4cd1c6bf3c
BB: Reorder some things in depth_1_a.py
2022-07-19 08:59:10 -04:00
87363d3096
BB: Rename credentials -> CREDENTIALS
2022-07-19 08:57:19 -04:00
707aa97a65
BB: Add TCP ports to depth_1_a_test_configuration
2022-07-19 08:47:57 -04:00
189e2ad3d1
BB: Add HTTP ports to depth_1_a_test_configuration
2022-07-19 08:13:09 -04:00
0c6764daf5
BB: Add add_http_ports()
2022-07-19 08:12:46 -04:00
53e366a677
Island: Remove unused _KEY_LENGTH_BYTES variables from DataStoreEncryptor and RepositoryEncryptor
2022-07-19 14:51:58 +05:30
f8eeda1e6f
Island: Use cryptography.fernet to generate key in DataStoreEncryptor
...
and RepositoryEncryptor
We changed our encryption code to use cryptography.fernet instead of
pycryptodome. Using secrets.token_bytes() with fernet was causing
padding and encoding issues. This is a quicker and easier solution, and
also probably more reliable since everything to do with encryption is
from the same module now.
2022-07-19 14:51:58 +05:30
5eb77dcbb6
UT: Change key in test_key_based_encryptor.py to be URL safe (cryptography.fernet requires this)
2022-07-19 14:51:58 +05:30
f542c9d0a8
Island: Fix KeyBasedEncryptor's encrypt function's logic
2022-07-19 14:51:58 +05:30
637926ed09
Island: Extract fernet_object to an object variable in KeyBasedEncryptor
2022-07-19 14:51:58 +05:30
373d34dce6
Island: Use cryptography.fernet for encryption in KeyBasedEncryptor
2022-07-19 14:51:58 +05:30
c1449fb897
Island: Remove TODO comment about using cryptography.fernet
2022-07-19 14:51:58 +05:30
09e57541cc
Project: Update Island dependencies to add `cryptography`
2022-07-19 14:51:58 +05:30
c12e281e4e
Island: Use secrets instead of Crypto (pycryptodome) in DataStoreEncryptor
2022-07-19 14:51:58 +05:30
cc021f33ff
UI: Add note about removal of 'weak_password' issue
2022-07-19 10:15:22 +02:00
b3ec9e340f
UI: Fix Credentials parsing to use simplified credentials object
2022-07-18 21:49:24 +02:00
57f2c7e058
Island: Fix credentials formatting to use simplified credentials object
2022-07-18 21:48:47 +02:00
c56b38f695
UI: Add note in StolenPasswords component
2022-07-18 21:23:17 +02:00
67e67441c1
UI: Remove unused getCredenatislSecrets function
2022-07-18 21:23:17 +02:00
07b4956717
UI: Set stolen_creds issues in state
2022-07-18 21:23:17 +02:00
5e1adbb877
UI: Add formatting to StolenPasswordsComponent
...
This component was used in security and attack report with
two different sets of data. The first one is from the
credentials endpoint which needed formatting and the second
from the telemetry which was already formatted.
2022-07-18 21:23:17 +02:00
27c0b838c4
Island: Fix one missed telemetry processor
2022-07-18 21:23:17 +02:00
474a26aeff
UI: Fix StolenCredentials issue to add if we have any stolen credentials
2022-07-18 21:23:17 +02:00
5c765f85c2
UI: Add StolenCredentialsIssue to issues
2022-07-18 21:23:17 +02:00
35ed7f60c4
Island: Fix an import in initialize
2022-07-18 21:23:17 +02:00
c65439e049
UI: Remove WeakPassword issue
...
* We don't have the passwords used for exploiting the machines
in the UI
* All it will be reworked
2022-07-18 21:23:17 +02:00
1683265868
Island: Rename reporting/stolen_credentials.py to
...
reporting/format_credentials.py
2022-07-18 21:23:17 +02:00
5ebf0ed8f6
Island: Remove StolenCredentials model
2022-07-18 21:23:17 +02:00
a24bdd43b8
Island: Move credentials parser hack to dirty_hacks function
2022-07-18 21:23:17 +02:00
885f0565a8
Island: Patch T1003 with a callable class
2022-07-18 21:23:17 +02:00
06a64c14d7
Island: Add callable class for T1003
2022-07-18 21:23:17 +02:00
c83f76b02b
Island: Add formatting credentials for report
2022-07-18 21:23:17 +02:00
c75ee22c29
Island: Remove get_config_{users,passwords} from reporting
2022-07-18 21:23:17 +02:00
94419d8141
Island: Add PTHReportservice get issues functions
...
* get_duplicated_passwords_issues
* get strong_users_on_crit_issues
2022-07-18 21:23:17 +02:00
f417cff17b
UI: Rename UsedCredentials.tsx.js to UsedCredentials.js
2022-07-18 21:23:17 +02:00
bfda71dd45
UI: Check for actual stolen credentials in issues
2022-07-18 21:23:17 +02:00
89f5ff89d2
Island: Remove extract_ssh_keys from stolen_credentials reporting
2022-07-18 21:23:17 +02:00
4dbdbcc75e
UI: Remove unneeded logging in UsedCredentials component
2022-07-18 21:23:17 +02:00
8ccdba7528
UI: Grab credentials from endpoint and render them
2022-07-18 21:23:17 +02:00
f99bd74cd4
UI: Construct and render stolen credentials
2022-07-18 21:23:17 +02:00
2861f0b085
UI: Add UsedCredentials component to render credentials
2022-07-18 21:23:17 +02:00
e61b0bfdca
UI: Add credentials parsing functionalities
2022-07-18 21:23:17 +02:00
f0f4f6d591
Island: Remove credentials from reporting
2022-07-18 21:23:17 +02:00
f1d9ea64e5
BB: Add tcp ports to depth_1_a_test_configuration
2022-07-18 15:17:33 -04:00
0a0cb5de19
BB: Set maximum depth in depth_1_a_test_configuration
2022-07-18 15:17:33 -04:00
365b4098e4
BB: Set maximum depth in zerologon_test_configuration
2022-07-18 15:17:32 -04:00
5a1a40a515
BB: Add set_maximum_depth()
2022-07-18 15:17:30 -04:00
7456ef6b05
Merge pull request #2100 from guardicore/2092-remove-single-tests
...
2092 remove single tests
2022-07-18 21:02:54 +02:00
c2028f15a4
BB: Add depth_1_a_test_configuration
2022-07-18 15:00:06 -04:00
138ce81f1b
BB: Add add_credential_collectors()
2022-07-18 14:52:31 -04:00
Mike Salvatore
Shreya Malviya
Ilija Lazoroski