forked from p15670423/monkey
Moved ZT models to own folder and added documentation
This commit is contained in:
parent
d50095b570
commit
453c8f9eb4
|
@ -6,11 +6,22 @@ from common.data.zero_trust_consts import EVENT_TYPES
|
||||||
|
|
||||||
|
|
||||||
class Event(EmbeddedDocument):
|
class Event(EmbeddedDocument):
|
||||||
|
"""
|
||||||
|
This model represents a single event within a Finding (it is an EmbeddedDocument within Finding). It is meant to
|
||||||
|
hold a detail of the Finding.
|
||||||
|
|
||||||
|
This class has 2 main section:
|
||||||
|
* The schema section defines the DB fields in the document. This is the data of the object.
|
||||||
|
* The logic section defines complex questions we can ask about a single document which are asked multiple
|
||||||
|
times, or complex action we will perform - somewhat like an API.
|
||||||
|
"""
|
||||||
|
# SCHEMA
|
||||||
timestamp = DateTimeField(required=True)
|
timestamp = DateTimeField(required=True)
|
||||||
title = StringField(required=True)
|
title = StringField(required=True)
|
||||||
message = StringField()
|
message = StringField()
|
||||||
event_type = StringField(required=True, choices=EVENT_TYPES)
|
event_type = StringField(required=True, choices=EVENT_TYPES)
|
||||||
|
|
||||||
|
# LOGIC
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def create_event(title, message, event_type):
|
def create_event(title, message, event_type):
|
||||||
event = Event(
|
event = Event(
|
|
@ -1,3 +1,4 @@
|
||||||
|
# coding=utf-8
|
||||||
"""
|
"""
|
||||||
Define a Document Schema for Zero Trust findings.
|
Define a Document Schema for Zero Trust findings.
|
||||||
"""
|
"""
|
||||||
|
@ -7,11 +8,21 @@ from mongoengine import Document, StringField, EmbeddedDocumentListField
|
||||||
from common.data.zero_trust_consts import ORDERED_TEST_STATUSES, TESTS, TESTS_MAP, TEST_EXPLANATION_KEY, PILLARS_KEY
|
from common.data.zero_trust_consts import ORDERED_TEST_STATUSES, TESTS, TESTS_MAP, TEST_EXPLANATION_KEY, PILLARS_KEY
|
||||||
# Dummy import for mongoengine.
|
# Dummy import for mongoengine.
|
||||||
# noinspection PyUnresolvedReferences
|
# noinspection PyUnresolvedReferences
|
||||||
from event import Event
|
from monkey_island.cc.models.zero_trust.event import Event
|
||||||
|
|
||||||
|
|
||||||
class Finding(Document):
|
class Finding(Document):
|
||||||
"""
|
"""
|
||||||
|
This model represents a Zero-Trust finding: A result of a test the monkey/island might perform to see if a
|
||||||
|
specific directive of zero trust is upheld or broken.
|
||||||
|
|
||||||
|
Findings might be
|
||||||
|
Negative ❌
|
||||||
|
Conclusive, meaning that we are sure that something is wrong (example: segmentation issue).
|
||||||
|
Inconclusive, meaning that we need the user to check something himself (example: 2FA logs, AV missing).
|
||||||
|
Positive ✔
|
||||||
|
Conclusive, meaning that we are sure that something is correct (example: Monkey failed exploiting).
|
||||||
|
|
||||||
This class has 2 main section:
|
This class has 2 main section:
|
||||||
* The schema section defines the DB fields in the document. This is the data of the object.
|
* The schema section defines the DB fields in the document. This is the data of the object.
|
||||||
* The logic section defines complex questions we can ask about a single document which are asked multiple
|
* The logic section defines complex questions we can ask about a single document which are asked multiple
|
|
@ -1,7 +1,7 @@
|
||||||
from mongoengine import ValidationError
|
from mongoengine import ValidationError
|
||||||
|
|
||||||
from common.data.zero_trust_consts import EVENT_TYPE_ISLAND
|
from common.data.zero_trust_consts import EVENT_TYPE_ISLAND
|
||||||
from monkey_island.cc.models.event import Event
|
from monkey_island.cc.models.zero_trust.event import Event
|
||||||
from monkey_island.cc.testing.IslandTestCase import IslandTestCase
|
from monkey_island.cc.testing.IslandTestCase import IslandTestCase
|
||||||
|
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
from mongoengine import ValidationError
|
from mongoengine import ValidationError
|
||||||
|
|
||||||
from common.data.zero_trust_consts import *
|
from common.data.zero_trust_consts import *
|
||||||
from finding import Finding
|
from monkey_island.cc.models.zero_trust.finding import Finding
|
||||||
from monkey_island.cc.models.event import Event
|
from monkey_island.cc.models.zero_trust.event import Event
|
||||||
from monkey_island.cc.testing.IslandTestCase import IslandTestCase
|
from monkey_island.cc.testing.IslandTestCase import IslandTestCase
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,7 @@
|
||||||
from unittest import TestCase
|
|
||||||
|
|
||||||
from monkey_island.cc.services.reporting.zero_trust_service import ZeroTrustService
|
from monkey_island.cc.services.reporting.zero_trust_service import ZeroTrustService
|
||||||
|
|
||||||
from common.data.zero_trust_consts import *
|
from common.data.zero_trust_consts import *
|
||||||
from monkey_island.cc.models.finding import Finding
|
from monkey_island.cc.models.zero_trust.finding import Finding
|
||||||
from monkey_island.cc.testing.IslandTestCase import IslandTestCase
|
from monkey_island.cc.testing.IslandTestCase import IslandTestCase
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
import json
|
import json
|
||||||
from common.data.zero_trust_consts import *
|
from common.data.zero_trust_consts import *
|
||||||
from monkey_island.cc.models.finding import Finding
|
from monkey_island.cc.models.zero_trust.finding import Finding
|
||||||
|
|
||||||
|
|
||||||
class ZeroTrustService(object):
|
class ZeroTrustService(object):
|
||||||
|
|
|
@ -3,8 +3,8 @@ import json
|
||||||
from common.data.zero_trust_consts import EVENT_TYPE_MONKEY_LOCAL, EVENT_TYPE_ISLAND, \
|
from common.data.zero_trust_consts import EVENT_TYPE_MONKEY_LOCAL, EVENT_TYPE_ISLAND, \
|
||||||
STATUS_POSITIVE, STATUS_CONCLUSIVE, TEST_ENDPOINT_SECURITY_EXISTS
|
STATUS_POSITIVE, STATUS_CONCLUSIVE, TEST_ENDPOINT_SECURITY_EXISTS
|
||||||
from monkey_island.cc.models import Monkey
|
from monkey_island.cc.models import Monkey
|
||||||
from monkey_island.cc.models.event import Event
|
from monkey_island.cc.models.zero_trust.event import Event
|
||||||
from monkey_island.cc.models.finding import Finding
|
from monkey_island.cc.models.zero_trust.finding import Finding
|
||||||
|
|
||||||
ANTI_VIRUS_KNOWN_PROCESS_NAMES = [
|
ANTI_VIRUS_KNOWN_PROCESS_NAMES = [
|
||||||
u"AvastSvc.exe",
|
u"AvastSvc.exe",
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
import unittest
|
import unittest
|
||||||
from monkey_island.cc.environment.environment import env
|
from monkey_island.cc.environment.environment import env
|
||||||
from monkey_island.cc.models import Monkey
|
from monkey_island.cc.models import Monkey
|
||||||
from monkey_island.cc.models.finding import Finding
|
from monkey_island.cc.models.zero_trust.finding import Finding
|
||||||
|
|
||||||
|
|
||||||
class IslandTestCase(unittest.TestCase):
|
class IslandTestCase(unittest.TestCase):
|
||||||
|
|
Loading…
Reference in New Issue