p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity
9,789 Commits 31 Branches 20 Tags 48 MiB
Commit Graph

9789 Commits

Author SHA1 Message Date
Ilija Lazoroski 20f529d6a2 UT: Separate mimikatz credentials stolen event test 2022-08-18 09:22:59 +02:00
Shreya Malviya 6722057491 Agent: Use existing patch function in test_pypykatz_result_parsing_no_secrets 2022-08-17 18:03:07 +05:30
Shreya Malviya 4334740002 UT: Simplify test_mimikatz_credentials_stolen_event_published 2022-08-17 17:31:06 +05:30
Shreya Malviya 2c3b29493f Agent: Define SSH_COLLECTOR_EVENT_TAGS as a frozenset 2022-08-17 17:29:48 +05:30
Shreya Malviya 5747c2e8b4 UT: Update MimikatzCredentialCollector test now that MIMIKATZ_EVENT_TAGS is a frozenset 2022-08-17 17:28:44 +05:30
Shreya Malviya 3dca01d5d5 Agent: Define MIMIKATZ_EVENT_TAGS as a frozenset 2022-08-17 17:28:18 +05:30
Shreya Malviya f9f3daffa7 UT: Add missing type hint to event_queue_subscriber fixture 2022-08-17 14:48:16 +05:30
Shreya Malviya f510b89c08 UT: Move event_queue_subscriber fixture back to test_pypubsub_event_queue.py 2022-08-17 14:46:54 +05:30
Shreya Malviya 11901b1835 UT: Simplify variable logic in MimikatzCredentialCollector's event publishing test 2022-08-17 14:44:43 +05:30
Shreya Malviya eb17b20625 UT: Simplify MimikatzCredentialCollector's event publishing test 2022-08-17 14:41:26 +05:30
Shreya Malviya 8f789b9d60 Agent: Remove unneeded argument passed to CredentialsStolenEvent in MimikatzCredentialCollector 2022-08-17 11:52:02 +05:30
Shreya Malviya 7faf6d3ecf Agent: Modify Mimikatz credential collector's attack technique tags' strings 2022-08-17 11:50:38 +05:30
Shreya Malviya 457cc6be27 Agent: Modify Mimikatz credential collector tag string 2022-08-17 11:49:43 +05:30
Shreya Malviya a0cf3d65f4 Agent: Rename variable in SSH handler 2022-08-17 11:48:35 +05:30
Shreya Malviya 140967b05f UT: Use event_queue_subscriber fixture in MimikatzCredentialCollector tests 2022-08-17 11:47:52 +05:30
Shreya Malviya b6c7001294 UT: Use event_queue_subscriber fixture in PyPubSubEventQueue tests 2022-08-17 11:47:52 +05:30
Shreya Malviya 2fbe9f3a4a UT: Create event_queue_subscriber fixture 2022-08-17 11:47:52 +05:30
Shreya Malviya b7ada959fa UT: Simplify MimikatzCredentialCollector's event publishing test 2022-08-17 11:47:52 +05:30
Shreya Malviya 95a3be0273 UT: Add test to check CredentialStolenEvent is published in MimikatzCredentialCollector 2022-08-17 11:47:52 +05:30
Shreya Malviya f453ff21fd UT: Pass event queue to MimikatzCredentialCollector's constructor in tests 2022-08-17 11:47:52 +05:30
Shreya Malviya c8a2c2156b Agent: Fix variable name in MimikatzCredentialCollector 2022-08-17 11:47:51 +05:30
Shreya Malviya 56770d25c6 Agent: Publish credentials stolen event in MimikatzCredentialCollector 2022-08-17 11:47:51 +05:30
Shreya Malviya e03f140749 Agent: Add function to publish credentials stolen event in Mimikatz credential collector 2022-08-17 11:47:51 +05:30
Shreya Malviya b5058ce611 Agent: Add event tag constants for Mimikatz credential collector 2022-08-17 11:47:51 +05:30
Shreya Malviya d745e10bf1 Agent: Accept event queue in Mimikatz collector's constructor 2022-08-17 11:47:51 +05:30
Mike Salvatore 2edaf52140
Merge pull request #2196 from guardicore/2176-modify-ssh-collector-for-events 
2176 modify ssh collector for events
 2022-08-16 12:41:14 -04:00
Ilija Lazoroski eec48e9cd8 Agent: Remove target from SSHCredentialCollector event construction 2022-08-16 17:31:02 +02:00
Ilija Lazoroski 205ff84b31 Common: Add defaults for each argument in AbstractEvent 2022-08-16 17:30:30 +02:00
Ilija Lazoroski b3d37d9223 Agent: Change SSHCredentialCollector tag to lowercase 2022-08-16 17:27:43 +02:00
Ilija Lazoroski 5466bd5dba UT: Remove unneeded fixture in SSHCredentialCollector tests 2022-08-16 17:26:25 +02:00
Ilija Lazoroski 142136dd41 Agent: Remove duplication in SSHCredentialCollector 2022-08-16 17:14:37 +02:00
Ilija Lazoroski d38a386f67 Agent: Add prefix `attack-` to attack tecniques tags 2022-08-16 14:25:28 +02:00
Ilija Lazoroski c18ceff85d Agent: Remove unneeded variable in SSHCredentialCollector 2022-08-16 14:24:26 +02:00
Ilija Lazoroski ea9082d412 Agent: Remove hack_event from CredentialsStolenEvent 2022-08-16 14:23:25 +02:00
Mike Salvatore 1d79d98689 Agent: Rename credentials_store -> propagation_credentials_repository 2022-08-16 08:17:04 -04:00
Ilija Lazoroski c3557caf1c Agent: Add _ATTACK_TECHNIQUE_ to attack_technique tags 2022-08-16 14:11:16 +02:00
Ilija Lazoroski fdd0368837 Agent: Extract SSH collector tags into constants 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 706a626d24 Agent: Move subscribtion to a separate method for readability 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 2a94a67767 Agent: Rename usr_info to user_info in ssh_handler 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 88bb856859 Common: Reorder params in docstring AbstractEvent 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 8f5681b1df Agent: Init a callable class and subscribe to it 2022-08-16 11:58:53 +02:00
Ilija Lazoroski d672fcfffe Agent: Fix a typo in ssh_handler 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 03d569cc00 Agent: Init SSHCredentialCollector with an IEventQueue 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 4aa71cba7e Agent: Remove default values from CredentialsStolenEvent creation 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 486a7a9225 Common: Use a temporary hack to define non-defaults from a inherited class event 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 5f631a78f7 Agent: Remove IGUID from config 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 39f07603a7 Agent: Define integer GUID and use it in ssh_handler 2022-08-16 11:58:53 +02:00
Ilija Lazoroski b22ccdb942 Agent: Publish CredentialsStolenEvent each time we find a SSHKeypair 2022-08-16 11:58:53 +02:00
Ilija Lazoroski e439a53bde UT: Fix SSHCredentialCollector test to accept IEventQueue 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 2610666f93 Agent: Publish an CredentialsStolenEvent from SSHCredentialCollector 2022-08-16 11:58:53 +02:00