Reverted relative paths in zero trust code back to absolute
This commit is contained in:
VakarisZ
parent
6f16ba431c
commit
baadb241e8
|
|
@ -2,10 +2,10 @@ import json
|
||||||
|
|
||||||
from monkey_island.cc.database import mongo
|
from monkey_island.cc.database import mongo
|
||||||
from monkey_island.cc.models.zero_trust.scoutsuite_data_json import ScoutSuiteRawDataJson
|
from monkey_island.cc.models.zero_trust.scoutsuite_data_json import ScoutSuiteRawDataJson
|
||||||
from ...zero_trust.scoutsuite.consts.scoutsuite_findings_list import SCOUTSUITE_FINDINGS
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.scoutsuite_findings_list import SCOUTSUITE_FINDINGS
|
||||||
from ...zero_trust.scoutsuite.data_parsing.rule_parser import RuleParser
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_parser import RuleParser
|
||||||
from ...zero_trust.scoutsuite.scoutsuite_zt_finding_service import ScoutSuiteZTFindingService
|
from monkey_island.cc.services.zero_trust.scoutsuite.scoutsuite_rule_service import ScoutSuiteRuleService
|
||||||
from ...zero_trust.scoutsuite.scoutsuite_rule_service import ScoutSuiteRuleService
|
from monkey_island.cc.services.zero_trust.scoutsuite.scoutsuite_zt_finding_service import ScoutSuiteZTFindingService
|
||||||
|
|
||||||
|
|
||||||
def process_scoutsuite_telemetry(telemetry_json):
|
def process_scoutsuite_telemetry(telemetry_json):
|
||||||
|
|
|
||||||
|
|
@ -2,10 +2,11 @@ import logging
|
||||||
import typing
|
import typing
|
||||||
|
|
||||||
from common.common_consts.system_info_collectors_names import (AWS_COLLECTOR, ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR,
|
from common.common_consts.system_info_collectors_names import (AWS_COLLECTOR, ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR,
|
||||||
PROCESS_LIST_COLLECTOR, SCOUTSUITE_COLLECTOR)
|
PROCESS_LIST_COLLECTOR)
|
||||||
from .aws import process_aws_telemetry
|
from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import process_aws_telemetry
|
||||||
from .environment import process_environment_telemetry
|
from monkey_island.cc.services.telemetry.processing.system_info_collectors.environment import \
|
||||||
from .hostname import process_hostname_telemetry
|
process_environment_telemetry
|
||||||
|
from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import process_hostname_telemetry
|
||||||
from monkey_island.cc.services.telemetry.zero_trust_checks.antivirus_existence import check_antivirus_existence
|
from monkey_island.cc.services.telemetry.zero_trust_checks.antivirus_existence import check_antivirus_existence
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
|
||||||
|
|
@ -2,21 +2,21 @@ from abc import ABC, abstractmethod
|
||||||
from typing import List
|
from typing import List
|
||||||
|
|
||||||
from common.common_consts import zero_trust_consts
|
from common.common_consts import zero_trust_consts
|
||||||
from .rule_names.cloudformation_rules import CloudformationRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.cloudformation_rules import CloudformationRules
|
||||||
from .rule_names.cloudtrail_rules import CloudTrailRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.cloudtrail_rules import CloudTrailRules
|
||||||
from .rule_names.cloudwatch_rules import CloudWatchRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.cloudwatch_rules import CloudWatchRules
|
||||||
from .rule_names.config_rules import ConfigRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.config_rules import ConfigRules
|
||||||
from .rule_names.ec2_rules import EC2Rules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.ec2_rules import EC2Rules
|
||||||
from .rule_names.elb_rules import ELBRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.elb_rules import ELBRules
|
||||||
from .rule_names.elbv2_rules import ELBv2Rules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.elbv2_rules import ELBv2Rules
|
||||||
from .rule_names.iam_rules import IAMRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.iam_rules import IAMRules
|
||||||
from .rule_names.rds_rules import RDSRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.rds_rules import RDSRules
|
||||||
from .rule_names.redshift_rules import RedshiftRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.redshift_rules import RedshiftRules
|
||||||
from .rule_names.s3_rules import S3Rules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.s3_rules import S3Rules
|
||||||
from .rule_names.ses_rules import SESRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.ses_rules import SESRules
|
||||||
from .rule_names.sns_rules import SNSRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.sns_rules import SNSRules
|
||||||
from .rule_names.sqs_rules import SQSRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.sqs_rules import SQSRules
|
||||||
from .rule_names.vpc_rules import VPCRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.vpc_rules import VPCRules
|
||||||
|
|
||||||
|
|
||||||
# Class which links ZT tests and rules to ScoutSuite finding
|
# Class which links ZT tests and rules to ScoutSuite finding
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,5 @@
|
||||||
from .scoutsuite_finding_maps import (DataLossPrevention, Logging,
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.scoutsuite_finding_maps import RestrictivePolicies, \
|
||||||
PermissiveFirewallRules,
|
SecureAuthentication, DataLossPrevention, UnencryptedData, PermissiveFirewallRules, ServiceSecurity, Logging
|
||||||
RestrictivePolicies,
|
|
||||||
SecureAuthentication, ServiceSecurity,
|
|
||||||
UnencryptedData)
|
|
||||||
|
|
||||||
SCOUTSUITE_FINDINGS = [PermissiveFirewallRules, UnencryptedData, DataLossPrevention, SecureAuthentication,
|
SCOUTSUITE_FINDINGS = [PermissiveFirewallRules, UnencryptedData, DataLossPrevention, SecureAuthentication,
|
||||||
RestrictivePolicies, Logging, ServiceSecurity]
|
RestrictivePolicies, Logging, ServiceSecurity]
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@ from abc import ABC, abstractmethod
|
||||||
from enum import Enum
|
from enum import Enum
|
||||||
from typing import List
|
from typing import List
|
||||||
|
|
||||||
from ...consts.service_consts import FINDINGS, SERVICE_TYPES, SERVICES
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import FINDINGS, SERVICES, SERVICE_TYPES
|
||||||
|
|
||||||
|
|
||||||
class AbstractRulePathCreator(ABC):
|
class AbstractRulePathCreator(ABC):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.cloudformation_rules import CloudformationRules
|
||||||
from ....consts.rule_names.cloudformation_rules import CloudformationRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||||
from ....consts.service_consts import SERVICE_TYPES
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||||
|
AbstractRulePathCreator
|
||||||
|
|
||||||
|
|
||||||
class CloudformationRulePathCreator(AbstractRulePathCreator):
|
class CloudformationRulePathCreator(AbstractRulePathCreator):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.cloudtrail_rules import CloudTrailRules
|
||||||
from ....consts.rule_names.cloudtrail_rules import CloudTrailRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||||
from ....consts.service_consts import SERVICE_TYPES
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||||
|
AbstractRulePathCreator
|
||||||
|
|
||||||
|
|
||||||
class CloudTrailRulePathCreator(AbstractRulePathCreator):
|
class CloudTrailRulePathCreator(AbstractRulePathCreator):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.cloudwatch_rules import CloudWatchRules
|
||||||
from ....consts.rule_names.cloudwatch_rules import CloudWatchRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||||
from ....consts.service_consts import SERVICE_TYPES
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||||
|
AbstractRulePathCreator
|
||||||
|
|
||||||
|
|
||||||
class CloudWatchRulePathCreator(AbstractRulePathCreator):
|
class CloudWatchRulePathCreator(AbstractRulePathCreator):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.config_rules import ConfigRules
|
||||||
from ....consts.rule_names.config_rules import ConfigRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||||
from ....consts.service_consts import SERVICE_TYPES
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||||
|
AbstractRulePathCreator
|
||||||
|
|
||||||
|
|
||||||
class ConfigRulePathCreator(AbstractRulePathCreator):
|
class ConfigRulePathCreator(AbstractRulePathCreator):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.ec2_rules import EC2Rules
|
||||||
from ....consts.rule_names.ec2_rules import EC2Rules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||||
from ....consts.service_consts import SERVICE_TYPES
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||||
|
AbstractRulePathCreator
|
||||||
|
|
||||||
|
|
||||||
class EC2RulePathCreator(AbstractRulePathCreator):
|
class EC2RulePathCreator(AbstractRulePathCreator):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.elb_rules import ELBRules
|
||||||
from ....consts.rule_names.elb_rules import ELBRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||||
from ....consts.service_consts import SERVICE_TYPES
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||||
|
AbstractRulePathCreator
|
||||||
|
|
||||||
|
|
||||||
class ELBRulePathCreator(AbstractRulePathCreator):
|
class ELBRulePathCreator(AbstractRulePathCreator):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.elbv2_rules import ELBv2Rules
|
||||||
from ....consts.rule_names.elbv2_rules import ELBv2Rules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||||
from ....consts.service_consts import SERVICE_TYPES
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||||
|
AbstractRulePathCreator
|
||||||
|
|
||||||
|
|
||||||
class ELBv2RulePathCreator(AbstractRulePathCreator):
|
class ELBv2RulePathCreator(AbstractRulePathCreator):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.iam_rules import IAMRules
|
||||||
from ....consts.rule_names.iam_rules import IAMRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||||
from ....consts.service_consts import SERVICE_TYPES
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||||
|
AbstractRulePathCreator
|
||||||
|
|
||||||
|
|
||||||
class IAMRulePathCreator(AbstractRulePathCreator):
|
class IAMRulePathCreator(AbstractRulePathCreator):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.rds_rules import RDSRules
|
||||||
from ....consts.rule_names.rds_rules import RDSRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||||
from ....consts.service_consts import SERVICE_TYPES
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||||
|
AbstractRulePathCreator
|
||||||
|
|
||||||
|
|
||||||
class RDSRulePathCreator(AbstractRulePathCreator):
|
class RDSRulePathCreator(AbstractRulePathCreator):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.redshift_rules import RedshiftRules
|
||||||
from ....consts.rule_names.redshift_rules import RedshiftRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||||
from ....consts.service_consts import SERVICE_TYPES
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||||
|
AbstractRulePathCreator
|
||||||
|
|
||||||
|
|
||||||
class RedshiftRulePathCreator(AbstractRulePathCreator):
|
class RedshiftRulePathCreator(AbstractRulePathCreator):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.s3_rules import S3Rules
|
||||||
from ....consts.rule_names.s3_rules import S3Rules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||||
from ....consts.service_consts import SERVICE_TYPES
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||||
|
AbstractRulePathCreator
|
||||||
|
|
||||||
|
|
||||||
class S3RulePathCreator(AbstractRulePathCreator):
|
class S3RulePathCreator(AbstractRulePathCreator):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.ses_rules import SESRules
|
||||||
from ....consts.rule_names.ses_rules import SESRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||||
from ....consts.service_consts import SERVICE_TYPES
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||||
|
AbstractRulePathCreator
|
||||||
|
|
||||||
|
|
||||||
class SESRulePathCreator(AbstractRulePathCreator):
|
class SESRulePathCreator(AbstractRulePathCreator):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.sns_rules import SNSRules
|
||||||
from ....consts.rule_names.sns_rules import SNSRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||||
from ....consts.service_consts import SERVICE_TYPES
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||||
|
AbstractRulePathCreator
|
||||||
|
|
||||||
|
|
||||||
class SNSRulePathCreator(AbstractRulePathCreator):
|
class SNSRulePathCreator(AbstractRulePathCreator):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.sqs_rules import SQSRules
|
||||||
from ....consts.rule_names.sqs_rules import SQSRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||||
from ....consts.service_consts import SERVICE_TYPES
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||||
|
AbstractRulePathCreator
|
||||||
|
|
||||||
|
|
||||||
class SQSRulePathCreator(AbstractRulePathCreator):
|
class SQSRulePathCreator(AbstractRulePathCreator):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.vpc_rules import VPCRules
|
||||||
from ....consts.rule_names.vpc_rules import VPCRules
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||||
from ....consts.service_consts import SERVICE_TYPES
|
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||||
|
AbstractRulePathCreator
|
||||||
|
|
||||||
|
|
||||||
class VPCRulePathCreator(AbstractRulePathCreator):
|
class VPCRulePathCreator(AbstractRulePathCreator):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
from monkey_island.cc.models.zero_trust.scoutsuite_finding_details import ScoutSuiteFindingDetails
|
from monkey_island.cc.models.zero_trust.scoutsuite_finding_details import ScoutSuiteFindingDetails
|
||||||
from monkey_island.cc.models.zero_trust.scoutsuite_rule import ScoutSuiteRule
|
from monkey_island.cc.models.zero_trust.scoutsuite_rule import ScoutSuiteRule
|
||||||
from ..scoutsuite.consts.scoutsuite_finding_maps import PermissiveFirewallRules, UnencryptedData
|
from monkey_island.cc.services.zero_trust.scoutsuite.consts.scoutsuite_finding_maps import PermissiveFirewallRules, \
|
||||||
|
UnencryptedData
|
||||||
|
|
||||||
SCOUTSUITE_FINDINGS = [
|
SCOUTSUITE_FINDINGS = [
|
||||||
PermissiveFirewallRules,
|
PermissiveFirewallRules,
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue