upgrade script
Other
- Updated README.md
- Updated and created build tests
Skadi 2018.2
System Changes
- Added authenticated reverse proxy to default build
- Updated secure networking script to work with Skadi 2018.2
- Updated Digitally signed Skadi build script
Updated CDQR and Plaso
- Updated Plaso to 20180524
- Updated CDQR to 4.1.6
- Changed version of ELK to 5.x (Plaso now checks for it)
TimeSketch Stability Improvements
- Improved TimeSketch stability by adding Gunicorn to serve it through the reverse proxy
- Changed version of ELK to 5.x (TimeSketch works best with 5.x)
Upgrade Support
- Created Skadi 2018.1 to Skadi 2018.2 Upgrade script
Other
- Updated README.md
- Updated and created build tests
Skadi 2018.1
What's New
- Re-named Skadi
- All software hase been updated
- Two Add-on Packs created
- Skadi Pack 01: Automation: Provides two methods of integrating with any Automation tool: gRPC API or using SSH
- Skadi Pack 02: Secure Networking: Installs and configures the firewall as well as an authenticated reverse proxy with valid TLS/SSL certificates
- New Desktop Version is available
- Every Kibana saved item has been updated (Searches, Visualizations, Dashboards)
Download information
Skadi Server 2018.1: Headless server ~2GB in size
- Skadi Server 2018.1 MD5:
6826b646c24a94217ebecd7b1267f240
Skadi Desktop 2018.1: Provides GNOME Desktop environment: ~3GB in size
- Skadi Desktop 2018.1 MD5:
8651478dd60d610b0d1853662ae74343