Shay Nehmad
|
f5aeb0a38e
|
Moved win32event to its correct location
Cause exception on Linux
|
2019-10-03 12:02:14 +03:00 |
Shay Nehmad
|
9dc1607754
|
Added user deactivation as another "security" layer for the user deletion in windows
|
2019-10-03 11:36:47 +03:00 |
Daniel Goldberg
|
c767250760
|
Merge pull request #450 from VakarisZ/T1078_removal
Bugfix unused attack technique and bad import of is_windows_os
|
2019-10-02 16:19:10 +03:00 |
VakarisZ
|
84830015fd
|
Fixed bad is_windows_os import
|
2019-10-02 14:00:49 +03:00 |
VakarisZ
|
f600a0b2c9
|
Removed unused attack technique from schema
|
2019-10-02 13:59:06 +03:00 |
Daniel Goldberg
|
32e98fa418
|
Merge pull request #437 from guardicore/feature/scan_hosts_fast
Feature/scan hosts fast
Yay, done with my longest waiting branch.
Next up, OS sniffing.
|
2019-09-29 09:37:58 +03:00 |
Daniel Goldberg
|
f55a3e483b
|
Changed VictimHostGenerator to accept the local addresses rather than generating them itself.
Changed UTs to be independent.
|
2019-09-27 18:10:59 +03:00 |
Daniel Goldberg
|
297686dc53
|
Changed default scanning size to be bigger.
|
2019-09-27 17:00:18 +03:00 |
Daniel Goldberg
|
0a61e83a15
|
Add chunking test and some basic docs
|
2019-09-27 16:57:36 +03:00 |
Daniel Goldberg
|
2f25e5b127
|
Added basic tests for VictimHostGenerator
|
2019-09-27 16:51:55 +03:00 |
Daniel Goldberg
|
a1d631b39e
|
Remove list comprehension
|
2019-09-27 16:33:29 +03:00 |
Daniel Goldberg
|
cf66a096f8
|
Merge pull request #445 from VakarisZ/weblogic_fix
Delay in weblogic to make exploiter more reliable
|
2019-09-27 15:37:57 +03:00 |
VakarisZ
|
06182a485a
|
Added delay in weblogic to make exploiter more reliable
|
2019-09-25 15:42:24 +03:00 |
VakarisZ
|
5c680256cd
|
Merge pull request #444 from guardicore/434/bugfix/plaintext-passwords-logged
Hashing lm+ntlm hashes to make sure we don't log them plaintext
|
2019-09-24 08:44:26 +03:00 |
Daniel Goldberg
|
8c55d2acd4
|
Refactor victim generation.
Now we have a VictimHost generator that handles all the filtering.
|
2019-09-23 18:01:39 +03:00 |
Daniel Goldberg
|
c76cc72821
|
Fixed horrible bug where we would return more victims than we needed to
|
2019-09-23 17:45:17 +03:00 |
Daniel Goldberg
|
ccc6c50a7f
|
Remove unused constant
|
2019-09-22 16:46:55 +03:00 |
Daniel Goldberg
|
c4ec6683a1
|
Silly bugfix in scanning
|
2019-09-22 16:44:20 +03:00 |
Daniel Goldberg
|
a32a783257
|
Factor out generating VictimHosts from NetworkRange object
|
2019-09-22 15:59:15 +03:00 |
Daniel Goldberg
|
4dcc919b49
|
Remove unused import, remove author
|
2019-09-22 15:59:14 +03:00 |
Daniel Goldberg
|
032ee2ee0e
|
Bugfix in generator
|
2019-09-22 15:59:14 +03:00 |
Daniel Goldberg
|
d8d55cb546
|
PEP8 changes
Documentation improvements
|
2019-09-22 15:59:11 +03:00 |
Shay Nehmad
|
f175c93f5a
|
Now hashes are hashed as well
|
2019-09-22 13:00:33 +03:00 |
Daniel Goldberg
|
8c69cc0af9
|
Merge pull request #438 from guardicore/434/bugfix/plaintext-passwords-logged
Hashing passwords to make sure we don't log passwords plaintext
|
2019-09-19 23:30:58 +03:00 |
Shay Nehmad
|
4762cbc545
|
Using the new utils - probably a merge mistake somewhere along the lines
|
2019-09-18 10:57:46 +03:00 |
Shay Nehmad
|
e605c1c410
|
Merge branch 'develop' into 434/bugfix/plaintext-passwords-logged
|
2019-09-18 10:51:40 +03:00 |
Shay Nehmad
|
6fc37cef07
|
Hashing passwords to make sure we don't log passwords plaintext
|
2019-09-18 10:39:25 +03:00 |
Daniel Goldberg
|
f0ee88182f
|
Merge pull request #435 from VakarisZ/attack_winapi_smallfix
WinAPI attack telem fix.
|
2019-09-18 09:51:15 +03:00 |
Shay Nehmad
|
014e47ad5e
|
Merge pull request #405 from guardicore/400/zero-trust-mvp
400/zero trust mvp
|
2019-09-18 08:43:42 +03:00 |
Shay Nehmad
|
5754ec6044
|
Merge pull request #428 from guardicore/400/more-tests
400/more tests
|
2019-09-18 08:37:44 +03:00 |
Shay Nehmad
|
6a2510a657
|
Merge branch 'develop' into 400/more-tests
|
2019-09-18 08:19:44 +03:00 |
VakarisZ
|
01a2a448de
|
delays singleton attack telem and sends it when monkey can communicate with server
|
2019-09-17 14:51:42 +03:00 |
VakarisZ
|
bc9b994cba
|
Merge pull request #422 from guardicore/mssql_bugfix
MSSQL bugs fixed, refactored to be more stable
|
2019-09-17 09:19:13 +03:00 |
Shay Nehmad
|
0667aad87f
|
Small fixes - reversed condition accidentaly and missed one reference to get_windows_commands_to_add_user
|
2019-09-16 17:57:35 +03:00 |
Shay Nehmad
|
db328a3432
|
Accidentaly committed server config testing 👎
|
2019-09-16 17:42:21 +03:00 |
Shay Nehmad
|
841e54afc8
|
Fixed UTs
|
2019-09-16 17:41:26 +03:00 |
Shay Nehmad
|
9f98025d33
|
Using protocol as well for cases when we are running on HTTP and not HTTPS (npm run start for example)
|
2019-09-16 16:44:16 +03:00 |
Shay Nehmad
|
d4947d97f3
|
Lock npm version for `pluralize`
|
2019-09-16 16:37:30 +03:00 |
Shay Nehmad
|
1f56e8df61
|
Use classname instead of self for static method
|
2019-09-16 16:34:13 +03:00 |
Shay Nehmad
|
3b06768a98
|
Replaced sleep loop for waiting on the process with WaitForSingleObject winapi.
|
2019-09-16 16:32:21 +03:00 |
Shay Nehmad
|
0a11c4b007
|
Extracted duplicate code to `add_malicious_activity_to_timeline` helper function
|
2019-09-16 16:17:30 +03:00 |
Daniel Goldberg
|
d8bac57eb5
|
Change grouper to be a VictimHost generator
|
2019-09-16 15:16:56 +03:00 |
Daniel Goldberg
|
e11be48b80
|
Add documentation for TCP scan interval in Monkey configuration
|
2019-09-16 15:16:56 +03:00 |
Daniel Goldberg
|
2b14878a9c
|
Bugfix, used wrong logger!
|
2019-09-16 15:16:56 +03:00 |
Daniel Goldberg
|
6c5d6a5ecc
|
Move scanners to be instance variable.
Add MP support (threading/process) for scanning victims in chunks
|
2019-09-16 15:16:56 +03:00 |
Daniel Goldberg
|
7357c8c168
|
Iterate over ranges as chunks rather than discrete addresses
|
2019-09-16 15:16:56 +03:00 |
Daniel Goldberg
|
17dc764f37
|
Add support for MP in Windows PyInstaller
|
2019-09-16 15:16:56 +03:00 |
Shay Nehmad
|
76c642e4b3
|
Lowered code dup in get_result_event
|
2019-09-16 15:08:22 +03:00 |
Shay Nehmad
|
dd9a4b2d10
|
Refactored test_new_user_communication, mostly separated to functions
|
2019-09-16 15:04:22 +03:00 |
Shay Nehmad
|
4330a39725
|
Removed unused PBA processing funcs
|
2019-09-16 14:59:27 +03:00 |