Commit Graph

6405 Commits

Author SHA1 Message Date
Mike Salvatore 8d7a5a410c BB: Remove ".\\m0nk3y" user from Powershell user list
This user was added to work around issue #1486. Since d4a1c2bda resolves
that issue, this user can be removed from the config for this test.
2021-10-19 08:23:07 -04:00
Mike Salvatore 701d589c77 Agent: Include domain with usernames in PowerShell exploiter
Fixes #1486
2021-10-19 08:23:06 -04:00
Ilija Lazoroski 6787cce1d0 Zoo: Change API registration parameter 2021-10-14 14:52:13 +02:00
Mike Salvatore 997ad1ee4b
Merge pull request #1526 from guardicore/1392/telemetry-filter-fix
UI: Fix telemetry filter
2021-10-14 08:32:03 -04:00
Mike Salvatore 3133ee3217
Merge pull request #1525 from guardicore/fix-t1075-reporting
Modify ATT&CK report messages for unscanned techniques
2021-10-14 08:30:33 -04:00
Ilija Lazoroski 99c0288886 UI: Refactor Telemetry page 2021-10-14 14:03:17 +02:00
Mike Salvatore 9215ed32ad Travis: Download latest swimm from github 2021-10-14 07:51:33 -04:00
Mike Salvatore 81779cdfa1
Merge pull request #1529 from guardicore/1523/docs-update-password-reset
Docs: update password reset
2021-10-14 07:23:18 -04:00
Mike Salvatore 6b672fb451 Docs: Reword password reset instructions
* Write instuctions for Docker
* Add a note to try deleting the entire data_directory
2021-10-14 07:21:47 -04:00
Shreya Malviya ae6ebcf3c7 tests: Modify unit test for reverse schema generation 2021-10-14 14:22:20 +05:30
Shreya Malviya faa4c18cab island: Create class for reverse schema generation to avoid output arguments 2021-10-14 14:22:20 +05:30
Shreya Malviya 74095b6fc6 island: Modify logic for reverse schema generation recursion 2021-10-14 14:22:20 +05:30
Shreya Malviya b6923edbe9 tests: Modify technique reports' tests 2021-10-14 14:22:20 +05:30
Shreya Malviya f7f2e69152 tests: Modify tests to test reverse schema generation with multiple levels of nesting 2021-10-14 14:22:19 +05:30
Shreya Malviya ffd8f4edfe island: Check related attack techniques recursively when generating reverse schema so it doesn't break when another level of nesting is added 2021-10-14 14:22:19 +05:30
Shreya Malviya 08e57f3824 island: Use '.get()' when accessing value in dictionary during reverse schema generation 2021-10-14 14:22:19 +05:30
Shreya Malviya b24b8439c5 island: Change 'tab' to 'category' in reverse schema generation 2021-10-14 14:22:19 +05:30
Shreya Malviya 55fcfa9813 island: Move code for generating reverse schema into functions for better readibility 2021-10-14 14:22:19 +05:30
Shreya Malviya e42a9d8b8f CHANGELOG: Add entry for modified ATT&CK report messages 2021-10-14 14:22:15 +05:30
Shreya Malviya 1adf462ac3 tests: Modify unit tests as per changes to reverse schema and attack report generation 2021-10-14 14:21:50 +05:30
Shreya Malviya 7bdbdb1bfb island: Go through internal config when generating reverse schema for unscanned attack techniques' reasons 2021-10-14 14:21:50 +05:30
Shreya Malviya 80811334d7 island: Reword message for unscanned attack techniques 2021-10-14 14:21:50 +05:30
Shreya Malviya 462b20f587 island: Add related attack techniques to internal config values 'exploit_ntlm_hash_list' and 'exploit_lm_hash_list' 2021-10-14 14:21:49 +05:30
Shreya Malviya a9e0325b07
Merge pull request #1522 from guardicore/update-t1086-reporting
Update T1086 (PowerShell) reporting to include PBA results
2021-10-14 13:12:49 +05:30
Shreya Malviya cff393fa63 island: Simplify tables' titles in T1086 report 2021-10-14 12:54:21 +05:30
Ilija Lazoroski c3fb5ae441 UI: Change datatable for telemetries
Used MUIDataTable instead of DataTable from
react-data-components.
The above package is deleted as it is not used
anywhere else.
2021-10-13 23:20:25 +02:00
Mike Salvatore 67a7fb66c5 Docs: Fix numbering in password reset FAQ 2021-10-13 13:35:39 -04:00
Mike Salvatore 65f5189eb1 Docs: Fix broken "data directory" links in FAQ 2021-10-13 13:27:36 -04:00
Shreya Malviya 82eea6a845 cc: Change wording for T1086 reporting 2021-10-13 13:41:29 +05:30
Shreya Malviya effd9dd957 island: Modify mongo query so 'Account Discovery' PBA also gets reported in T1086 2021-10-13 13:41:22 +05:30
Ilija Lazoroski b404f75a34 UI: Fix telemetry filter 2021-10-12 13:37:42 +02:00
Mike Salvatore 8519edbbd2 Island: Explicitly handle path/string conversion in DataStoreEncryptor 2021-10-12 07:28:36 -04:00
Shreya Malviya e3045c255a cc: Change variables from snake case to camel case for consistency 2021-10-11 18:02:17 +05:30
Shreya Malviya ee5585af75 cc: Modify T1086 reporting to segregate per category more efficiently 2021-10-11 17:59:54 +05:30
Shreya Malviya 748bca43e9 island: Fix eslint warnings (trailing comma and double quotes) 2021-10-11 17:46:33 +05:30
Shreya Malviya 5a4f66d080 CHANGELOG: Add entry for T1086 reporting changes 2021-10-11 17:40:52 +05:30
Shreya Malviya 363e42ad7b cc: Change wording for header of PBAs' table in T1086's report 2021-10-11 17:30:36 +05:30
Shreya Malviya 3b11637f16 island: Change mongo query to include 'Modify Shell Startup Files' PBA in T1086's report 2021-10-11 17:29:46 +05:30
Shreya Malviya 7fa917581c cc: Add another table for T1086 (PowerShell) used as PBAs 2021-10-11 17:21:40 +05:30
Shreya Malviya d82f61d524 island: Add telem category to data for T1086 reporting 2021-10-11 15:22:33 +05:30
Shreya Malviya 2b789fca90 island: Add mongo query for PBAs for T1086 reporting 2021-10-11 15:14:40 +05:30
Mike Salvatore 356b3475cd
Merge pull request #1516 from guardicore/encryption-code-quality-improvements
Encryption code quality improvements
2021-10-08 08:05:05 -04:00
Ilija Lazoroski 8cf8f931e1 UI: Update packages that caused vulnerabilites
ansi-regex moderate vulnerabilities are still
under review.
2021-10-08 08:00:38 -04:00
Ilija Lazoroski bc345f84c0 UI: Update ansi-regex 2021-10-08 08:00:38 -04:00
Mike Salvatore 97c3ed3b97 Island: Rename internal DataStoreEncryptor methods 2021-10-07 14:45:00 -04:00
Mike Salvatore 1a0a07d550 Island: Reduce duplication in data_store_encryptor 2021-10-07 14:40:52 -04:00
Mike Salvatore bdf485e014 Island: Rename data_store_encryptor initialization functions 2021-10-07 14:40:50 -04:00
Mike Salvatore 2d414a6f7d Island: Ensure old key files are deleted on reinitialization 2021-10-07 14:03:28 -04:00
Mike Salvatore ecf4efe11a
Merge pull request #1515 from guardicore/proxy-test
Fix proxy schema for tunneling
2021-10-07 10:25:43 -04:00
Ilija Lazoroski cd23eb2909 Agent: Reword note in control
Rewrite control set proxy UT, fix typo in httpfinger
2021-10-07 16:18:17 +02:00