Shreya Malviya
|
7bdbdb1bfb
|
island: Go through internal config when generating reverse schema for unscanned attack techniques' reasons
|
2021-10-14 14:21:50 +05:30 |
Shreya Malviya
|
80811334d7
|
island: Reword message for unscanned attack techniques
|
2021-10-14 14:21:50 +05:30 |
Shreya Malviya
|
462b20f587
|
island: Add related attack techniques to internal config values 'exploit_ntlm_hash_list' and 'exploit_lm_hash_list'
|
2021-10-14 14:21:49 +05:30 |
Shreya Malviya
|
a9e0325b07
|
Merge pull request #1522 from guardicore/update-t1086-reporting
Update T1086 (PowerShell) reporting to include PBA results
|
2021-10-14 13:12:49 +05:30 |
Shreya Malviya
|
cff393fa63
|
island: Simplify tables' titles in T1086 report
|
2021-10-14 12:54:21 +05:30 |
Ilija Lazoroski
|
c3fb5ae441
|
UI: Change datatable for telemetries
Used MUIDataTable instead of DataTable from
react-data-components.
The above package is deleted as it is not used
anywhere else.
|
2021-10-13 23:20:25 +02:00 |
Mike Salvatore
|
67a7fb66c5
|
Docs: Fix numbering in password reset FAQ
|
2021-10-13 13:35:39 -04:00 |
Mike Salvatore
|
65f5189eb1
|
Docs: Fix broken "data directory" links in FAQ
|
2021-10-13 13:27:36 -04:00 |
Shreya Malviya
|
82eea6a845
|
cc: Change wording for T1086 reporting
|
2021-10-13 13:41:29 +05:30 |
Shreya Malviya
|
effd9dd957
|
island: Modify mongo query so 'Account Discovery' PBA also gets reported in T1086
|
2021-10-13 13:41:22 +05:30 |
Ilija Lazoroski
|
b404f75a34
|
UI: Fix telemetry filter
|
2021-10-12 13:37:42 +02:00 |
Mike Salvatore
|
8519edbbd2
|
Island: Explicitly handle path/string conversion in DataStoreEncryptor
|
2021-10-12 07:28:36 -04:00 |
Shreya Malviya
|
e3045c255a
|
cc: Change variables from snake case to camel case for consistency
|
2021-10-11 18:02:17 +05:30 |
Shreya Malviya
|
ee5585af75
|
cc: Modify T1086 reporting to segregate per category more efficiently
|
2021-10-11 17:59:54 +05:30 |
Shreya Malviya
|
748bca43e9
|
island: Fix eslint warnings (trailing comma and double quotes)
|
2021-10-11 17:46:33 +05:30 |
Shreya Malviya
|
5a4f66d080
|
CHANGELOG: Add entry for T1086 reporting changes
|
2021-10-11 17:40:52 +05:30 |
Shreya Malviya
|
363e42ad7b
|
cc: Change wording for header of PBAs' table in T1086's report
|
2021-10-11 17:30:36 +05:30 |
Shreya Malviya
|
3b11637f16
|
island: Change mongo query to include 'Modify Shell Startup Files' PBA in T1086's report
|
2021-10-11 17:29:46 +05:30 |
Shreya Malviya
|
7fa917581c
|
cc: Add another table for T1086 (PowerShell) used as PBAs
|
2021-10-11 17:21:40 +05:30 |
Shreya Malviya
|
d82f61d524
|
island: Add telem category to data for T1086 reporting
|
2021-10-11 15:22:33 +05:30 |
Shreya Malviya
|
2b789fca90
|
island: Add mongo query for PBAs for T1086 reporting
|
2021-10-11 15:14:40 +05:30 |
Mike Salvatore
|
356b3475cd
|
Merge pull request #1516 from guardicore/encryption-code-quality-improvements
Encryption code quality improvements
|
2021-10-08 08:05:05 -04:00 |
Ilija Lazoroski
|
8cf8f931e1
|
UI: Update packages that caused vulnerabilites
ansi-regex moderate vulnerabilities are still
under review.
|
2021-10-08 08:00:38 -04:00 |
Ilija Lazoroski
|
bc345f84c0
|
UI: Update ansi-regex
|
2021-10-08 08:00:38 -04:00 |
Mike Salvatore
|
97c3ed3b97
|
Island: Rename internal DataStoreEncryptor methods
|
2021-10-07 14:45:00 -04:00 |
Mike Salvatore
|
1a0a07d550
|
Island: Reduce duplication in data_store_encryptor
|
2021-10-07 14:40:52 -04:00 |
Mike Salvatore
|
bdf485e014
|
Island: Rename data_store_encryptor initialization functions
|
2021-10-07 14:40:50 -04:00 |
Mike Salvatore
|
2d414a6f7d
|
Island: Ensure old key files are deleted on reinitialization
|
2021-10-07 14:03:28 -04:00 |
Mike Salvatore
|
ecf4efe11a
|
Merge pull request #1515 from guardicore/proxy-test
Fix proxy schema for tunneling
|
2021-10-07 10:25:43 -04:00 |
Ilija Lazoroski
|
cd23eb2909
|
Agent: Reword note in control
Rewrite control set proxy UT, fix typo in httpfinger
|
2021-10-07 16:18:17 +02:00 |
VakarisZ
|
2d28c4e800
|
Zoo: fix the fullDocs.md by removing the outdated section about monkey configurations, add a sections about what to do with the island if you're a simple user
|
2021-10-07 16:56:10 +03:00 |
VakarisZ
|
f7e0b4fef1
|
Zoo: add missing tunneling-12 image definition to terraform scripts
|
2021-10-07 13:55:48 +03:00 |
Ilija Lazoroski
|
a8182cbb3d
|
UT: Add test for settting agent proxy
|
2021-10-07 10:50:41 +02:00 |
Mike Salvatore
|
9ee00c3044
|
Tests: Reduce code duplication in test_data_store_encryptor.py
|
2021-10-06 12:45:54 -04:00 |
Mike Salvatore
|
c3ea714977
|
Merge pull request #1514 from guardicore/pba-attack-telemetry
Fix ATT&CK report bug: showed a different technique's results under a technique if the PBA behind them was the same
|
2021-10-06 12:12:28 -04:00 |
Ilija Lazoroski
|
a11d1d5f1e
|
Agent: Changed note message for proxy schema
|
2021-10-06 18:10:46 +02:00 |
Ilija Lazoroski
|
3f33bc4a41
|
Agent: Consistent format string for set proxy
|
2021-10-06 18:05:30 +02:00 |
Ilija Lazoroski
|
87b882cb45
|
Agent: Set proxy schema for different OS
|
2021-10-06 16:53:55 +02:00 |
Shreya Malviya
|
5be841d08a
|
island: For ATT&CK techniques mapped to PBAs, consider hostname and IP
of the first entry in the PBA's results
|
2021-10-06 19:27:32 +05:30 |
Shreya Malviya
|
f7e37b0767
|
CHANGELOG: Add entry for bugix that wrongly reported the "`.bash_profile` and `.bashrc`" technique
|
2021-10-06 19:27:29 +05:30 |
Mike Salvatore
|
8310204e66
|
Tests: Test InvalidCiphertextError
|
2021-10-06 09:51:03 -04:00 |
Shreya Malviya
|
f347088412
|
CHANGELOG: Add entry for ATT&CK report telemetry bugfix
|
2021-10-06 16:05:58 +05:30 |
Shreya Malviya
|
c51f80ea3a
|
tests: Modify post breach telem's unit test
|
2021-10-06 15:58:23 +05:30 |
Shreya Malviya
|
e4f5f08a66
|
island: Remove unneeded mongo queries in ATT&CK techniques maped to PBAs
|
2021-10-06 14:50:10 +05:30 |
Shreya Malviya
|
81252e2b6a
|
island: When generating ATT&CK report for techniques mapped to PBAs, check telem event's OS and technique's relevant systems
|
2021-10-06 14:46:17 +05:30 |
Shreya Malviya
|
cccdf7f6c3
|
agent: Send OS info in post breach telem
|
2021-10-06 14:42:26 +05:30 |
Ilija Lazoroski
|
cafd983622
|
Agent: Change proxy scheme format to http
|
2021-10-06 10:24:41 +02:00 |
Mike Salvatore
|
e673667b34
|
Tests: Mark all tests in test_data_store_encryptor as slow
|
2021-10-05 16:48:48 -04:00 |
Mike Salvatore
|
95221ef53a
|
Island: Add reinitialize_datastore_encryptor()
|
2021-10-05 16:48:46 -04:00 |
Mike Salvatore
|
c0b257127a
|
Island: Implement DataStoreEncryptor as a class
This allows us to begin decoupling some implementation details from the
AuthenticationService.
|
2021-10-05 15:59:39 -04:00 |