Vectr
What is Vectr?
Vectr (Github) is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios.
What does the Vectr plugin do?
The Vectr plugin will automatically send your executed TTP data to Vectr in real-time. A top-level Prelude assessment is created in Vectr, then campaigns are configured in one of 2 ways depending upon how you configure the campaign value. If the campaign field is left blank or set to the default "automatic" value, every click of the Deploy
button in Operator will create a new timestamped campaign in Vectr. If the campaign value is manually specified, then TTP data will append to that specific campaign.
Configuring the plugin
First, go the setting and click on Vectr plugin to install it. Next, you must configure your settings:
- macOS: ~/Library/Application\ Support/Operator/portal.prelude.org/plugins/Vectr/config.yml
- linux: ~/.config/Operator/portal.prelude.org/plugins/Vectr/config.yml
- Windows: %APPDATA%\Operator\portal.prelude.org\plugins\Vectr\config.yml
Update your config.yml
file to have your correct settings under the config
object:
config:
url: https://sravectr.internal:8081
database: PURPLE_DEMO_CE
org_name: MITRE
key_id: OSDZXU77OZSB8DXEAQK4VG
secret_key: Rl5i3b0gdhPgu/4+Ooa+MofmvWwFRyOfAGwrqEayWk8=
campaign: automatic
Configure the optional campaign field. If the campaign value is manually specified, then TTP data will append to that specific campaign. Otherwise, Operator will generate a new campaign automatically for each Deploy
:
- campaign: automatic
Updated almost 2 years ago