From 055e56deba55cc4a3de4a3189ced2ced0c05cece Mon Sep 17 00:00:00 2001 From: Eric Capuano Date: Sat, 14 Oct 2023 16:26:13 -0500 Subject: [PATCH] added rclone conf Also optimized CloudStorage_All for maintainability --- Targets/Apps/RcloneConf.tkape | 17 +++++++++++++++++ Targets/Compound/CloudStorage_All.tkape | 20 ++++---------------- Targets/Compound/CloudStorage_Metadata.tkape | 8 ++++++-- 3 files changed, 27 insertions(+), 18 deletions(-) create mode 100644 Targets/Apps/RcloneConf.tkape diff --git a/Targets/Apps/RcloneConf.tkape b/Targets/Apps/RcloneConf.tkape new file mode 100644 index 000000000..06392ee20 --- /dev/null +++ b/Targets/Apps/RcloneConf.tkape @@ -0,0 +1,17 @@ +Description: Rclone config file +Author: Eric Capuano +Version: 1.0 +Id: 639f9e55-1ee1-4af4-be7c-e6303ffb4b0c +RecreateDirectories: true +Targets: + - + Name: Rclone Config + Category: Apps + Path: C:\ + FileMask: 'rclone.conf' + Recursive: true + +# Documentation +# Rclone is a popular exfil tool that supports many cloud storage services +# +# https://research.nccgroup.com/2021/05/27/detecting-rclone-an-effective-tool-for-exfiltration/ diff --git a/Targets/Compound/CloudStorage_All.tkape b/Targets/Compound/CloudStorage_All.tkape index 61f41f54b..07692390a 100644 --- a/Targets/Compound/CloudStorage_All.tkape +++ b/Targets/Compound/CloudStorage_All.tkape @@ -4,34 +4,18 @@ Version: 1.3 Id: 63c7ff1e-0fcb-45ae-9d72-29bf8458b6db RecreateDirectories: true Targets: - - - Name: Box Metadata - Category: Apps - Path: BoxDrive_Metadata.tkape - Name: Box User Files Category: Apps Path: BoxDrive_UserFiles.tkape - - - Name: Dropbox Metadata - Category: Apps - Path: Dropbox_Metadata.tkape - Name: Dropbox User Files Category: Apps Path: Dropbox_UserFiles.tkape - - - Name: Google Drive Metadata - Category: Apps - Path: GoogleDrive_Metadata.tkape - Name: Google Drive Backup and Sync User Files Category: Apps Path: GoogleDriveBackupSync_UserFiles.tkape - - - Name: OneDrive Metadata - Category: Apps - Path: OneDrive_Metadata.tkape - Name: OneDrive User Files Category: Apps @@ -44,6 +28,10 @@ Targets: Name: SugarSync Category: Apps Path: SugarSync.tkape + - + Name: CloudStorage Metadata + Category: Apps + Path: CloudStorage_Metadata.tkape # Documentation # For those looking to contribute to this list, check here for ideas: https://en.wikipedia.org/wiki/Comparison_of_online_backup_services. diff --git a/Targets/Compound/CloudStorage_Metadata.tkape b/Targets/Compound/CloudStorage_Metadata.tkape index 0611d69bd..98a7084d5 100644 --- a/Targets/Compound/CloudStorage_Metadata.tkape +++ b/Targets/Compound/CloudStorage_Metadata.tkape @@ -1,6 +1,6 @@ Description: Cloud Storage Metadata -Author: Chad Tilbury and Andrew Rathbun -Version: 1.0 +Author: Chad Tilbury and Andrew Rathbun, Eric Capuano +Version: 1.1 Id: 136ca523-2f99-4203-bd66-6aa50fe8d3a8 RecreateDirectories: true Targets: @@ -20,6 +20,10 @@ Targets: Name: OneDrive Metadata Category: Apps Path: OneDrive_Metadata.tkape + - + Name: Rclone Conf File + Category: Apps + Path: RcloneConf.tkape # Documentation # For those looking to contribute to this list, check here for ideas: https://en.wikipedia.org/wiki/Comparison_of_online_backup_services.