p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity
9,986 Commits 31 Branches 20 Tags 48 MiB
Commit Graph

9986 Commits

Author SHA1 Message Date
Shreya Malviya 56770d25c6 Agent: Publish credentials stolen event in MimikatzCredentialCollector 2022-08-17 11:47:51 +05:30
Shreya Malviya e03f140749 Agent: Add function to publish credentials stolen event in Mimikatz credential collector 2022-08-17 11:47:51 +05:30
Shreya Malviya b5058ce611 Agent: Add event tag constants for Mimikatz credential collector 2022-08-17 11:47:51 +05:30
Shreya Malviya d745e10bf1 Agent: Accept event queue in Mimikatz collector's constructor 2022-08-17 11:47:51 +05:30
Ilija Lazoroski 3a9830415c Agent: Use default target for ZerologonExploiter event 2022-08-17 00:58:45 +02:00
Ilija Lazoroski f8b56dd171 Agent: Add T1098 (Account Manipulation) to ZerologonExploiter 2022-08-17 00:58:45 +02:00
Ilija Lazoroski 3c8091d242 Agent: Add T1003 tag to zerologon exploiter 2022-08-17 00:58:45 +02:00
Ilija Lazoroski b0f76383c4 Agent: Change zerologon tag to `zerologon-exploiter 
`
 2022-08-17 00:58:45 +02:00
Ilija Lazoroski 550c7465fa Agent: Add IEventQueue to ExploitWrapper 2022-08-17 00:58:45 +02:00
Ilija Lazoroski d400fcb215 Agent: Extract zerologon tags into constant 2022-08-17 00:58:45 +02:00
Ilija Lazoroski aaef2f1f81 UT: Fix Powershell tests to accept IEventQueue 2022-08-17 00:58:45 +02:00
Ilija Lazoroski 76bbe62c3b Agent: Modify Zerologon to publish CredentialsStolenEvent 2022-08-17 00:55:09 +02:00
Ilija Lazoroski f171e548f3 Agent: Modify exploiter wrapper to accept IEventQueue 2022-08-17 00:55:09 +02:00
Ilija Lazoroski c6cb477474 Agent: Add event_queue to the exploit_host in HostExploiter 2022-08-17 00:55:09 +02:00
Ilija Lazoroski fb0f7c86af Agent: Remove usage of CredentialsInterceptingTelemetryMessenger 2022-08-17 00:24:59 +02:00
Ilija Lazoroski 8dd6c5b7c2 Agent: Remove CredentialsInterceptingTelemetryMessenger 2022-08-17 00:21:05 +02:00
Mike Salvatore 2edaf52140
Merge pull request #2196 from guardicore/2176-modify-ssh-collector-for-events 
2176 modify ssh collector for events
 2022-08-16 12:41:14 -04:00
Ilija Lazoroski eec48e9cd8 Agent: Remove target from SSHCredentialCollector event construction 2022-08-16 17:31:02 +02:00
Ilija Lazoroski 205ff84b31 Common: Add defaults for each argument in AbstractEvent 2022-08-16 17:30:30 +02:00
Ilija Lazoroski b3d37d9223 Agent: Change SSHCredentialCollector tag to lowercase 2022-08-16 17:27:43 +02:00
Ilija Lazoroski 5466bd5dba UT: Remove unneeded fixture in SSHCredentialCollector tests 2022-08-16 17:26:25 +02:00
Ilija Lazoroski 142136dd41 Agent: Remove duplication in SSHCredentialCollector 2022-08-16 17:14:37 +02:00
Ilija Lazoroski d38a386f67 Agent: Add prefix `attack-` to attack tecniques tags 2022-08-16 14:25:28 +02:00
Ilija Lazoroski c18ceff85d Agent: Remove unneeded variable in SSHCredentialCollector 2022-08-16 14:24:26 +02:00
Ilija Lazoroski ea9082d412 Agent: Remove hack_event from CredentialsStolenEvent 2022-08-16 14:23:25 +02:00
Mike Salvatore 1d79d98689 Agent: Rename credentials_store -> propagation_credentials_repository 2022-08-16 08:17:04 -04:00
Ilija Lazoroski c3557caf1c Agent: Add _ATTACK_TECHNIQUE_ to attack_technique tags 2022-08-16 14:11:16 +02:00
Ilija Lazoroski fdd0368837 Agent: Extract SSH collector tags into constants 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 706a626d24 Agent: Move subscribtion to a separate method for readability 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 2a94a67767 Agent: Rename usr_info to user_info in ssh_handler 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 88bb856859 Common: Reorder params in docstring AbstractEvent 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 8f5681b1df Agent: Init a callable class and subscribe to it 2022-08-16 11:58:53 +02:00
Ilija Lazoroski d672fcfffe Agent: Fix a typo in ssh_handler 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 03d569cc00 Agent: Init SSHCredentialCollector with an IEventQueue 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 4aa71cba7e Agent: Remove default values from CredentialsStolenEvent creation 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 486a7a9225 Common: Use a temporary hack to define non-defaults from a inherited class event 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 5f631a78f7 Agent: Remove IGUID from config 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 39f07603a7 Agent: Define integer GUID and use it in ssh_handler 2022-08-16 11:58:53 +02:00
Ilija Lazoroski b22ccdb942 Agent: Publish CredentialsStolenEvent each time we find a SSHKeypair 2022-08-16 11:58:53 +02:00
Ilija Lazoroski e439a53bde UT: Fix SSHCredentialCollector test to accept IEventQueue 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 2610666f93 Agent: Publish an CredentialsStolenEvent from SSHCredentialCollector 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 4952a544c0 Agent: Accept IEventQueue in SSHCollector constructor 2022-08-16 11:58:53 +02:00
Mike Salvatore d09c1a689e
Merge pull request #2200 from guardicore/2191-fix-credentials-repository-get 
2191 fix credentials repository get
 2022-08-15 15:45:03 -04:00
Kekoa Kaaikala e4f7707b66 Agent: Return credentials when credentials propagation fails 2022-08-15 19:25:54 +00:00
Kekoa Kaaikala 9e6a569393 Agent: Update credentials repository to cache per-instance 2022-08-15 19:25:54 +00:00
Mike Salvatore 500eeeb582
Merge pull request #2194 from guardicore/2191-trailing-url-slashes 
Island: Remove trailing slashes before registering a URL
 2022-08-15 14:25:28 -04:00
Kekoa Kaaikala a67a4418c9 Island: Remove PropagationCredentials URL trailing slash 2022-08-15 18:04:56 +00:00
Mike Salvatore 96f794e192 UT: Mark TestEvent* classes with `__test__ = False` 2022-08-15 14:04:09 -04:00
Kekoa Kaaikala 19df4d9755 Island: Enforce "no trailing slash" rule for URLs 2022-08-15 18:01:32 +00:00
Mike Salvatore 4e9aa62c61
Merge pull request #2195 from guardicore/refactor-island-boot 
Refactor island boot
 2022-08-15 08:35:00 -04:00