Agent: Define MIMIKATZ_EVENT_TAGS as a frozenset

2022-08-17 17:28:18 +05:30 · 2022-08-17 17:28:18 +05:30 · 3dca01d5d5
parent f9f3daffa7
commit 3dca01d5d5
1 changed files with 8 additions and 6 deletions
--- a/monkey/infection_monkey/credential_collectors/mimikatz_collector/mimikatz_credential_collector.py
+++ b/monkey/infection_monkey/credential_collectors/mimikatz_collector/mimikatz_credential_collector.py
@ -17,11 +17,13 @@ MIMIKATZ_CREDENTIAL_COLLECTOR_TAG = "mimikatz-credentials-collector"
 T1003_ATTACK_TECHNIQUE_TAG = "attack-t1003"
 T1005_ATTACK_TECHNIQUE_TAG = "attack-t1005"

-MIMIKATZ_EVENT_TAGS = {
-    MIMIKATZ_CREDENTIAL_COLLECTOR_TAG,
-    T1003_ATTACK_TECHNIQUE_TAG,
-    T1005_ATTACK_TECHNIQUE_TAG,
-}
+MIMIKATZ_EVENT_TAGS = frozenset(
+    (
+        MIMIKATZ_CREDENTIAL_COLLECTOR_TAG,
+        T1003_ATTACK_TECHNIQUE_TAG,
+        T1005_ATTACK_TECHNIQUE_TAG,
+    )
+)


 class MimikatzCredentialCollector(ICredentialCollector):
@ -74,7 +76,7 @@ class MimikatzCredentialCollector(ICredentialCollector):

    def _publish_credentials_stolen_event(self, collected_credentials: Sequence[Credentials]):
        credentials_stolen_event = CredentialsStolenEvent(
-            tags=frozenset(MIMIKATZ_EVENT_TAGS),
+            tags=MIMIKATZ_EVENT_TAGS,
            stolen_credentials=collected_credentials,
        )