Mike Salvatore
|
8d7a5a410c
|
BB: Remove ".\\m0nk3y" user from Powershell user list
This user was added to work around issue #1486. Since d4a1c2bda resolves
that issue, this user can be removed from the config for this test.
|
2021-10-19 08:23:07 -04:00 |
Mike Salvatore
|
701d589c77
|
Agent: Include domain with usernames in PowerShell exploiter
Fixes #1486
|
2021-10-19 08:23:06 -04:00 |
Ilija Lazoroski
|
6787cce1d0
|
Zoo: Change API registration parameter
|
2021-10-14 14:52:13 +02:00 |
Mike Salvatore
|
997ad1ee4b
|
Merge pull request #1526 from guardicore/1392/telemetry-filter-fix
UI: Fix telemetry filter
|
2021-10-14 08:32:03 -04:00 |
Mike Salvatore
|
3133ee3217
|
Merge pull request #1525 from guardicore/fix-t1075-reporting
Modify ATT&CK report messages for unscanned techniques
|
2021-10-14 08:30:33 -04:00 |
Ilija Lazoroski
|
99c0288886
|
UI: Refactor Telemetry page
|
2021-10-14 14:03:17 +02:00 |
Mike Salvatore
|
9215ed32ad
|
Travis: Download latest swimm from github
|
2021-10-14 07:51:33 -04:00 |
Mike Salvatore
|
81779cdfa1
|
Merge pull request #1529 from guardicore/1523/docs-update-password-reset
Docs: update password reset
|
2021-10-14 07:23:18 -04:00 |
Mike Salvatore
|
6b672fb451
|
Docs: Reword password reset instructions
* Write instuctions for Docker
* Add a note to try deleting the entire data_directory
|
2021-10-14 07:21:47 -04:00 |
Shreya Malviya
|
ae6ebcf3c7
|
tests: Modify unit test for reverse schema generation
|
2021-10-14 14:22:20 +05:30 |
Shreya Malviya
|
faa4c18cab
|
island: Create class for reverse schema generation to avoid output arguments
|
2021-10-14 14:22:20 +05:30 |
Shreya Malviya
|
74095b6fc6
|
island: Modify logic for reverse schema generation recursion
|
2021-10-14 14:22:20 +05:30 |
Shreya Malviya
|
b6923edbe9
|
tests: Modify technique reports' tests
|
2021-10-14 14:22:20 +05:30 |
Shreya Malviya
|
f7f2e69152
|
tests: Modify tests to test reverse schema generation with multiple levels of nesting
|
2021-10-14 14:22:19 +05:30 |
Shreya Malviya
|
ffd8f4edfe
|
island: Check related attack techniques recursively when generating reverse schema so it doesn't break when another level of nesting is added
|
2021-10-14 14:22:19 +05:30 |
Shreya Malviya
|
08e57f3824
|
island: Use '.get()' when accessing value in dictionary during reverse schema generation
|
2021-10-14 14:22:19 +05:30 |
Shreya Malviya
|
b24b8439c5
|
island: Change 'tab' to 'category' in reverse schema generation
|
2021-10-14 14:22:19 +05:30 |
Shreya Malviya
|
55fcfa9813
|
island: Move code for generating reverse schema into functions for better readibility
|
2021-10-14 14:22:19 +05:30 |
Shreya Malviya
|
e42a9d8b8f
|
CHANGELOG: Add entry for modified ATT&CK report messages
|
2021-10-14 14:22:15 +05:30 |
Shreya Malviya
|
1adf462ac3
|
tests: Modify unit tests as per changes to reverse schema and attack report generation
|
2021-10-14 14:21:50 +05:30 |
Shreya Malviya
|
7bdbdb1bfb
|
island: Go through internal config when generating reverse schema for unscanned attack techniques' reasons
|
2021-10-14 14:21:50 +05:30 |
Shreya Malviya
|
80811334d7
|
island: Reword message for unscanned attack techniques
|
2021-10-14 14:21:50 +05:30 |
Shreya Malviya
|
462b20f587
|
island: Add related attack techniques to internal config values 'exploit_ntlm_hash_list' and 'exploit_lm_hash_list'
|
2021-10-14 14:21:49 +05:30 |
Shreya Malviya
|
a9e0325b07
|
Merge pull request #1522 from guardicore/update-t1086-reporting
Update T1086 (PowerShell) reporting to include PBA results
|
2021-10-14 13:12:49 +05:30 |
Shreya Malviya
|
cff393fa63
|
island: Simplify tables' titles in T1086 report
|
2021-10-14 12:54:21 +05:30 |
Ilija Lazoroski
|
c3fb5ae441
|
UI: Change datatable for telemetries
Used MUIDataTable instead of DataTable from
react-data-components.
The above package is deleted as it is not used
anywhere else.
|
2021-10-13 23:20:25 +02:00 |
Mike Salvatore
|
67a7fb66c5
|
Docs: Fix numbering in password reset FAQ
|
2021-10-13 13:35:39 -04:00 |
Mike Salvatore
|
65f5189eb1
|
Docs: Fix broken "data directory" links in FAQ
|
2021-10-13 13:27:36 -04:00 |
Shreya Malviya
|
82eea6a845
|
cc: Change wording for T1086 reporting
|
2021-10-13 13:41:29 +05:30 |
Shreya Malviya
|
effd9dd957
|
island: Modify mongo query so 'Account Discovery' PBA also gets reported in T1086
|
2021-10-13 13:41:22 +05:30 |
Ilija Lazoroski
|
b404f75a34
|
UI: Fix telemetry filter
|
2021-10-12 13:37:42 +02:00 |
Mike Salvatore
|
8519edbbd2
|
Island: Explicitly handle path/string conversion in DataStoreEncryptor
|
2021-10-12 07:28:36 -04:00 |
Shreya Malviya
|
e3045c255a
|
cc: Change variables from snake case to camel case for consistency
|
2021-10-11 18:02:17 +05:30 |
Shreya Malviya
|
ee5585af75
|
cc: Modify T1086 reporting to segregate per category more efficiently
|
2021-10-11 17:59:54 +05:30 |
Shreya Malviya
|
748bca43e9
|
island: Fix eslint warnings (trailing comma and double quotes)
|
2021-10-11 17:46:33 +05:30 |
Shreya Malviya
|
5a4f66d080
|
CHANGELOG: Add entry for T1086 reporting changes
|
2021-10-11 17:40:52 +05:30 |
Shreya Malviya
|
363e42ad7b
|
cc: Change wording for header of PBAs' table in T1086's report
|
2021-10-11 17:30:36 +05:30 |
Shreya Malviya
|
3b11637f16
|
island: Change mongo query to include 'Modify Shell Startup Files' PBA in T1086's report
|
2021-10-11 17:29:46 +05:30 |
Shreya Malviya
|
7fa917581c
|
cc: Add another table for T1086 (PowerShell) used as PBAs
|
2021-10-11 17:21:40 +05:30 |
Shreya Malviya
|
d82f61d524
|
island: Add telem category to data for T1086 reporting
|
2021-10-11 15:22:33 +05:30 |
Shreya Malviya
|
2b789fca90
|
island: Add mongo query for PBAs for T1086 reporting
|
2021-10-11 15:14:40 +05:30 |
Mike Salvatore
|
356b3475cd
|
Merge pull request #1516 from guardicore/encryption-code-quality-improvements
Encryption code quality improvements
|
2021-10-08 08:05:05 -04:00 |
Ilija Lazoroski
|
8cf8f931e1
|
UI: Update packages that caused vulnerabilites
ansi-regex moderate vulnerabilities are still
under review.
|
2021-10-08 08:00:38 -04:00 |
Ilija Lazoroski
|
bc345f84c0
|
UI: Update ansi-regex
|
2021-10-08 08:00:38 -04:00 |
Mike Salvatore
|
97c3ed3b97
|
Island: Rename internal DataStoreEncryptor methods
|
2021-10-07 14:45:00 -04:00 |
Mike Salvatore
|
1a0a07d550
|
Island: Reduce duplication in data_store_encryptor
|
2021-10-07 14:40:52 -04:00 |
Mike Salvatore
|
bdf485e014
|
Island: Rename data_store_encryptor initialization functions
|
2021-10-07 14:40:50 -04:00 |
Mike Salvatore
|
2d414a6f7d
|
Island: Ensure old key files are deleted on reinitialization
|
2021-10-07 14:03:28 -04:00 |
Mike Salvatore
|
ecf4efe11a
|
Merge pull request #1515 from guardicore/proxy-test
Fix proxy schema for tunneling
|
2021-10-07 10:25:43 -04:00 |
Ilija Lazoroski
|
cd23eb2909
|
Agent: Reword note in control
Rewrite control set proxy UT, fix typo in httpfinger
|
2021-10-07 16:18:17 +02:00 |