Commit Graph

4408 Commits

Author SHA1 Message Date
Shreya 81c6de75b7 Add Zerologon to documentation 2021-02-19 01:06:06 +05:30
Shreya 290385a8a0 Zerologon's success on a machine shouldn't prevent other exploit attempts on the machine
(ZL gathers credentials for other exploits)
2021-02-19 01:06:06 +05:30
Shreya 9c0fc7e435 Changes after manual testing 2021-02-19 01:06:06 +05:30
Shreya c05a48d34d Final exploit touches and report stuff 2021-02-19 01:06:05 +05:30
Shreya b57605b58d Changes from manual testing 2021-02-19 01:06:05 +05:30
Shreya 1cf07eff89 Improve log messages and comments 2021-02-19 01:06:05 +05:30
Shreya 13ef69c3ed Clean up code and comments 2021-02-19 01:06:05 +05:30
Shreya 53ef6feadf Restore password
(wmiexec to get HKLM keys --> secretsdump to get orig pwd nthash --> restore)
2021-02-19 01:06:05 +05:30
Shreya e7485bd02f Mention CVE 2021-02-19 01:06:05 +05:30
Shreya 8549ba14cf Bringing stuff together 2021-02-19 01:06:05 +05:30
Shreya 5cd8b39f0f Get original passwords' hashes 2021-02-19 01:06:05 +05:30
Shreya a4207494ec Change classes order in file 2021-02-19 01:06:05 +05:30
Shreya 44e15bd2a0 Add restore_password() 2021-02-19 01:06:05 +05:30
Shreya 9468de471d Partially add Zerologon exploiter 2021-02-19 01:06:05 +05:30
Shreya 2cc0a159e0 Rename "WindowsServer" fingerprinter: "Zerologon" makes more sense 2021-02-19 01:06:05 +05:30
Shreya 900bb7636d Basic config and report stuff 2021-02-19 01:06:05 +05:30
Mike Salvatore 978927c329
Merge pull request #970 from shreyamalviya/telemetry-tests
Telemetry unit tests
2021-02-18 14:18:05 -05:00
Shreya 2bc27b48de Use stub for PBA 2021-02-19 00:44:28 +05:30
Shreya 8bd30ceb4c Format code using black 2021-02-19 00:09:20 +05:30
Shreya 15107eeea3 Use constants/literals for tests 2021-02-19 00:02:34 +05:30
Shreya a4603853a9 Split test_attack_telem_classes.py and test_technique_telems.py into separate test files 2021-02-18 22:44:42 +05:30
Shreya 08addff8c5 Modify tests for attack telem classes and technique telems
- test `send()` instead of `get_data()` using fixture `spy_send_telemetry`
2021-02-18 22:34:15 +05:30
Mike Salvatore 4efdeeacc3 agent: remove dependency on pytest-mock 2021-02-18 09:59:52 -05:00
Mike Salvatore 86ffaf358f agent: break test_base_telem_classes into discrete test files 2021-02-18 09:53:55 -05:00
VakarisZ 522000d169 Swimm: update unit Define what your new PBA does (id: xYkxB76pK0peJj2tSxBJ). 2021-02-18 16:51:52 +02:00
VakarisZ 51abb5dacb Swimm: update unit Add a simple Post Breach action (id: tbxb2cGgUiJQ8Btma0fp). 2021-02-18 16:49:44 +02:00
VakarisZ 6d31afacd0 Swimm: update unit Add a new System Info Collector (id: OwcKMnALpn7tuBaJY1US). 2021-02-18 16:45:34 +02:00
Mike Salvatore 0ac9ce949c agent: reformat test_base_telem_classes.py with black 2021-02-18 09:38:37 -05:00
Mike Salvatore c2ed31bde8 telemetry: test `send()` for telemetry classes in `telemetry/` 2021-02-18 09:33:58 -05:00
Shreya 7960529ee9 Add conftest.py 2021-02-18 19:41:29 +05:30
VakarisZ a977ec4397 Cleaned up imports and added no inspection comments to pass flake 2021-02-18 10:55:12 +02:00
VakarisZ 414dbf0665 Merge remote-tracking branch 'upstream/develop' into 519/scoutsuite-integration 2021-02-17 16:59:06 +02:00
VakarisZ 81ea057509 Fixed a bug in MonkeyFindingDetails, where updating events using update was failing due to some internal mongoengine error. 2021-02-17 16:58:26 +02:00
VakarisZ 01c775e955 Refactored details out of abstract finding document. 2021-02-17 16:53:59 +02:00
VakarisZ 8b8c5f9590 Added RuleNameEnum class and a type hint related to it in abstract class 2021-02-17 16:20:13 +02:00
Shreya 42b7fa05d6 Add requirement 2021-02-17 19:02:20 +05:30
Shreya 6b0cc1e368 Add tests for other base telems + put all telem tests in one folder 2021-02-17 19:01:55 +05:30
Shreya b9bbfac30b Add/modify tests for attack telems 2021-02-17 18:25:38 +05:30
VakarisZ 25704b74c9 Zero Trust finding saving method refactored to remove code duplication between children 2021-02-11 16:53:19 +02:00
VakarisZ e96ee305fb Minor variable and method refactoring to improve readability in scoutsuite code 2021-02-11 16:52:20 +02:00
VakarisZ 3cb2a63a9d Changed rule name classes to inherit from RuleNameEnum to add a more specific type hints 2021-02-11 16:51:38 +02:00
Mike Salvatore de3adfd483
Merge pull request #964 from guardicore/payload_obfuscation
Payload obfuscation
2021-02-11 08:47:15 -05:00
VakarisZ f11736d451 Added no inspection comments and an explanation on why we use Crypto for shellcode_obfuscator.py 2021-02-11 15:29:29 +02:00
Mike Salvatore a7b79d6d03 cc: fix typo in pycrypto noqa comment 2021-02-11 08:26:10 -05:00
Mike Salvatore e4bcf2ef1c cc: ignore pycrypto security warnings since we use pycryptodome 2021-02-11 08:09:07 -05:00
Mike Salvatore 0cc65cb346
Merge pull request #924 from shreyamalviya/env-collection-errors
Catch exceptions in AwsInstance and AzureInstance
2021-02-10 08:51:48 -05:00
Shreya 11a0477dbb Rename test functions, add 404 response tests, and other tiny changes 2021-02-10 16:15:17 +05:30
VakarisZ 28e4a0f23d Altered shellcode obfuscator unit test to match the new code 2021-02-10 10:32:43 +02:00
VakarisZ baadb241e8 Reverted relative paths in zero trust code back to absolute 2021-02-09 15:51:34 +02:00
VakarisZ 6f16ba431c Minor refactorings of code style in zero trust code 2021-02-09 14:21:55 +02:00