Title: STARGATE CNE Requirements

Release Date: 2014-12-13

Description: This undated page taken from GCHQ’s internal GCWiki cites the codename LEGSPIN (highlighted) also found in an analysis of Regin malware: see the Intercept article Operation Socialist: The Inside Story of How British Spies Hacked Belgium’s Largest Telco, 13 December 2014. gchq-stargate-cne-requirements

Document: SECRET STRAP1 COMINT

The maximum classification allowed on GCWiki is TOP SECRET STRAP1 COMINT. Click to report
inappropriate content.

For GCWiki help contact: webteam

Support page

STARGATE CNE Requirements

From GCWiki

(Redirected from OPCCNE Prototyping STARGATE CNE Requirements)
Jump to: navigation, search

OPCCNE Prototyping Team (team leader^^^^^^^^l

HOME .MAD . KITCHEN SINK . MARVAL ICE . IRONING BOARD . TIN REVERIE . SORCERER .
FEDEX

Agile . Admin . Andromeda . Data Characterisation . Desks . Discussion . Forensics . Index . Links . Notes
. Storyboards . Team . Training . Planning . Priorities . Unification Workshop . Infrastructure .
Development Process

This page is for OPH-CNE staff to add requirements
for STARGATE. You should start by reading the
Endpoint Initiative Requirements. Your requirement
may have already been captured.

Some headings have been added to get you started....

Contents

• 1 How should the file system be rendered?

• 2 How do you want to search the file system?

• 3 How do you want to get tasked by
customers?

• 4 What should appear on the summary pages?
What about summary pages for a Project or
Implant?

• 5 Embedded Comments

• 6 What would CNE need from Network
diagrams?

• 7 What input is most important
(ipconfig/netstat/dns/arps/....) ?

• 8 Scripts

• 9 Visualising non-DareDevil logs

• 10 Add a new section here!

[edit] How should the file system be
rendered?

• I would like to be able to use STARGATE to
view the files directly from the S drive. GCHQ

STARGATE

• User Guide

• Bugs & Feedback

• Deployments

• CNE Requirements

• Surgery

• Support

Administration

• User Management tool

• Plugins

VORPAL SWORD

• User Guide

• Bugs & Feedback

• Development

• Version history

CLOTHO 2

• Interface from ROYAL MANTLE

Architecture

• Connectivity

• ERIDANUS

• CHEYENNE MOUNTAIN

• CHEYENNE MOUNTAIN2

has a site wide license for OutsideIn
(QuickView uses this behind the scenes). You
can convert around ~350 document formats
into HTML for viewing safely. This is not
meant to replace udaq but would be a convinent
and safe halfway-house to view files quickly
for tactical operational reasons.

[editl How do you want to search the file
system?

[editl How do you want to get tasked by
customers?

[editl What should appear on the summary
pages? What about summary pages for a
Project or Implant?

[editl Embedded Comments

What form should they take? Do you want to be able to add attachments or hyperlinks. Do you want to be
alerted when a comment is added to your project?

• AQUILA

• CNE on the BIG BUS

Iterations

• Iteration 7 Feedback

• Iteration 6 Feedback

• Iteration 5 Feedback

Dev Team

[editl What would CNE need from Network diagrams?

[editl What input is most important (ipconfig/netstat/dns/arps/....) ?
[editl Scripts

Incorporate scripts detailed in the TDE wiki into STARGATE, eg;

• Email project lead (or interested party) when a volume manager event occurs. User

• Please add more ideas!

[editl Visualising non-DareDevil logs

• I need to be able to view logs from unix ops

• I need to be able to view logs from masquerades (directory listings from FTP servers)
User

• I need to be able to view logs from ops where i exploit on to the box and just use legspin
(THICKISH ALPHA) User:

[editl Add a new section here!

Retrieved from "https://

Categories: STARGATE | CNE Prototyping Team

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh