Commit Graph

232 Commits

Author SHA1 Message Date
Mike Salvatore 551928369a zoo: update command to run blackbox tests
Commit 3f687f6ae introduced a dependency on `common/`. Update the
instructions in blackbox/README.md to reflect this change.
2021-03-08 09:47:16 -05:00
Mike Salvatore 34b0830c77 zoo: add drupal exploiter blackbox test 2021-03-08 09:42:48 -05:00
Mike Salvatore 3164ae77c4 zoo: add drupal-28 to teraform scrips 2021-03-08 08:54:45 -05:00
Mike Salvatore 0fb0c58fd4 zoo: add missing port number in blackbox/README.md 2021-03-08 08:54:15 -05:00
VakarisZ f43d9fe035 ZL BB tests: Renamed "ZeroLogon" to "Zerologon" for cinsistency, extracted relevant credential extortion from island config into a separate method. 2021-03-08 13:58:11 +02:00
VakarisZ 70ec513f51 Added logging to the ZeroLogon analyzer 2021-03-08 13:10:14 +02:00
VakarisZ b43f669081 Bugfix: removed unneeded exploitation test run in ZeroLogon BB test 2021-03-08 12:35:31 +02:00
VakarisZ 44f6ce36b6 Fixed credentials in zerologon exploiter to match. 2021-03-08 12:05:00 +02:00
VakarisZ 263fa53ea5 Added an endpoint on the island for telemetry tests. This allows for tests like blackbox tests to send queries and check whether a certain telemetry is in the database or not 2021-03-08 11:13:31 +02:00
VakarisZ f6b0682297 Added ZeroLogon test to the BlackBox infrastructure. 2021-03-08 11:07:24 +02:00
VakarisZ 3848dbeb32 Fixed a bug in configuration generation for BB tests. Bug was related to incorrect references 2021-03-05 10:50:55 +02:00
VakarisZ 5837240107 Refactored tests to use the new configuration parser 2021-03-02 15:23:27 +02:00
VakarisZ aaab827e32 Refactored configuration parser to pull configs, apply template and submit them instead of loading configs from file. 2021-03-02 15:23:27 +02:00
VakarisZ 8ca72bbf31 Simplified test configuration templates even more and removed old and outdated configuration files 2021-03-02 15:23:23 +02:00
VakarisZ edc8fff0a7 Extracted relevant config parameters for each BB test and made templates from those 2021-03-02 15:20:17 +02:00
VakarisZ ade2917ba3 Merge remote-tracking branch 'upstream/develop' into 519/scoutsuite-integration
# Conflicts:
#	.swm/OwcKMnALpn7tuBaJY1US.swm
#	.swm/tbxb2cGgUiJQ8Btma0fp.swm
#	.travis.yml
#	deployment_scripts/config
#	monkey/common/utils/exceptions.py
#	monkey/infection_monkey/control.py
#	monkey/infection_monkey/exploit/hadoop.py
#	monkey/monkey_island/cc/environment/set_server_config.py
#	monkey/monkey_island/cc/resources/pba_file_upload.py
#	monkey/monkey_island/cc/services/version_update.py
#	monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/RunOptions.js
#	monkey/monkey_island/cc/ui/src/styles/Main.scss
#	monkey/monkey_island/cc/ui/src/styles/components/Buttons.scss
2021-01-28 16:13:26 +02:00
Mike Salvatore 0bae2b922d monkey_zoo: minor fixes to monkey_zoo docs 2021-01-19 15:30:48 -05:00
VakarisZ d8ee740750 Added zero logon to monkeyzoo 2020-11-05 23:40:48 +05:30
VakarisZ abe20c6a3a Once again fixed isort bug in travis and fixed some imports 2020-10-07 10:32:33 +03:00
Shay Nehmad 910e8355f9 Fix or noqa some python linter errors
Also, replace os.path with Path
2020-08-31 14:13:56 +03:00
VakarisZ 31b875aacc Fixed PTH credentials BB island configs 2020-08-03 15:22:19 +03:00
VakarisZ 31b2800ece Fixed BB test configs - fixed internal/network and internal/exploits 2020-08-03 12:23:17 +03:00
VakarisZ c59be36909 Fixed elastic test config for BB tests 2020-07-31 11:54:12 +03:00
VakarisZ 444ce91f2b Fixed more BB island config problems 2020-07-30 17:24:38 +03:00
VakarisZ f71e6630bc Bugfixed SSH configuration and island_config_parser.py 2020-07-30 15:56:49 +03:00
VakarisZ b996b6e2e8 Updated all configs used in BB tests 2020-07-30 15:48:17 +03:00
VakarisZ d9ed06d765 BB quickfixes: fixed island client authentication bug ("JWT" -> "bearer" in auth header), improved readme a bit. 2020-07-30 12:41:25 +03:00
Shay Nehmad 9846477bea Change to isort from flake8-import-order
fix issues in envs/ as well
2020-07-15 18:46:04 +03:00
VakarisZ 30fde6deb3 Changed testing documentation that relates to password protection 2020-06-23 12:24:02 +03:00
VakarisZ 39231abbab Skip performance tests that actually run monkeys by default 2020-06-15 11:26:43 +03:00
VakarisZ ffda4e858c
Merge pull request #664 from guardicore/feature/smb_vulnerable_port_fix
SMB vulnerable port fix
2020-05-26 14:33:00 +03:00
Shay Nehmad 2cf9c9c0fe Fix minor linter issues 2020-05-24 13:55:11 +03:00
VakarisZ 9864720fb5 Get node label performance improvement and small BB test changes 2020-05-22 21:22:29 +03:00
VakarisZ 87e50d37f1 Small fixes: island reset added to telemetry performance test, fixed a bug on report generation test 2020-05-14 10:55:59 +03:00
VakarisZ 991cbec7ff Added cmd options to disable interaction with GCP and run quick performance tests. 2020-05-13 10:44:04 +03:00
VakarisZ 3d97cb3b61 Merge branch 'zt_performance_fixes' into security_performance_fixes
# Conflicts:
#	envs/monkey_zoo/blackbox/test_blackbox.py
#	monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/EventsModal.js
2020-05-12 17:44:24 +03:00
VakarisZ 9b350b8bf5 Minor fixes and improvements 2020-05-11 17:58:58 +03:00
VakarisZ 7663615a4f Merge branch 'monkey_telemetry_fabrication' into zt_performance_fixes 2020-05-11 17:01:18 +03:00
VakarisZ 67b7d0b769 Improved telemetry fabrication logging and failing if telemetry folders don't exist 2020-05-11 16:56:05 +03:00
VakarisZ 08f46a8ac9 Merge branch 'monkey_telemetry_fabrication' into zt_performance_fixes
# Conflicts:
#	envs/monkey_zoo/blackbox/test_blackbox.py
#	monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/EventsModal.js
2020-05-11 16:42:53 +03:00
VakarisZ e189e96259 Improved the dir structure of telem parsing, other minor CR comments fixed 2020-05-11 16:32:18 +03:00
VakarisZ f94098aca6 Merge remote-tracking branch 'upstream/develop' into security_performance_fixes
# Conflicts:
#	envs/monkey_zoo/blackbox/island_client/monkey_island_client.py
#	envs/monkey_zoo/blackbox/test_blackbox.py
#	monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/EventsModal.js
2020-05-11 10:10:27 +03:00
VakarisZ 73832bd0cb Updated PERFORMANCE.conf to include all machines and a lot of segmentation tests 2020-05-07 17:12:48 +03:00
VakarisZ a98b348d24 Merge remote-tracking branch 'upstream/develop' into monkey_telemetry_fabrication
# Conflicts:
#	envs/monkey_zoo/blackbox/island_client/monkey_island_client.py
#	envs/monkey_zoo/blackbox/test_blackbox.py
2020-05-07 12:15:43 +03:00
VakarisZ 9aff40d974 Fake IP's don't get out of range, fixed typo in requirements and added logging to telem parsing 2020-05-07 11:20:08 +03:00
Ace Pace 4c27ea4f7b Fix a few more. Re set the number of flake warnings to be higher :( 2020-05-05 23:47:41 +03:00
VakarisZ f73beac3a7 Implemented map/report generation tests which are based on telemetries rather than real exploitation 2020-04-30 16:12:58 +03:00
VakarisZ 1a784791fd Fixed a typo in supported_request_method.py filename 2020-04-29 11:17:08 +03:00
VakarisZ 1352747c4e Removed debugging comments 2020-04-29 10:39:10 +03:00
VakarisZ 55d3fd5bd8 More improvement on telemetry fabrication logging 2020-04-28 17:54:12 +03:00
VakarisZ 41ae125980 Fixed telemetry performance test logging bugs and improved logging to display only N longest telems instead of all 2020-04-24 16:41:00 +03:00
VakarisZ baa1598a1b Added progress bars, optimized imports, fixed bug that happened on big numbers of telems 2020-04-24 13:19:07 +03:00
VakarisZ 986e52716f Finished telemetry performance test (time measurements, refactoring) 2020-04-23 19:46:58 +03:00
VakarisZ 78b0186613 Finished telemetry fabrication 2020-04-23 19:44:24 +03:00
VakarisZ b6e0e30d58 Splitting classes into multiple files 2020-04-20 18:23:25 +03:00
VakarisZ 636c8f6d3f Added the ability to forge more intricate setup telemetries + small bugfixes, refactors and improvements 2020-04-20 17:49:24 +03:00
VakarisZ 1ccbb3d989 Finished fabricated monkey telemetry sending 2020-04-16 16:39:10 +03:00
VakarisZ 5fa27c14e8 Bugfixes and debugging comments removed 2020-04-15 09:38:08 +03:00
VakarisZ 0e2a3a54a9 Merge remote-tracking branch 'upstream/develop' into map_generation_test
# Conflicts:
#	envs/monkey_zoo/blackbox/test_blackbox.py
2020-04-10 17:07:41 +03:00
VakarisZ 367017a6b6 Refactored and further improved performance test code structure 2020-04-10 14:32:39 +03:00
VakarisZ c8d8cc3941 Removed pytest fail mark from fixed tunneling test and moved to performance test 2020-04-09 18:25:33 +03:00
VakarisZ 0fc5615058 Further improving and refactoring performance test code 2020-04-09 18:23:01 +03:00
VakarisZ 1ed4b29786 BB fixes: updated struts2 configuration and increased tunneling timeout 2020-04-09 16:22:07 +03:00
VakarisZ b701375236 Fixed bug where tunneling-11 doesn't get turned on/off during bb tests 2020-04-08 18:24:44 +03:00
VakarisZ a74a7cc48f Added tunneling-12 (windows) machine to monkeyzoo infra and test config. 2020-04-08 12:14:33 +03:00
Shay Nehmad 4da6a6a491
Merge pull request #527 from VakarisZ/old_machine_bootloader
Old machine bootloader
2020-03-30 17:06:12 +03:00
VakarisZ 303dda1621 Refactoring current tests 2020-03-30 10:45:42 +03:00
Shay Nehmad 347941c776 Delete unused function 2020-03-16 14:31:13 +02:00
VakarisZ f82b56fca6 Improved bootloader telem logging, added docs about monkeyzoo tunneling machine used in tests 2020-03-16 12:07:17 +02:00
Shay Nehmad 31c348d26a Update test_blackbox.py 2020-03-15 16:58:49 +02:00
VakarisZ d75299be25 Removed unnecessary comments, unused file, improved parsing of linux requests 2020-03-12 15:56:06 +02:00
Shay Nehmad afbc13a06b CR fixes 2020-02-25 14:57:50 +02:00
Shay Nehmad e815ac53da Changed the post_exec analyzer to not work with Analyzer log but rather work with regular log 2020-02-25 12:19:57 +02:00
Shay Nehmad 97976cdbc5 Got 500 from delete operation so simplyfing and re-trying 2020-02-25 11:24:28 +02:00
Shay Nehmad 9965947d3f Analyzer works. now need to add setup to Terraform and add new config 2020-02-23 17:26:29 +02:00
Shay Nehmad 20be94d606 WIP trying to get the BB test to work 2020-02-23 15:24:44 +02:00
Shay Nehmad 4461097c60 Added the API /test/clear_caches
Currently clears only the reports from Mongo
2020-02-23 14:02:18 +02:00
Daniel Goldberg 6bef096e71 Fix spacing 2019-11-28 12:46:33 +01:00
Daniel Goldberg 58b775cfb5 Try to avoid flake warnings on not checking SSL 2019-11-28 12:41:37 +01:00
Daniel Goldberg 052e853b20 Convert terraform to modern style 2019-11-27 13:41:02 +02:00
Daniel Goldberg e92665a427 Random PEP8 cleanups 2019-11-27 13:39:47 +02:00
VakarisZ e5715f5a7e Removed unnecessary logging of config in BB and MSSQL unhandled error 2019-10-31 12:11:22 +02:00
VakarisZ dba52fcbed BB tests bugfix of not refreshing JWT 2019-10-30 14:38:17 +02:00
VakarisZ 95c63d6cef Rollback of accidental changes 2019-10-29 16:29:51 +02:00
VakarisZ 64ec629306 Machine name in BB fix 2019-10-29 14:04:48 +02:00
VakarisZ b78b7980ed Fixed terraform scripts and configuration files 2019-10-11 17:08:15 +03:00
Shay Nehmad e0f4d1ed83 Added module + filename + line number to logs output in Blackbox 2019-10-07 13:49:13 +03:00
Shay Nehmad ff3c455cb0 Added more logs to testing output and changed printing to logging to attach testing output to test 2019-10-07 12:20:19 +03:00
Shay Nehmad f45428186d Marked tunneling test as xfail until we figure out why it doesn't work 2019-10-07 10:39:40 +03:00
Shay Nehmad 59e3deb09e Added logs that write the test config 2019-10-07 10:39:11 +03:00
Shay Nehmad 2dec2e6a70 Improved log parser logs 2019-10-06 19:59:40 +03:00
Shay Nehmad cde256e4b9 Log parser shows error and warning amount 2019-10-06 15:20:01 +03:00
Shay Nehmad dde2e1a7e4 Added some documentation and improved logging in Blackbox 2019-10-06 15:05:34 +03:00
VakarisZ 3a02dd97e1 Removed unused package requirement 2019-10-03 15:43:18 +03:00
VakarisZ f962894038 Real time logging implemented 2019-10-01 16:11:53 +03:00
VakarisZ 73d434119d CR comments fixed 2019-10-01 10:42:51 +03:00
VakarisZ 72e30bb631 Added 2 PTH tests, changed consts to improve stability 2019-09-24 16:18:11 +03:00
VakarisZ 896e6e486f Added env. reset before tests 2019-09-19 14:38:17 +03:00
VakarisZ 018d3ddc08 Fixed bugs regarding waiting for monkeys to die, readability improvements 2019-09-17 09:17:29 +03:00
VakarisZ 91fe7c22a8 Removed comments that were used in testing 2019-09-13 16:50:12 +03:00
VakarisZ e0a38f3b19 Refactored gitignore to include gcp_keys directory but not it's contents 2019-09-13 16:40:43 +03:00
VakarisZ 9938ba9574 Implemented logs 2019-09-13 16:12:58 +03:00
VakarisZ a17305a324 More improvements on the configs 2019-09-11 17:35:41 +03:00
VakarisZ e6060b6729 Merge remote-tracking branch 'upstream/develop' into 420/blackbox 2019-09-11 13:56:50 +03:00
VakarisZ 36b6752827 Refactored to run series of tests, improved configurations, file structure 2019-09-11 12:39:28 +03:00
VakarisZ 0ee4445ca1 Added timeout to tests, added logs 2019-09-06 20:59:11 +03:00
VakarisZ 772880f952 Added resources explicitly for testing, improved analyzer, added config parser class 2019-09-05 15:03:30 +03:00
VakarisZ 5ab36ffd01 Added firewall rules, fixed buggy ones 2019-09-04 16:06:49 +03:00
VakarisZ 4f67eea2a1 Improved monkeyzoo docs, updated config, fixed prefix bugs 2019-09-04 10:29:38 +03:00
VakarisZ c779887955 Added prefixes to all resources 2019-09-03 17:22:07 +03:00
Shay Nehmad a0d932908f Merge branch '420/blackbox' of https://github.com/guardicore/monkey into 420/blackbox 2019-08-29 18:48:39 +03:00
Shay Nehmad 5afded480e Now run monkey works 2019-08-29 18:48:35 +03:00
VakarisZ 919a7ddd11 Carcass of analyzers added 2019-08-29 18:18:25 +03:00
Shay Nehmad ebd2628516 Now pytest gets --island 1.2.3.4:5000 as command line param 2019-08-29 15:14:07 +03:00
Shay Nehmad 98a60a37df Works talking to server 2019-08-29 14:57:04 +03:00
VakarisZ cd81588f09 island configurations for tests added 2019-08-28 18:21:14 +03:00
VakarisZ 0a512ac9eb temp ssh conf removed 2019-08-28 18:20:24 +03:00
Shay Nehmad 11a1578893 Added setting project to GCPHandler 2019-08-28 14:56:35 +03:00
Shay Nehmad 45fa7570ef Add monkey zoo gitignore so we don't commit keys be accident 2019-08-28 14:26:39 +03:00
VakarisZ a29408c07d GCP handler implemented 2019-08-27 18:13:17 +03:00
Shay Nehmad 0f5f01c4b1 Just some more skeleton code 2019-08-27 16:23:09 +03:00
Shay Nehmad c611903baf Basic skeleton for blackbox script 2019-08-27 15:52:39 +03:00
VakarisZ 4d8cd768fc Updated monkeyzoo images and added tunneling-11 2019-08-25 18:33:21 +03:00
Daniel Goldberg 3ca2df85e2 Remove all mention of RDP grinder 2019-08-21 10:02:44 +02:00
VakarisZ ef3caa866d MsSQL docs improved 2019-04-17 16:14:05 +03:00
Daniel Goldberg 1f28023c45
Add permissions 2019-04-11 14:00:15 +03:00
VakarisZ 92206c8c84 Added topography image, improved docs and readme 2019-04-11 10:26:46 +03:00
VakarisZ 9019db777a Removed docs that can not be versioned 2019-03-05 11:56:58 +02:00
VakarisZ f21f63fc71 victims_max_exploit changed to 30 and RDP exploiter added to fullTest.conf 2019-01-24 12:16:31 +02:00
VakarisZ 282c3a7e5c Added port 5000 to firewall rules to allow remote connection to the island 2019-01-23 17:13:00 +02:00
VakarisZ 321bbc1f9f Terrafrom files refactored, docs improved, markup version of docs added. 2019-01-23 16:55:53 +02:00
VakarisZ 0e56a62e20 File structure change, documentation and default config files added 2019-01-22 17:32:42 +02:00