Skip to content

Releases: Krook9d/PurpleLab

PurpleLab V3.0 - Major Release

17 Jun 15:55
@Krook9d Krook9d
V3.0.0
dd01ffc
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
PurpleLab V3.0 - Major Release Latest
Latest

🎨 Complete Design Overhaul

  • Modernized interface with improved navigation and visual consistency
  • Enhanced user experience across all modules
  • Responsive design optimized for better usability
  • Clean, intuitive workflows for improved analyst productivity

Performance & Optimization

  • Significantly improved MITRE ATT&CK page performance - faster loading and smoother interactions
  • Enhanced KPIs and metrics on the home dashboard for better threat landscape visibility
  • Streamlined codebase with comprehensive bug fixes and stability improvements
  • Optimized database queries for faster data retrieval

🆕 New Features

Rule Lifecycle Management Page ⚙️

  • Advanced rule lifecycle management system for connecting and managing security rules across multiple SIEM platforms
  • Splunk & OpenSearch Integration with SSL support and connection testing
  • Payload Association - Link PowerShell payloads to specific detection rules
  • Batch Execution capabilities for comprehensive rule testing
  • Real-time status monitoring and synchronization tracking

Enhanced Home Dashboard 🏠

  • New threat intelligence KPIs with AlienVault OTX integration
  • Improved data visualization with real-time metrics
  • Enhanced log distribution analytics from sandbox collection
  • Performance monitoring widgets for system health

🏗️ Infrastructure Modernization

Ansible-Based Deployment 🔧

  • Fully automated installation and configuration process
  • One-command deployment with install_ansible.sh
  • Automatic credential generation saved to admin.txt
  • Hardware verification and dependency management

OpenSearch Migration 🔍

  • Modern search and analytics engine replacing Elasticsearch
  • Enhanced log analysis capabilities with OpenSearch Dashboards
  • Improved performance and scalability
  • Better integration with security tools ecosystem

Windows Server 2019 Sandbox 🪟

  • Updated VM environment with enhanced security features
  • Pre-configured Sysmon with SwiftOnSecurity configuration
  • Winlogbeat OSS 7.12.1 for automated log collection
  • Atomic Red Team with full test suite integration
  • Python environment and Chocolatey package manager
  • PowerShell-YAML module for advanced scripting capabilities

🧹 Platform Streamlining

  • Removed legacy modules - Eliminated underutilized "Use Case" and "Log Simulation" pages
  • Focused core functionality for better analyst productivity
  • Cleaner navigation with reduced complexity
  • Optimized workflows based on user feedback

🛠️ Technical Improvements

Automated Log Collection 📊

  • Seamless sandbox integration with automatic log forwarding
  • Real-time event streaming to OpenSearch
  • Pre-configured logging pipelines for immediate use
  • Enhanced visibility into security events

Enhanced Security Tools 🛡️

  • Atomic Red Team integration with comprehensive test coverage
  • Windows Defender exclusions for testing scenarios
  • Malware analysis capabilities with automated execution
  • Threat simulation environment ready out-of-the-box

Multi-Platform Connectivity 🔗

  • Improved connector management for Splunk and OpenSearch
  • SSL/TLS support for secure communications
  • Configuration validation and health monitoring
  • Seamless rule synchronization across platforms
Assets 2
Loading

Release 2.0.0: "Refreshed"

04 Jul 15:02
@Krook9d Krook9d
V2.0.0
a9f13c1
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release 2.0.0: "Refreshed"

New Features and Improvements

  • Complete Interface Overhaul: Enjoy a fresh, modern look with a redesigned user interface that enhances usability and aesthetics.
  • Multiple Bug Fixes: Addressed various bugs to improve stability and performance.
  • Additional KPIs: Added several new Key Performance Indicators for better insights and monitoring.
  • Forensic Section in Health Page: Introduced a new forensic section in the Health page that allows capturing the disk or RAM of the sandbox.
Loading

Version 1.1.1 - Minor Correction + atomic red team test

04 Mar 18:11
@Krook9d Krook9d
V1.1.1
71676e0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Version 1.1.1 - Minor Correction + atomic red team test

Adding the list of atomic redteam tests for each technique + button to execute tests one by one.
Improving dynamism and ergonomics (dynamic display of tables):
Loading page MITRE logo
Dynamism of KPIs
Correction of the display issue with the use case table
Correction of the display issue with the sharing page user

Loading

Version 1.1.0 - API-pealing to Developers

12 Feb 15:06
@Krook9d Krook9d
V1.1.0
1e0cb41
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Version 1.1.0 - API-pealing to Developers

Creation of an API
Changing the logo in the application
Changing versioning management
Reorganization of files
Added the possibility to skip or not the ELK installation
Added start/stop/restart button for the VM
Added a radio button for enabling/disabling the VM's antivirus
Added button to restart the winlogbeat collector
Restyling of the VM section API creation Creation of the Splunk application to launch technique tests and perform hunting
Added sysmon to the VM with the config https://github.com/SwiftOnSecurity/sysmon-config,
Switched the VM interface to English
Rehosting of the new version of the VM

Loading