{"id":18410600,"url":"https://github.com/vesche/grr-govcloud","last_synced_at":"2025-04-12T22:45:07.700Z","repository":{"id":85570729,"uuid":"58687977","full_name":"vesche/grr-govcloud","owner":"vesche","description":"google grr deployment on govcloud","archived":false,"fork":false,"pushed_at":"2016-05-13T13:18:13.000Z","size":3,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-12T22:45:04.350Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vesche.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-05-13T01:03:12.000Z","updated_at":"2019-01-23T04:00:12.000Z","dependencies_parsed_at":"2023-06-26T01:46:25.576Z","dependency_job_id":null,"html_url":"https://github.com/vesche/grr-govcloud","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vesche%2Fgrr-govcloud","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vesche%2Fgrr-govcloud/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vesche%2Fgrr-govcloud/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vesche%2Fgrr-govcloud/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vesche","download_url":"https://codeload.github.com/vesche/grr-govcloud/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248643047,"owners_count":21138353,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-06T03:33:01.196Z","updated_at":"2025-04-12T22:45:07.680Z","avatar_url":"https://github.com/vesche.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# grr-govcloud\nThis is an install script for deploying [Google GRR](https://github.com/google/grr) along with [shellinabox](https://github.com/shellinabox/shellinabox) on [AWS GovCloud](https://aws.amazon.com/govcloud-us/). This is intended for conducting live, secure, and remote host-based forensics on sensitive networks during an incident response. Shellinabox (configured to communicate over ssl) is provided as a mechanism to interact with the GRR server securely in an environment where ssh is not available.\n\n## Install\nRequires Ubuntu 14.04 with Python 2.7.9+\n```\nsudo apt-get install git\ngit clone https://github.com/vesche/grr-govcloud\ncd grr-govcloud\nsudo bash install.sh\n```\n\n## Seurity Groups\nWithin GovCloud you will need to add a few security groups. Add the external IP that your team will be interacting with the server from to allow incoming traffic from port 443 and 8000. In addition, allow incoming traffic on port 80 from the external ip range of your client network.  \n\nThis will allow only your team to connect to shellinabox via `https://\u003cexternal_ip\u003e/shell`, the Google GRR admin interface via `http://\u003cexternal_ip\u003e:8000`, and allow your clients to communicate with your server using [encrypted HTTP POST requests](https://github.com/google/grr-doc/blob/master/implementation.adoc#client-communication-and-encryption).\n\n## Agent Deployment\nNote that before deploying agents you will need to contact the HBSS administrator of the customer network to have the Google GRR client process whitelisted. This process can be named to suit your needs.\n\nTo download clients navigate to the admin interface and under **Manage Binaries** -\u003e **executables** -\u003e **Windows** -\u003e **installers** and grab the client you require.\n\nThere are many security-related [agent protection](https://github.com/google/grr-doc/blob/master/admin.adoc#agent-protection) recommendations that would be wise to implement.\n\nThe Windows installer is a self-extracting executable which can be deployed easily using SCCM. If deployment requires an MSI format, see [here](http://grr-response.blogspot.com/2014/12/wrapping-grr-installers-as-msi-file.html).\n\n## Post-install\nConfiguration of GRR post-install is left up to the administrator. The [Administrator Documentation](https://github.com/google/grr-doc/blob/master/admin.adoc) is very thorough.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvesche%2Fgrr-govcloud","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvesche%2Fgrr-govcloud","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvesche%2Fgrr-govcloud/lists"}