c96f272919
UT: Remove linux_credentials_collector test directory
2022-02-16 14:41:04 -05:00
86a218d82b
Agent: Add SSHCredentialCollector to credential_collectors.__init__.py
2022-02-16 14:40:11 -05:00
bf27a8c8ea
Agent: Do not run pypykatz if the OS is not Windows
2022-02-16 14:22:44 -05:00
419aa6fd84
Agent: Replace SysInfo w/ Credential collectors in IMaster and IPuppet
2022-02-16 14:14:45 -05:00
5b53984014
Agent: Fix incorrect return type on PluginRegistry.get_plugin()
2022-02-16 14:11:27 -05:00
5953373125
Agent: Change order in i_puppet/__init__.py to prevent circular import
2022-02-16 14:03:47 -05:00
040b37697b
Agent: Add telemetry type for sending stolen credentials
2022-02-16 13:58:55 -05:00
49f1675b38
Merge pull request #1717 from guardicore/1695-ssh-credential-collector
...
1695 ssh credential collector
2022-02-16 12:45:38 -05:00
897bc11d7b
Agent: Use distinct fields for SSH Keypair
2022-02-16 18:37:16 +01:00
5f8e3e3d8e
Agent: Use Telemetry messenger to send SSH collector telemetries
2022-02-16 18:23:29 +01:00
63d632d142
Agent: Rework ssh credential collector to match credential architecture
...
* Parametrize empty result unit test
* Apply small changes to ssh credential collector
2022-02-16 17:37:12 +01:00
a97b8706ec
Agent: Add SSH keypair credential type
2022-02-16 17:29:21 +01:00
b1b0840aed
Agent: Rename SSH credentials collector to match class name
2022-02-16 17:28:11 +01:00
3d64d0d2e4
Island: Refactor T1145 report according to the attack telemetry
2022-02-16 15:44:35 +01:00
6b64b655ce
Agent: Add T1145 attack telemetry
2022-02-16 15:44:35 +01:00
a03a5145a7
Agent: Remove known_hosts from SSH Credential Collector
...
It is not used anywhere.
2022-02-16 15:44:35 +01:00
e9e5e95f49
Agent, UT: Separate ssh_handler from SSH Credential Collector
...
* Add different UTs based on what ssh_handler returns
* Fix logic in SSH Credential Collector
2022-02-16 15:44:35 +01:00
5aa5e33356
Agent, UT: Refactor SSH info collector to credential collector
2022-02-16 15:44:35 +01:00
976c46cf86
Merge pull request #1715 from guardicore/1695-credential-collectors
...
Agent: define credential collector, credentials interfaces
2022-02-15 14:34:47 -05:00
a9bb2dee70
Agent: Renumber the CredentialType Enum
2022-02-15 14:26:15 -05:00
879abf3df0
Agent: Export MimikatzCredentialCollector from credential_collectors
2022-02-15 14:21:07 -05:00
0583cab8e0
Agent: Rename mimikatz_cred_collector.py to match the class name
2022-02-15 14:17:28 -05:00
569159b11a
Agent: Move the definition of ICredentialCollector to i_puppet
...
Low-level components plug into high-level components. i_puppet defines
all of the interfaces that puppets can use, while the concrete
implementations of these things rely on the definitions in i_puppet.
2022-02-15 14:07:59 -05:00
c39fb6746d
Agent: Rename ICredentialComponent.type -> credential_type
...
"type" is built-in function in Python. To avoid confusion or a potential
name collision, this commit renames the ICredentialComponent.type field
to ICredentialComponent.credential_type
2022-02-15 13:47:01 -05:00
236b545816
UT: Extract function collect_credentials() to reduce code duplication
2022-02-15 13:30:13 -05:00
86f2c7b08c
UT: Parametrize test_mimikatz_collector.test_empty_results()
2022-02-15 13:28:38 -05:00
ebd5642b52
Agent: Refactor credentials and credential_components as dataclasses
...
Using frozen dataclasses for Credentials and ICredentialComponents
automatically creates a useful __eq__() function that allows us to
easily compare credentials-related objects.
2022-02-15 12:27:56 -05:00
811434ff22
Agent: improved type hints in mimikatz_cred_collector.py
2022-02-15 18:41:19 +02:00
ac376a0014
Agent: change the interface of Credentials
...
Refactor from dataclass to object with tuples. This enforces read only identities and secrets so users don't modify them
2022-02-15 18:39:17 +02:00
8868fb9b0c
Agent: change ICredentialComponent interface
...
Interface changed from dataclass (dataclasses are not inheritable) to simple class with type abstract property
2022-02-15 18:35:32 +02:00
26806392ec
Agent: split up nt and lm hash credential types
2022-02-15 18:33:04 +02:00
d392de4a02
Agent: remove ssh_keypair, as it's not used anywhere
2022-02-15 18:32:00 +02:00
ae9fed3c2b
Agent: fixup typehints in ICredentialCollector
2022-02-15 16:16:43 +02:00
01612c402a
Agent: add options to ICredentialCollector interface
2022-02-15 15:25:42 +02:00
0fae933477
Agent: refactor content dict out of credential component
...
Content dict serves no purpose, because dataclasses can be serialized without explicit conversion to dict
2022-02-15 14:46:21 +02:00
b7003bc231
Agent: split up nt and lm hashes into separate credential components
2022-02-15 14:19:53 +02:00
9037dfdf99
Agent: rename CredentialTypes enum to CredentialType
2022-02-15 12:42:36 +02:00
02cdebb88b
Agent: fix ICredentialCollector return type-hint
2022-02-15 12:41:19 +02:00
f5740b2a6e
Agent: add mimikatz collector unit tests
2022-02-15 10:09:53 +01:00
a6c2762823
Agent: change mimikatz collector to return a list of credentials
2022-02-15 10:09:53 +01:00
2f1b57a526
Agent: fix pypykatz import in mimikatz_cred_collector.py
2022-02-15 10:09:53 +01:00
2ba793e0cf
Agent: move mimikatz collector to credential collectors
2022-02-15 10:09:53 +01:00
144afc0fd3
Merge pull request #1712 from guardicore/1696-refactor-aws-collector
...
Agent: Refactor AWS collector
2022-02-14 17:12:28 +02:00
ae13953f52
Agent: Run AWS Environment check in a thread
...
* Use Telemetry Messenger to send AWS telemetry
* Send only instance_id to AWS Instance Telemetry
* Rename AwsInstanceTelemetry to AWSInstanceTelemetry
2022-02-14 16:00:38 +01:00
6aa2160f31
Agent: refactor mimikatz_cred_collector to credential collector
2022-02-14 15:25:06 +02:00
7f6496b330
Island, UT: Remove system info AWS Collector
2022-02-14 12:00:08 +01:00
412a06fa9b
Island: Handle AWS info telemetry
2022-02-14 12:00:08 +01:00
1f76a42279
Agent: Refactor AWS collector
2022-02-14 11:59:48 +01:00
c21cf681a4
Agent: define credential collector, credentials interfaces
2022-02-14 12:12:13 +02:00
b0bd3f9c51
Merge pull request #1713 from guardicore/1690-investigate-pyinstaller-versions
...
1690 investigate pyinstaller versions
2022-02-14 11:47:47 +02:00
Mike Salvatore
Ilija Lazoroski
vakarisz
VakarisZ