From c1f52ee994a41493848a0f8289c4450a05d0389e Mon Sep 17 00:00:00 2001
From: Shay Nehmad <shay.nehmad@guardicore.com>
Date: Mon, 11 May 2020 22:36:38 +0300
Subject: [PATCH 1/3] Added a short summary sentence over each table in the
 security report

Solves https://github.com/guardicore/monkey/issues/635
---
 .../report-components/SecurityReport.js       | 17 ++++++----
 .../security/BreachedServers.js               | 23 ++++++++-----
 .../report-components/security/PostBreach.js  | 32 ++++++++++++-------
 .../security/ScannedServers.js                | 30 ++++++++++++-----
 4 files changed, 68 insertions(+), 34 deletions(-)

diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
index e25b7f126..d6891b5bb 100644
--- a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
@@ -407,18 +407,23 @@ class ReportPageComponent extends AuthComponent {
         <div style={{position: 'relative', height: '80vh'}}>
           <ReactiveGraph graph={this.state.graph} options={getOptions(this.state.nodeStateList)}/>
         </div>
-        <div style={{marginBottom: '20px'}}>
-          <BreachedServers data={this.state.report.glance.exploited}/>
-        </div>
-        <div style={{marginBottom: '20px'}}>
-          <PostBreach data={this.state.report.glance.scanned}/>
-        </div>
+
         <div style={{marginBottom: '20px'}}>
           <ScannedServers data={this.state.report.glance.scanned}/>
         </div>
+
+        <div style={{marginBottom: '20px'}}>
+          <BreachedServers data={this.state.report.glance.exploited}/>
+        </div>
+
+        <div style={{marginBottom: '20px'}}>
+          <PostBreach data={this.state.report.glance.scanned}/>
+        </div>
+
         <div style={{position: 'relative', height: '80vh'}}>
           {this.generateReportPthMap()}
         </div>
+
         <div style={{marginBottom: '20px'}}>
           <StolenPasswords data={this.state.report.glance.stolen_creds.concat(this.state.report.glance.ssh_keys)}/>
         </div>
diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/security/BreachedServers.js b/monkey/monkey_island/cc/ui/src/components/report-components/security/BreachedServers.js
index 4eeb1f971..1b2efcd06 100644
--- a/monkey/monkey_island/cc/ui/src/components/report-components/security/BreachedServers.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/security/BreachedServers.js
@@ -1,5 +1,6 @@
 import React from 'react';
 import ReactTable from 'react-table'
+import Pluralize from "pluralize";
 
 let renderArray = function (val) {
   return <div>{val.map(x => <div>{x}</div>)}</div>;
@@ -34,14 +35,20 @@ class BreachedServersComponent extends React.Component {
     let defaultPageSize = this.props.data.length > pageSize ? pageSize : this.props.data.length;
     let showPagination = this.props.data.length > pageSize;
     return (
-      <div className="data-table-container">
-        <ReactTable
-          columns={columns}
-          data={this.props.data}
-          showPagination={showPagination}
-          defaultPageSize={defaultPageSize}
-        />
-      </div>
+      <>
+        <p>
+          The Monkey successfully breached <span
+          className="label label-danger">{this.props.data.length}</span> {Pluralize('machines', this.props.data.length)}:
+        </p>
+        <div className="data-table-container">
+          <ReactTable
+            columns={columns}
+            data={this.props.data}
+            showPagination={showPagination}
+            defaultPageSize={defaultPageSize}
+          />
+        </div>
+      </>
     );
   }
 }
diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/security/PostBreach.js b/monkey/monkey_island/cc/ui/src/components/report-components/security/PostBreach.js
index b0fe5fa9e..2aa772db5 100644
--- a/monkey/monkey_island/cc/ui/src/components/report-components/security/PostBreach.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/security/PostBreach.js
@@ -1,5 +1,6 @@
 import React from 'react';
 import ReactTable from 'react-table'
+import Pluralize from 'pluralize'
 
 let renderArray = function (val) {
   return <span>{val.map(x => <span key={x}> {x}</span>)}</span>;
@@ -62,19 +63,26 @@ class PostBreachComponent extends React.Component {
     });
     let defaultPageSize = pbaMachines.length > pageSize ? pageSize : pbaMachines.length;
     let showPagination = pbaMachines > pageSize;
+    const howManyPBAs = pbaMachines.reduce((accumulated, pbaMachine) => accumulated+pbaMachine["pba_results"].length,0)
     return (
-      <div className="data-table-container">
-        <ReactTable
-          columns={columns}
-          data={pbaMachines}
-          showPagination={showPagination}
-          defaultPageSize={defaultPageSize}
-          SubComponent={row => {
-            return renderDetails(row.original.pba_results);
-          }}
-        />
-      </div>
-
+      <>
+        <p>
+          The Monkey performed <span
+          className="label label-danger">{howManyPBAs}</span> post-breach {Pluralize('actions', howManyPBAs)} on <span
+          className="label label-warning">{pbaMachines.length}</span> {Pluralize('machines', pbaMachines.length)}:
+        </p>
+        <div className="data-table-container">
+          <ReactTable
+            columns={columns}
+            data={pbaMachines}
+            showPagination={showPagination}
+            defaultPageSize={defaultPageSize}
+            SubComponent={row => {
+              return renderDetails(row.original.pba_results);
+            }}
+          />
+        </div>
+      </>
     );
   }
 }
diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/security/ScannedServers.js b/monkey/monkey_island/cc/ui/src/components/report-components/security/ScannedServers.js
index 7a4495da3..f68415a3a 100644
--- a/monkey/monkey_island/cc/ui/src/components/report-components/security/ScannedServers.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/security/ScannedServers.js
@@ -1,5 +1,6 @@
 import React from 'react';
 import ReactTable from 'react-table'
+import Pluralize from 'pluralize'
 
 let renderArray = function (val) {
   return <div>{val.map(x => <div>{x}</div>)}</div>;
@@ -32,17 +33,30 @@ class ScannedServersComponent extends React.Component {
   }
 
   render() {
+
     let defaultPageSize = this.props.data.length > pageSize ? pageSize : this.props.data.length;
     let showPagination = this.props.data.length > pageSize;
+
+    const howManyScannedMachines = this.props.data.length;
+    const reducerFromScannedServerToServicesAmount = (accumulated, scannedServer) => accumulated + scannedServer["services"].length;
+    const howManyScannedServices = this.props.data.reduce(reducerFromScannedServerToServicesAmount, 0);
+
     return (
-      <div className="data-table-container">
-        <ReactTable
-          columns={columns}
-          data={this.props.data}
-          showPagination={showPagination}
-          defaultPageSize={defaultPageSize}
-        />
-      </div>
+      <>
+        <p>
+          The Monkey discovered <span
+          className="label label-danger">{howManyScannedServices}</span> open {Pluralize('services', howManyScannedServices)} on <span
+          className="label label-warning">{howManyScannedMachines}</span> {Pluralize('machines', howManyScannedMachines)}:
+        </p>
+        <div className="data-table-container">
+          <ReactTable
+            columns={columns}
+            data={this.props.data}
+            showPagination={showPagination}
+            defaultPageSize={defaultPageSize}
+          />
+        </div>
+      </>
     );
   }
 }

From 85b5a156fc32b6ee932f2260b385fad198c254a6 Mon Sep 17 00:00:00 2001
From: Shay Nehmad <shay.nehmad@guardicore.com>
Date: Tue, 12 May 2020 10:16:04 +0300
Subject: [PATCH 2/3] Fixed code review comments - JS linting and readability

---
 .../security/BreachedServers.js                 |  6 +++---
 .../report-components/security/PostBreach.js    | 10 +++++-----
 .../security/ScannedServers.js                  | 17 ++++++++++-------
 3 files changed, 18 insertions(+), 15 deletions(-)

diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/security/BreachedServers.js b/monkey/monkey_island/cc/ui/src/components/report-components/security/BreachedServers.js
index 1b2efcd06..3ea23a075 100644
--- a/monkey/monkey_island/cc/ui/src/components/report-components/security/BreachedServers.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/security/BreachedServers.js
@@ -1,6 +1,6 @@
 import React from 'react';
-import ReactTable from 'react-table'
-import Pluralize from "pluralize";
+import ReactTable from 'react-table';
+import Pluralize from 'pluralize';
 
 let renderArray = function (val) {
   return <div>{val.map(x => <div>{x}</div>)}</div>;
@@ -38,7 +38,7 @@ class BreachedServersComponent extends React.Component {
       <>
         <p>
           The Monkey successfully breached <span
-          className="label label-danger">{this.props.data.length}</span> {Pluralize('machines', this.props.data.length)}:
+          className="label label-danger">{this.props.data.length}</span> {Pluralize('machine', this.props.data.length)}:
         </p>
         <div className="data-table-container">
           <ReactTable
diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/security/PostBreach.js b/monkey/monkey_island/cc/ui/src/components/report-components/security/PostBreach.js
index 2aa772db5..c482fb992 100644
--- a/monkey/monkey_island/cc/ui/src/components/report-components/security/PostBreach.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/security/PostBreach.js
@@ -1,6 +1,6 @@
 import React from 'react';
-import ReactTable from 'react-table'
-import Pluralize from 'pluralize'
+import ReactTable from 'react-table';
+import Pluralize from 'pluralize';
 
 let renderArray = function (val) {
   return <span>{val.map(x => <span key={x}> {x}</span>)}</span>;
@@ -63,13 +63,13 @@ class PostBreachComponent extends React.Component {
     });
     let defaultPageSize = pbaMachines.length > pageSize ? pageSize : pbaMachines.length;
     let showPagination = pbaMachines > pageSize;
-    const howManyPBAs = pbaMachines.reduce((accumulated, pbaMachine) => accumulated+pbaMachine["pba_results"].length,0)
+    const pbaCount = pbaMachines.reduce((accumulated, pbaMachine) => accumulated+pbaMachine["pba_results"].length, 0);
     return (
       <>
         <p>
           The Monkey performed <span
-          className="label label-danger">{howManyPBAs}</span> post-breach {Pluralize('actions', howManyPBAs)} on <span
-          className="label label-warning">{pbaMachines.length}</span> {Pluralize('machines', pbaMachines.length)}:
+          className="label label-danger">{pbaCount}</span> post-breach {Pluralize('action', pbaCount)} on <span
+          className="label label-warning">{pbaMachines.length}</span> {Pluralize('machine', pbaMachines.length)}:
         </p>
         <div className="data-table-container">
           <ReactTable
diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/security/ScannedServers.js b/monkey/monkey_island/cc/ui/src/components/report-components/security/ScannedServers.js
index f68415a3a..644d77f54 100644
--- a/monkey/monkey_island/cc/ui/src/components/report-components/security/ScannedServers.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/security/ScannedServers.js
@@ -1,6 +1,6 @@
 import React from 'react';
-import ReactTable from 'react-table'
-import Pluralize from 'pluralize'
+import ReactTable from 'react-table';
+import Pluralize from 'pluralize';
 
 let renderArray = function (val) {
   return <div>{val.map(x => <div>{x}</div>)}</div>;
@@ -37,16 +37,19 @@ class ScannedServersComponent extends React.Component {
     let defaultPageSize = this.props.data.length > pageSize ? pageSize : this.props.data.length;
     let showPagination = this.props.data.length > pageSize;
 
-    const howManyScannedMachines = this.props.data.length;
+    const scannedMachinesCount = this.props.data.length;
     const reducerFromScannedServerToServicesAmount = (accumulated, scannedServer) => accumulated + scannedServer["services"].length;
-    const howManyScannedServices = this.props.data.reduce(reducerFromScannedServerToServicesAmount, 0);
+    const scannedServicesAmount = this.props.data.reduce(reducerFromScannedServerToServicesAmount, 0);
 
     return (
       <>
         <p>
-          The Monkey discovered <span
-          className="label label-danger">{howManyScannedServices}</span> open {Pluralize('services', howManyScannedServices)} on <span
-          className="label label-warning">{howManyScannedMachines}</span> {Pluralize('machines', howManyScannedMachines)}:
+          The Monkey discovered
+          <span className="label label-danger">{scannedServicesAmount}</span>
+          open {Pluralize('service', scannedServicesAmount)}
+          on
+          <span className="label label-warning">{scannedMachinesCount}</span>
+          {Pluralize('machine', scannedMachinesCount)}:
         </p>
         <div className="data-table-container">
           <ReactTable

From ee7051fdea214957cc7362cecd3737601594b57b Mon Sep 17 00:00:00 2001
From: VakarisZ <vakarisz@yahoo.com>
Date: Wed, 13 May 2020 12:45:19 +0300
Subject: [PATCH 3/3] Smallfixes on persistance/create user attack technique

---
 .../cc/services/attack/attack_schema.py       | 32 +++++++++----------
 .../attack/technique_reports/T1136.py         |  2 +-
 .../src/components/attack/techniques/T1136.js |  4 ++-
 3 files changed, 20 insertions(+), 18 deletions(-)

diff --git a/monkey/monkey_island/cc/services/attack/attack_schema.py b/monkey/monkey_island/cc/services/attack/attack_schema.py
index a49079fa4..3c3a451f2 100644
--- a/monkey/monkey_island/cc/services/attack/attack_schema.py
+++ b/monkey/monkey_island/cc/services/attack/attack_schema.py
@@ -66,6 +66,22 @@ SCHEMA = {
                 }
             }
         },
+        "persistence": {
+            "title": "Persistence",
+            "type": "object",
+            "link": "https://attack.mitre.org/tactics/TA0003/",
+            "properties": {
+                "T1136": {
+                    "title": "Create account",
+                    "type": "bool",
+                    "value": True,
+                    "necessary": False,
+                    "link": "https://attack.mitre.org/techniques/T1136",
+                    "description": "Adversaries with a sufficient level of access "
+                                    "may create a local system, domain, or cloud tenant account."
+                }
+            }
+        },
         "defence_evasion": {
             "title": "Defence evasion",
             "type": "object",
@@ -289,22 +305,6 @@ SCHEMA = {
                     "description": "Data exfiltration is performed over the Command and Control channel."
                 }
             }
-        },
-        "persistence": {
-            "title": "Persistence",
-            "type": "object",
-            "link": "https://attack.mitre.org/tactics/TA0003/",
-            "properties": {
-                "T1136": {
-                    "title": "Create account",
-                    "type": "bool",
-                    "value": True,
-                    "necessary": False,
-                    "link": "https://attack.mitre.org/techniques/T1136",
-                    "description": "Adversaries with a sufficient level of access "
-                                    "may create a local system, domain, or cloud tenant account."
-                }
-            }
         }
     }
 }
diff --git a/monkey/monkey_island/cc/services/attack/technique_reports/T1136.py b/monkey/monkey_island/cc/services/attack/technique_reports/T1136.py
index 04450d4a6..4cd78c9a3 100644
--- a/monkey/monkey_island/cc/services/attack/technique_reports/T1136.py
+++ b/monkey/monkey_island/cc/services/attack/technique_reports/T1136.py
@@ -34,5 +34,5 @@ class T1136(AttackTechnique):
                                 'result': ': '.join([pba['name'], pba['result'][0]])
                             }]
                         })
-            data.update(T1136.get_message_and_status(status))
+            data.update(T1136.get_base_data_by_status(status))
         return data
diff --git a/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1136.js b/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1136.js
index b9c4b6aff..55cd9966c 100644
--- a/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1136.js
+++ b/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1136.js
@@ -1,6 +1,7 @@
 import React from 'react';
 import ReactTable from 'react-table';
-import {renderMachineFromSystemData, ScanStatus} from './Helpers'
+import {renderMachineFromSystemData, ScanStatus} from './Helpers';
+import MitigationsComponent from "./MitigationsComponent";
 
 class T1136 extends React.Component {
 
@@ -35,6 +36,7 @@ class T1136 extends React.Component {
             showPagination={false}
             defaultPageSize={this.props.data.info.length}
           /> : ''}
+          <MitigationsComponent mitigations={this.props.data.mitigations}/>
       </div>
     );
   }