Shreya Malviya
f2470bb0e9
tests: Add unit test for `get_config_schema_per_attack_technique()` in
...
config_schema_per_attack_technique.py
2021-09-24 15:52:34 +05:30
Shreya Malviya
f3da34e969
island: Use dict's `setdefault()` to shorten
...
`_add_config_field_to_reverse_schema()` in
config_schema_per_attack_technique.py
2021-09-24 15:24:58 +05:30
Shreya Malviya
4a65ac37ef
island: Use dict's `get()` method to shorten
...
`get_config_schema_per_attack_technique()` in
config_schema_per_attack_technique.py
2021-09-24 12:30:11 +05:30
Mike Salvatore
089158a976
Agent: Remove editable pyspnego degendency
...
pyspnego v0.2.0 has been released, so we no longer need to specify a git
commit hash in order to get the correct version.
2021-09-23 14:14:32 -04:00
Mike Salvatore
1996387cc5
Remove unnecessary # noqa: E402 from __init__.py files
2021-09-23 13:39:48 -04:00
Mike Salvatore
f0a2a43d51
Remove unnecessary # noqa: F401 from __init__.py files
2021-09-23 13:38:47 -04:00
Mike Salvatore
8b7cb9c0b1
Merge pull request #1481 from guardicore/1471/merge-encryptions
...
Refactor encryptors
2021-09-23 13:38:00 -04:00
Ilija Lazoroski
e2ede28967
Island: Rename get_encryptor and initialize_encryptor
...
Renamed to get_datastore_encryptor and
initialize_datastore_encryptor
2021-09-23 19:04:22 +02:00
Ilija Lazoroski
e0779347b2
Island: Add all imports from encryption to __init__
...
Now the imports are shorter by one directory.
Check the __init__ in encryption.
2021-09-23 19:00:13 +02:00
Ilija Lazoroski
071a4eb1a7
Island: Add IEncryptor to __init__
...
Dnt abbrev in PassworBasedEncryptor and KeyBasedEncryptor
Add comment for review and evaluate the padding function
2021-09-23 17:52:15 +02:00
Shreya Malviya
2cc00205f1
island: Modify ATT&CK report messages to mention reasons
...
1. not run on relevant system
2. relevant config options were disabled
2021-09-23 16:39:05 +05:30
Ilija Lazoroski
1b91616778
Island: Add explanation for KBE and PBE
...
KeyBasedEncryptor and PasswordBasedEncryptor
2021-09-23 12:44:05 +02:00
Ilija Lazoroski
a661dc4fe6
Island: Refactor encryptors
...
All encryptors are moved to server_utils/encryption.
They were renamed according to the class name.
Everywhere that we had use the encryptors I have updated the names.
Unit tests are also moved to UTs server_utils/encryption.
2021-09-22 22:48:13 +02:00
Ilija Lazoroski
803d1c910f
Island: Separate password and key encryption
2021-09-22 18:10:16 +02:00
Shreya Malviya
f730e75cc8
island: Change `pass` to `...` for abstract properties in
...
cc/services/attack/technique_reports/
See https://stackoverflow.com/a/58321197/10629482 .
2021-09-22 19:21:20 +05:30
Shreya Malviya
b0b0f515d0
island: Add abstract property `relevant_systems` to AttackTechnique and declare it for all techniques left
2021-09-22 19:15:06 +05:30
Shreya Malviya
8e733a8440
island: Add `relevant_systems` property to attack techniques that run on
...
specific systems
And remove hardcoded "since it didn't run on any ... systems" from the unscanned
message for those techniques
2021-09-22 18:30:35 +05:30
Shreya Malviya
9564fb1aaa
island: Move T1216's details from T1216.py to attack_schema.py so that it's
...
shown in the config instead of the ATT&CK report
2021-09-22 18:23:17 +05:30
Mike Salvatore
380d0ee74f
Merge pull request #1479 from guardicore/1476/upgrade-python-deps
...
Update Python dependencies
2021-09-22 08:30:13 -04:00
Mike Salvatore
67b23c42bf
Tests: Simplify test names in test_string_list_encryptor.py
2021-09-22 07:44:54 -04:00
Shreya Malviya
ba2207b21d
island: Remove unneeded function to get reverse schema
2021-09-22 16:16:46 +05:30
Shreya Malviya
f9e994d8f8
island: Update doc link for PowerShell exploiter
2021-09-22 16:13:34 +05:30
Shreya Malviya
836069ab11
island: Change config schema definitions' titles to title case and so
...
they make more sense
2021-09-22 16:10:13 +05:30
Shreya Malviya
26b0793331
island: Add code to create reverse schema i.e. each attack technique
...
mapped to its config fields
2021-09-22 15:53:52 +05:30
Ilija Lazoroski
71d0cccdba
Island: Update boto3, botocore and awscli
...
botocore is dependency of boto3 which is
then dependency of awscli.
2021-09-22 11:26:47 +02:00
Ilija Lazoroski
57bce38661
Agent: Upgrade urllib3 to 1.26.5
...
It should work because all the deps are
there.
2021-09-22 11:23:07 +02:00
VakarisZ
ba4aabb67f
Merge pull request #1477 from guardicore/report_encryption
...
Report encryption
2021-09-22 11:48:22 +03:00
VakarisZ
88f3a2b9ca
Add unit tests for string list encryptor
2021-09-22 10:23:41 +03:00
VakarisZ
a1c0af4257
Improve readability and test empty list in test_report_model.py
2021-09-22 10:21:48 +03:00
Mike Salvatore
627a31c902
Island: Remove string_encryptor.py
2021-09-21 13:58:16 -04:00
Mike Salvatore
2ddd369afd
Island: Move encode/decode dot mongo functions to Report model
2021-09-21 13:58:14 -04:00
Mike Salvatore
f662369a07
Tests: Decouple test_report_model.py from StringListEncryptor
2021-09-21 12:51:55 -04:00
Mike Salvatore
13ba0b9091
Island: Rename FieldType to FieldEncryptor
...
* Switch FieldTypeABC from abstract class to interface, since there's no
intention of ever implementing FieldTypeABC's methods.
* Rename FieldTypeABC to IFieldEncryptor and rename StringList to
StringListEncryptor.
2021-09-21 12:30:35 -04:00
Mike Salvatore
96ac13c579
Merge pull request #1478 from guardicore/powershell-pth-on-windows
...
Powershell pth on windows
2021-09-21 08:14:45 -04:00
VakarisZ
5077d84269
Change report service to use report model.
...
Because report saving/fetching happens through model, model can encrypt/decrypt sensitive data
2021-09-21 10:45:39 +03:00
VakarisZ
ea7a75df26
Add infrastructure for encrypting fields in database.
2021-09-21 10:43:34 +03:00
VakarisZ
c7e91c5784
Add report model and a unit test for it's encryption
2021-09-21 10:39:39 +03:00
VakarisZ
cf7b94613b
Rename test_config_encryption.py to test_encryption.py
...
This change is done because the code being tested is in encryption.py, not in config_encryption.py
2021-09-21 10:25:48 +03:00
VakarisZ
f61602552f
Island: update dpath to the latest v2.0.5 and other packages version updates.
...
dpath lib had to be updated to get a bugfix
2021-09-21 10:19:21 +03:00
Mike Salvatore
8fc79c2fe3
Agent: Use pyspnego with bugfix to enable PowerShell PTH on Windows
...
Specify commit 3f748f21 of pyspnego, as this commit contains a bugfix
that allows Infection Monkey to launch pass-the-hash attacks from a
Windows attacker.
2021-09-20 20:43:00 -04:00
ilija-lazoroski
4afeba6334
Merge pull request #1475 from guardicore/1468/fix-nodejs-dependencies
...
Update nodejs dependencies
2021-09-20 09:58:59 +02:00
Mike Salvatore
844d244d67
Agent: Use NTLM specifically for PowerShell if using pass-the-hash
2021-09-17 11:43:06 -04:00
Mike Salvatore
79aacf3dcb
Agent: Extract _get_*() functions from get_auth_options()
2021-09-17 11:42:52 -04:00
Mike Salvatore
444fb90f93
Agent: Return single AuthOptions from get_auth_options()
...
The test suite was overly complicated for get_auth_options(), which
indicated that, perhaps, the function itself was overly complicated.
Previously, it accepted a list of Credentials and returned a list of
AuthOptions. Now, it accepts a single Credentials object and returns a
single AuthOptions object. This simpler interface allowed the test suite
to be easier to read, while adding negligible complexity to
PowerShellExploiter._exploit_host()
2021-09-17 11:30:32 -04:00
Ilija Lazoroski
83615e8c66
UI: Upgrade babel/cli due to vuln in glob-parent
2021-09-17 16:22:28 +02:00
Ilija Lazoroski
aac1b00553
UI: Replace node-sass with sass (Dart Sass)
...
Note: There are some annoying deprecation warnings
which come from bootstrap. Those can be dealt with
if we upgrade bootstrap.
2021-09-17 14:55:21 +02:00
Ilija Lazoroski
f942e87b75
UI: Update npm webpack
...
Note: webpack doesn't have verbose option anymore
2021-09-17 14:02:33 +02:00
Mike Salvatore
9d07f82bd6
Fix typo in CHANGELOG
2021-09-17 07:46:27 -04:00
VakarisZ
5a8507e5c6
Add the removal of "Execution through the module load" T1129 attack technique to the CHANGELOG.md
2021-09-17 14:21:06 +03:00
VakarisZ
b69916428b
Remove T1129 attack technique from the codebase
2021-09-17 14:19:42 +03:00