Commit Graph

7391 Commits

Author SHA1 Message Date
vakarisz 9037dfdf99 Agent: rename CredentialTypes enum to CredentialType 2022-02-15 12:42:36 +02:00
vakarisz 02cdebb88b Agent: fix ICredentialCollector return type-hint 2022-02-15 12:41:19 +02:00
vakarisz f5740b2a6e Agent: add mimikatz collector unit tests 2022-02-15 10:09:53 +01:00
vakarisz a6c2762823 Agent: change mimikatz collector to return a list of credentials 2022-02-15 10:09:53 +01:00
vakarisz 2f1b57a526 Agent: fix pypykatz import in mimikatz_cred_collector.py 2022-02-15 10:09:53 +01:00
vakarisz 2ba793e0cf Agent: move mimikatz collector to credential collectors 2022-02-15 10:09:53 +01:00
VakarisZ 144afc0fd3
Merge pull request #1712 from guardicore/1696-refactor-aws-collector
Agent: Refactor AWS collector
2022-02-14 17:12:28 +02:00
Ilija Lazoroski ae13953f52 Agent: Run AWS Environment check in a thread
* Use Telemetry Messenger to send AWS telemetry
* Send only instance_id to AWS Instance Telemetry
* Rename AwsInstanceTelemetry to AWSInstanceTelemetry
2022-02-14 16:00:38 +01:00
vakarisz 6aa2160f31 Agent: refactor mimikatz_cred_collector to credential collector 2022-02-14 15:25:06 +02:00
Ilija Lazoroski 7f6496b330 Island, UT: Remove system info AWS Collector 2022-02-14 12:00:08 +01:00
Ilija Lazoroski 412a06fa9b Island: Handle AWS info telemetry 2022-02-14 12:00:08 +01:00
Ilija Lazoroski 1f76a42279 Agent: Refactor AWS collector 2022-02-14 11:59:48 +01:00
vakarisz c21cf681a4 Agent: define credential collector, credentials interfaces 2022-02-14 12:12:13 +02:00
VakarisZ b0bd3f9c51
Merge pull request #1713 from guardicore/1690-investigate-pyinstaller-versions
1690 investigate pyinstaller versions
2022-02-14 11:47:47 +02:00
Mike Salvatore 414b1cb815 Agent: Add return type annotation to create_daemon_thread() 2022-02-12 09:44:04 -05:00
vakarisz 216a245329 Island: bumped pyinstaller to 4.9 2022-02-11 17:25:04 +02:00
vakarisz a3ba7fb830 Agent: bumped pyinstaller to 4.9 and locked pywin32 to windows 2022-02-11 17:24:33 +02:00
vakarisz 40548e85c1 Agent: bump agent pyinstaller to 4.8 2022-02-11 15:37:31 +02:00
vakarisz 31abc065f6 Agent: add explicit requirements for for pywin32-ctypes and pefile
These are pyinstaller dependencies that don't get auto-resolved and installed for some reason
2022-02-11 12:40:59 +02:00
Mike Salvatore 5a8c072d6a
Merge pull request #1709 from guardicore/1601-fix-check-tcp-ports-bugs
Minor changes to TCP scanning
2022-02-10 12:23:29 -05:00
Ilija Lazoroski 543ff24ac3 UT: Add tests for tcp scanning 2022-02-10 18:14:36 +01:00
Mike Salvatore 36a2b3ff6b Agent: Add sleep back into _check_tcp_ports() 2022-02-10 18:14:36 +01:00
Mike Salvatore 21ede3e341 Agent: Improve readability of _check_tcp_ports() 2022-02-10 18:14:36 +01:00
Mike Salvatore 2ae77ce897 Agent: Fix error when shutting down sockets in _check_tcp_ports()
An error is raised if shutdown() is called on a socket that has not
successfully connected. This commit modifies the cleanup logic so that
shutdown() is only called on sockets that are known to be connected and
close() is called on all sockets.
2022-02-10 18:14:36 +01:00
Mike Salvatore a53b611759 Agent: Change _check_tcp_ports() to return Mapping[int, str] 2022-02-10 18:14:36 +01:00
Mike Salvatore d3dd6ffeb0 Agent: Simplify logic in Timer.time_remaining 2022-02-10 18:14:36 +01:00
Shreya Malviya eb1a322ff8 Agent: Rework return value in _check_tcp_ports in tcp_scanner.py 2022-02-10 18:14:36 +01:00
Mike Salvatore 0e7f171c4a Agent: Use a Timer in _check_tcp_ports() to simplify logic 2022-02-10 18:14:36 +01:00
Mike Salvatore e981ead150 Agent: Add new time_remaining() method to Timer 2022-02-10 18:14:36 +01:00
Shreya Malviya 31fd24f077 Agent: Address CR comments + minor changes in tcp_scanner.py 2022-02-10 18:14:36 +01:00
Ilija Lazoroski 48dcd939e5 Agent, Island: Bump pyinstaller to latest version 2022-02-10 16:02:34 +01:00
Mike Salvatore 98a2f0b887 Agent: Use consistent DISPLAY_NAME constant in fingerprinters 2022-02-10 07:15:03 -05:00
Mike Salvatore aadc055f74
Merge pull request #1708 from guardicore/1603-refactor-ssh-fingerprinter
Agent: refactor ssh fingerprinter to fit the new model
2022-02-10 07:11:41 -05:00
Mike Salvatore f9b803b1ae Agent: Minor code quality improvements to SSHFingerprinter 2022-02-10 07:10:47 -05:00
vakarisz 1c7ec9c41f Agent: refactor ssh fingerprinter to fit the new model 2022-02-10 07:10:45 -05:00
Mike Salvatore 1dc08e2087
Merge pull request #1706 from guardicore/1603-refactor-smb-fingerprinter
1603 refactor smb fingerprinter
2022-02-10 06:47:32 -05:00
Mike Salvatore 37eab76044 Agent: Load SMBFingerprinter into the puppet 2022-02-09 13:41:00 -05:00
Mike Salvatore f85bb389cc Agent: Add some debug logging to SMBFingerprinter 2022-02-09 13:40:23 -05:00
Mike Salvatore fec7d987d8 Agent: Skip SMBFingerprinter if SMB_PORT is not open 2022-02-09 13:40:23 -05:00
Mike Salvatore ab3daeb2e8 Agent: Refactor the SMB fingerprinter to implement IFingerprinter 2022-02-09 13:40:23 -05:00
Mike Salvatore a7022011d9 Agent: Rename smb_finger.py -> smb_fingerprinter.py 2022-02-09 13:40:23 -05:00
Mike Salvatore b63d739578 Agent: Replace *Finger* names with *Fingerprinter* in SMBFinger 2022-02-09 13:40:23 -05:00
Mike Salvatore 26681abc86
Merge pull request #1707 from guardicore/1603-refactor-mssql-fingerprinter
1603 refactor mssql fingerprinter
2022-02-09 13:39:57 -05:00
Ilija Lazoroski 5d818154b9 Agent: Load MSSQL fingerprinter into the Puppet 2022-02-09 19:35:59 +01:00
Ilija Lazoroski e6f5b6113f Agent: Refactor MSSQL fingerprinter
* Refactor code to conform to the IFingerprinter interface
* Non-structured server response will return empty Fingerprint data
* Rename mssql_fingerprint to mssql_fingerprinter
* Unit tests
2022-02-09 19:35:51 +01:00
Ilija Lazoroski fb8847b5c5 Agent: Remove sambacry binaries from monkey spec
PR #1698
2022-02-09 08:25:20 -05:00
Mike Salvatore f0602edffb
Merge pull request #1703 from guardicore/1603-refactor-elastic-fingerprinter
Refactor elastic fingerprinter
2022-02-09 07:33:07 -05:00
Mike Salvatore 6de05df665 Agent: Load ElasticSearchFingerprinter into the Puppet 2022-02-09 07:28:12 -05:00
Mike Salvatore cc3be599d7 Agent: Refactor ElasticSearchFingerprinter
* Rename ElasticFinger -> ElasticSearchFingerprinter
* Don't scan port if port is closed or not configured
* Refactor code to conform to the IFingerprinter interface
* Add unit tests
2022-02-09 07:28:10 -05:00
Shreya Malviya 5a64db4ce9
Merge pull request #1699 from guardicore/1669-remove-scoutsuite-integration
Remove scoutsuite
2022-02-09 01:15:30 -08:00