-
Notifications
You must be signed in to change notification settings - Fork 70
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #419 from dh4340/master
Enhancements for Documentation Clarity and Linux Client Service Details
- Loading branch information
Showing
6 changed files
with
729 additions
and
377 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,68 +1,106 @@ | ||
| # GHOSTS NPC Framework | ||
|
|
||
| GHOSTS simulates what anyone might do at a computer, creating documents, browsing websites, and downloading files. GHOSTS drives all sorts of popular applications on many versions of Windows and Linux machines. Whether you're a friendly administrator or a powerful cyber adversary, GHOSTS can replicate your expected behavior. | ||
| GHOSTS simulates user activity on a computer, like creating documents, browsing websites, and downloading files. It drives various popular applications on both Windows and Linux machines. Whether you're a friendly administrator or a cyber adversary, GHOSTS can replicate your expected behavior. | ||
|
|
||
| GHOSTS has many use cases in cyber training and exercises, most notably for bringing non-player characters (NPCs) to life, but GHOSTS can be used for many other purposes where realistic activity on a computer is needed as well. | ||
| GHOSTS has many use cases in cyber training and exercises, most notably for bringing non-player characters (NPCs) to life. However, it can also be used for other purposes requiring realistic activity on a computer. | ||
|
|
||
| There is a [short demonstration video available on YouTube](https://www.youtube.com/watch?v=EkwK-cqwjjA) (3:03). | ||
|
|
||
| --- | ||
|
|
||
| **Version 8 is here (with breaking changes!).** It has absorbed the other modules of the GHOSTS framework, [ANIMATOR (now archived)](https://github.com/cmu-sei/GHOSTS-ANIMATOR) and [SPECTRE (now archived)](https://github.com/cmu-sei/GHOSTS-SPECTRE). This was done in order to greatly simplify installation, configuration, and the administration of a GHOSTS instance, but also to bring further capability to the core agents by more tightly combining information segregated into separate databases and systems until now. | ||
| **Version 8.2 is here!** | ||
|
|
||
| The breaking changes are: | ||
| GHOSTS has undergone major updates, including breaking changes introduced in version 8.0. Version 8 absorbed the [ANIMATOR](https://github.com/cmu-sei/GHOSTS-ANIMATOR) and [SPECTRE](https://github.com/cmu-sei/GHOSTS-SPECTRE) modules, simplifying the installation, configuration, and administration of a GHOSTS instance, while bringing further capabilities to core agents by integrating previously segregated data. With version 8.2, more improvements and features are introduced, making it easier and more powerful to use. | ||
|
|
||
| 1. Configuration file changes | ||
| 2. Database changes | ||
| 3. API endpoint changes | ||
| ### Breaking Changes in Version 8.0: | ||
| 1. Configuration file changes. | ||
| 2. Database changes. | ||
| 3. API endpoint changes. | ||
|
|
||
| Sorry, but there is no upgrade path from previous versions — install a fresh instance to get rolling with V8. | ||
| There is no upgrade path from previous versions — a fresh install is required for version 8 and beyond. | ||
|
|
||
| --- | ||
|
|
||
| ## What's New in GHOSTS v8.2 🆕 | ||
| Welcome to the latest version of GHOSTS! Here’s a look at what’s new and improved in v8.2: | ||
|
|
||
| - [GHOSTS now has a UI](core/ui.md)! Manage machines, machine groups, deploy new timelines, and view activities through a sleek interface. 😍 | ||
| - [GHOSTS Shadows](shadows/index.md) now integrates with large language models (LLMs) for GHOSTS agents, offering various models for activities, chat, content generation, social interactions, and more. 👻 | ||
| - [GHOSTS LITE](core/lite.md) is a lightweight version of GHOSTS that requires fewer resources, making it ideal for training, exercises, and simulations on minimal hardware. 👀 | ||
| - Fixes #385: Default GUID issue with Animator NPCs. | ||
| - Fixes #384: Client path bug. | ||
| - Resolved various animation cancellation token bugs in chat features. | ||
| - Updated documentation for Animations (with contributions from SEI's TMR team). 🤙 | ||
|
|
||
| ## What's New in GHOSTS v8.1: | ||
| - GHOSTS LITE BETA: A lighter version designed for scenarios where participants won't directly access the machine. | ||
| - API cleanup, particularly around machine updates and groups. | ||
| - Simplified sample JSON objects for better understanding and easier submission. | ||
| - Improved API robustness and machine group management. | ||
| - Enhanced timeline delivery per machine and group. | ||
|
|
||
| ## What's New in GHOSTS v8.0: | ||
| ### Enhancements: | ||
| - Merged ANIMATOR and SPECTRE functionalities into the core GHOSTS API. Both projects are now archived. | ||
| - Migrated all data from MongoDB to PostgreSQL for improved performance and management. | ||
| - Cleaned up the Docker Compose setup to minimize installation and configuration issues. | ||
| - Animator job management can now be handled directly through the UI. | ||
| - Transitioning from HTTP requests to WebSockets: NPCs are "always connected" and no longer need to poll the server to execute activities. | ||
| - Added ability to configure random delays (before or after an activity) within timelines. | ||
| - Simplified configuration for both client and server systems (breaking change). | ||
| - Consolidated installation into a single `docker-compose` file, streamlining the process. | ||
| - Reorganized API endpoints for improved structure and accessibility. | ||
| - Added a favicon for UI polish. | ||
|
|
||
| ### Bug Fixes: | ||
| - Grafana Docker Compose no longer uses the root user. | ||
| - Ensured all Docker containers are `amd64` (not `arm`). | ||
| - Fixed issues with command windows staying open after execution. | ||
| - Improved RDP functionality, fixing connectivity bugs. | ||
| - Resolved issues with delay values exceeding integer limits. | ||
| - Added "log" level to application logs for better insight into operations. | ||
| - Fixed documentation bug related to machine group timelines. | ||
|
|
||
| --- | ||
|
|
||
| ## Key Links | ||
|
|
||
| - [Quick Start: Installation from distribution binaries](https://cmu-sei.github.io/GHOSTS/quickstart/) | ||
| - [GHOSTS Documentation](https://cmu-sei.github.io/GHOSTS/) | ||
| - [Don't hesitate to submit issues and feature requests](https://github.com/cmu-sei/GHOSTS/issues) | ||
| - [Submit issues and feature requests](https://github.com/cmu-sei/GHOSTS/issues) | ||
|
|
||
| --- | ||
|
|
||
| ## Platform Components | ||
|
|
||
| ### Ghosts Clients (Windows & Linux) | ||
|
|
||
| GHOSTS clients simulate users on a machine doing "user-like" things. They can be configured to: | ||
|
|
||
| - Browse the web | ||
| - Create and edit office documents | ||
| - Send and respond to email | ||
| - Run terminal commands | ||
| - Etc. | ||
| GHOSTS clients simulate user-like behavior on a machine. Configurable tasks include: | ||
| - Web browsing | ||
| - Document creation and editing | ||
| - Email sending and responding | ||
| - Running terminal commands | ||
| - And more. | ||
|
|
||
| ### Ghosts API Server | ||
| The API server enables clients to interact with GHOSTS and provides the following functionality: | ||
| - Manage clients, add/remove groups, etc. | ||
| - Retrieve/manage client activity data. | ||
| - Orchestrate new tasks for clients to perform. | ||
|
|
||
| The API server provides a way for clients to interact with the GHOSTS system and its clients. It can: | ||
| ### Ghosts UI | ||
| The UI offers an interface for managing machines, groups, and deploying timelines, providing an easier way to interact with the GHOSTS system. | ||
|
|
||
| - Manage clients, add/remove them from groups, etc. | ||
| - Get/manage information from clients regarding their previous or current activities, etc. | ||
| - Orchestrate new activities for particular clients to perform | ||
| ### Ghosts Lite | ||
| A minimalistic version of the Windows GHOSTS client, suitable for running on systems with limited resources. | ||
|
|
||
| ### [Ghosts UI](src/ghosts.ui/README.md) | ||
| ### Pandora Content Server | ||
| A server that provides requested content to GHOSTS clients, dynamically generating responses or serving static content for training, exercises, and red-teaming. | ||
|
|
||
| The web server provides a way for administrators to interact with the GHOSTS system and its clients. | ||
| ### Pandora Socializer Server | ||
| This server allows GHOSTS clients to interact with simulated social media content, enhancing the realism of cyber scenarios. | ||
|
|
||
| ### [Ghosts Lite](src/Ghosts.Client.Lite/) | ||
|
|
||
| A resource light version of the Windows GHOSTS client that can be run on minimal hardware. | ||
|
|
||
| ### [Pandora Content Server](src/ghosts.pandora/) | ||
|
|
||
| A server that provides content to GHOSTS clients (or otherwise). Pandora determines what you most likely requested, creates that content, and serves it back in the response. Pandora also has the ability to serve predetermined static content for training and exercise purposes (and red-teaming). | ||
|
|
||
| ### [Pandora Socializer Server](src/ghosts.pandora.socializer/) | ||
|
|
||
| The social media (x.com) server that enables Ghosts clients to post and interact with social media content. | ||
| --- | ||
|
|
||
| ## License | ||
|
|
||
| [DISTRIBUTION STATEMENT A] This material has been approved for public release and unlimited distribution. | ||
| Copyright 2017 Carnegie Mellon University. All Rights Reserved. See LICENSE.md file for terms. |
Oops, something went wrong.