Agent: Add event tag constants for Mimikatz credential collector
This commit is contained in:
Shreya Malviya
parent
d745e10bf1
commit
b5058ce611
|
|
@ -12,6 +12,17 @@ from .windows_credentials import WindowsCredentials
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
MIMIKATZ_CREDENTIAL_COLLECTOR_TAG = "MimikatzCredentialsStolen"
|
||||||
|
T1003_ATTACK_TECHNIQUE_TAG = "T1003"
|
||||||
|
T1005_ATTACK_TECHNIQUE_TAG = "T1005"
|
||||||
|
|
||||||
|
MIMIKATZ_EVENT_TAGS = {
|
||||||
|
MIMIKATZ_CREDENTIAL_COLLECTOR_TAG,
|
||||||
|
T1003_ATTACK_TECHNIQUE_TAG,
|
||||||
|
T1005_ATTACK_TECHNIQUE_TAG,
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
class MimikatzCredentialCollector(ICredentialCollector):
|
class MimikatzCredentialCollector(ICredentialCollector):
|
||||||
def __init__(self, event_queue: IEventQueue):
|
def __init__(self, event_queue: IEventQueue):
|
||||||
self._event_queue = event_queue
|
self._event_queue = event_queue
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue