p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
10,775 Commits 31 Branches 0 Tags 47 MiB
Commit Graph

161 Commits

Author SHA1 Message Date
Mike Salvatore ccffd1eaee Project: Update vulture_allowlist.py for IAgentRepository changes 2022-09-01 12:43:45 -04:00
Ilija Lazoroski 508b811939 Agent: Rename on_user_connected to add_relay_user 2022-09-01 13:41:50 +02:00
Ilija Lazoroski 94fba0fdf0 Agent: Rename RelayUser.time to last_update_time 2022-09-01 10:17:13 +02:00
Ilija Lazoroski 302cdaac70 Agent: Use event.wait() when running TCPRelay 2022-09-01 09:57:46 +02:00
Mike Salvatore 973a82e087 Merge branch 'machine-repository' into develop 
PR #2228
 2022-08-31 10:54:54 -04:00
Mike Salvatore ba7dab26d7 Island: Refactor how Machine objects are managed by IMachineRepository 
- Replace `create_machine()` with `get_new_id()`
- Replace `update_machine()` with `upsert_machine()`

Benefits:
    The repository doesn't store Machine objects that only have the ID
    populated (unless that is the caller's desire).

    Upsert instead of update allows the interface to be more permissive.
 2022-08-31 10:17:20 -04:00
Kekoa Kaaikala 70a9251c5b Agent: Fix type hints 2022-08-30 13:44:32 +00:00
Mike Salvatore eb3fe21b11 Island: Redefine IMachineRepository 2022-08-29 19:27:14 -04:00
Mike Salvatore 9a95cfbc8b Project: Add machine_hardware_id to vulture_allowlist.py 2022-08-25 11:51:17 -04:00
Mike Salvatore 4769b0edc8 Project: Add fields from some models to vulture_allowlist.py 2022-08-19 11:31:14 -04:00
Mike Salvatore 54db99350d Island: Add CommunicationType Enum 2022-08-19 11:31:14 -04:00
Mike Salvatore b6e04074a4 Island: Make Machine.network_interfaces immutable 2022-08-19 11:31:14 -04:00
Mike Salvatore a4a4613a66 Island: Add a Machine model 2022-08-19 11:31:14 -04:00
Mike Salvatore 09474ac1fe Island: Add base models for pydantic classes 2022-08-19 11:31:11 -04:00
ilija-lazoroski 808bf5fee9
Merge pull request #2205 from guardicore/2179-create-ieventserializer 
Event serializer
 2022-08-18 16:06:14 +02:00
Shreya Malviya 4be262657e Project: Remove Vulture entries no longer relevant 
Issue #2176
 2022-08-18 07:13:30 -04:00
Shreya Malviya 132f3a3473 Project: Add event serializer entries to Vulture allowlist 2022-08-17 21:31:35 +05:30
Ilija Lazoroski db8e1e50da Agent: Add add_credentials_from_event_to_propagation_credentials_repository 
Callable class that adds credentials to the propagation credentials
repository
 2022-08-15 09:30:04 +02:00
Mike Salvatore dc0f865f9b
Merge pull request #2192 from guardicore/2176-initialize-event-queue 
Initialize IEventQueue
 2022-08-12 10:14:20 -04:00
Ilija Lazoroski 21c9ea9d44 Agent: Initialize IEventQueue 2022-08-12 15:31:55 +02:00
Ilija Lazoroski 743d40abab Common: Rename StolenCredentialsEvent to CredentialsStolenEvent 2022-08-12 09:39:04 +02:00
Ilija Lazoroski 889863bb93 Common: Define StolenCredentialsEvent 2022-08-11 19:36:52 +02:00
Mike Salvatore 87cbdd9fb8 Common: Rename subscribe_all() -> subscribe_all_events() 2022-08-10 09:17:13 -04:00
Shreya Malviya 3938e2f377 Project: Add subscribe_all_event_types to Vulture allowlist 2022-08-09 19:00:05 +05:30
Shreya Malviya 7a77fd82df Project: Add event queue's entries to Vulture allowlist 2022-08-09 17:12:48 +05:30
Ilija Lazoroski 8586d89062 Island: Implement Version object 2022-08-03 16:43:04 +02:00
Mike Salvatore c7be5f6c68 Project: Add AbstractEvent to vulture_allowlist.py 2022-08-02 20:38:08 -04:00
Shreya Malviya 9c7b69dd7b Project: Add 'validate_windows_filename_not_reserved' to Vulture's allowlist 2022-07-27 12:32:07 +05:30
vakarisz 91e8ce62db Common: Freeze lists to tuples in agent configuration 2022-07-26 17:25:06 +03:00
vakarisz 43387dc1a5 Common: Use IJSONSerializable interface for credentials 2022-07-12 13:48:20 +03:00
Mike Salvatore 59a9aa8a53 Project: Ignore decorated Schema methods in credentials.py 2022-07-07 07:37:15 -04:00
Mike Salvatore 0be43157cf Common: Add PasswordSchema 2022-07-06 10:46:05 -04:00
Mike Salvatore 035734992c Island: Change parameter names in ICredentialsRepository.save_*() 2022-07-05 10:50:28 -04:00
Ilija Lazoroski 6695e5b4ac Island: Modify IStolenCredentialsRepository 
* Rename to ICredentialsRepository
* Add {get/remove/save}_{stolen/configured}_credentials
 2022-07-05 16:25:39 +02:00
Mike Salvatore a84220f343 Project: Remove nonexistant _make_agent_configuration from vulture 2022-07-01 13:10:01 -04:00
Mike Salvatore 0137c89158 Island: Add preliminary Simulation class 
Includes just the island's mode for now.
 2022-07-01 13:10:01 -04:00
Mike Salvatore d4c7b97229 Island: Add UNSET to IslandModeEnum 2022-06-30 13:12:26 -04:00
Mike Salvatore 13a7e4ea31 Project: Remove OperatingSystems enums from vulture allowlist 2022-06-27 09:37:20 -04:00
Mike Salvatore f25a81635c
Merge pull request #2030 from guardicore/1960-configuration-schema 
1960 configuration schema
 2022-06-17 10:31:56 -04:00
Mike Salvatore e0ae109368 Common: Add AgentConfiguration 2022-06-17 09:27:51 -04:00
Mike Salvatore a41b2e3ea4 Common: Add PropagationConfiguration 2022-06-17 09:04:00 -04:00
Mike Salvatore 9bbf5c8ae7 Common: Add NetworkScanConfiguration 2022-06-17 08:50:48 -04:00
Mike Salvatore 2c4069ae1b Project: Remove Meta, unknown from vulture_allowlist.py 
These are no longer needed after db9d57a526.
 2022-06-17 08:31:04 -04:00
Mike Salvatore 3c879f444d Common: Add ScanTargetConfigurationSchema 2022-06-17 08:30:42 -04:00
Mike Salvatore 7e9c481992 Common: Rename marshmallow post_load methods to be protected 2022-06-17 08:22:31 -04:00
Mike Salvatore 0b810f5d56 Common: Add TCPScanConfigurationSchema 2022-06-17 08:14:35 -04:00
Mike Salvatore afd3160c2f Common: Add ExploitationOptionsConfiguration 2022-06-16 20:20:35 -04:00
Mike Salvatore 70e8bca1ea Common: Use OperatingSystems enum in ExploiterConfigurationSchema 2022-06-16 20:20:35 -04:00
Mike Salvatore 9d73252ff5 Common: Add ExploiterConfiguration 2022-06-16 20:20:35 -04:00
Mike Salvatore bdad41057c Common: Add CustomPBAConfiguration 2022-06-16 20:20:35 -04:00
Mike Salvatore c79f62e682 Common: Add PluginConfiguration 2022-06-16 20:20:35 -04:00
Mike Salvatore c53864cdd7 Common: Add release_convention() 2022-06-16 09:26:04 -04:00
Shreya Malviya f989fdff06 Project: Remove `export_monkey_telems` from Vulture's allowlist 2022-06-10 12:10:52 -07:00
vakarisz faf2259c59 Island: Rename repository file names to snake case 2022-05-31 12:59:38 +03:00
vakarisz 1077a84623 Project: Ignore unused classes created for dal layer 2022-05-24 10:27:07 +03:00
Mike Salvatore 2804ba9b07 Island: Return AWSCommandResults from start_infection_monkey_agent() 2022-05-10 13:09:56 -04:00
Ilija Lazoroski 7baccefae1 Project: Remove WebLogic references 2022-04-11 11:58:24 +02:00
Mike Salvatore 1f5bb7efaf Merge pull request #1876 from guardicore/1869-remove-drupal 
Remove Drupal exploiter
 2022-04-10 09:45:24 -04:00
Ilija Lazoroski 3ecaff0686 Project: Remove Struts2 entry from vulture 2022-04-08 12:19:04 +02:00
Shreya Malviya 22e4e9c0ab Project: Remove constant DRUPAL from Vulture's allowlist 2022-04-08 13:49:22 +05:30
Mike Salvatore 9738430333 Project: Remove temporary agent-refactor vulture exceptions 2022-03-30 07:31:29 -04:00
Mike Salvatore 2c32c354ae Agent: Remove MockMaster 
This mock has outlived its usefulness and can now be removed.
 2022-03-30 07:20:37 -04:00
Shreya Malviya 99b621f2c8 Project: Add config's post_breach_actions to Vulture's allowlist 2022-03-30 12:29:27 +05:30
Shreya Malviya 1f2867a70a Project: Add ProcessListCollection to Vulture's allowlist 2022-03-29 14:20:29 +03:00
Mike Salvatore 4316329384 Project: Add strict_slashes to vulture_allowlist 2022-03-25 07:57:54 -04:00
Mike Salvatore a1d08abe19 Project: Rename EXPLOITED_* to PROPAGATED_* 
These states were renamed in 5e3829aab and 2c8aef6d8
 2022-03-25 07:57:54 -04:00
Mike Salvatore bfd9084ce1 Project: Add architecture parameter to vulture_allowlist 2022-03-16 13:39:39 -04:00
Mike Salvatore cd3f5e7f16 Project: Add get_file_sha256_hash() to vulture_allowlist.py 2022-03-16 13:38:33 -04:00
vakarisz 1d15288b64 Agent, Island: remove/rename system info collection infrastructure 
System info collectors got replaced with credential collectors. Infrastructure in the code needs to be renamed accordingly
 2022-03-01 14:54:20 +02:00
vakarisz afc98667c4 Island: remove unused "creds" properties from monkey model 2022-02-25 15:38:36 +02:00
Shreya Malviya a599edec15 Project: Remove ELASTIC exploiter descriptor enum from Vulture's allowlist 2022-02-24 15:12:00 +05:30
Ilija Lazoroski d8e203dd50 Project: Change readme and remove shellshock from vulture 2022-02-23 13:50:12 +01:00
Shreya Malviya fcfa01223d Project: Remove ProcessListCollector from Vulture allowlist 2022-02-16 17:06:17 +05:30
Ilija Lazoroski 7f6496b330 Island, UT: Remove system info AWS Collector 2022-02-14 12:00:08 +01:00
Shreya Malviya 9dc0a6ed6f Project: Remove removed Scoutsuite constants from Vulture allowlist 2022-02-09 14:27:20 +05:30
Shreya Malviya 2c88d6053c Project: Remove deleted constants from Vulture's allowlist 2022-02-01 16:40:06 +01:00
Ilija Lazoroski b5c51bedc1 Island, UT: Remove Bootloader endpoint 2022-02-01 15:32:13 +01:00
Ilija Lazoroski ff87252a24 Agent, Island: Remove MS08_67 exploiter 2022-01-31 11:11:33 +01:00
Mike Salvatore e1cf4fa9c2 Merge branch 'release/1.13.0' into agent-refactor 2022-01-25 13:35:49 -05:00
vakarisz a5a4957c29 Agent: small readability and style improvements 2022-01-18 15:01:47 +02:00
vakarisz 9d5ea0f41f Island: add log4shell issue processing and reporting 2022-01-06 12:26:00 +02:00
vakarisz c382987430 Project: vulture allow LDAPServerFactory.buildProtocol 2022-01-05 15:18:12 +02:00
Ilija Lazoroski c129e2f4b0 Project: Remove mysqlfinger references in Vulture 2021-12-14 14:54:20 +01:00
VakarisZ 4fdd3370ca Island, UI: implement the endpoint for stopping all monkeys, change the UI to call this endpoint and send a timestamp of button press 2021-12-08 14:48:57 +02:00
Mike Salvatore 137afa6473 Agent: Don't register new signal handler in monkey.py (for now) 
The signal handler is not quite ready for prime time. Issue #1595 and
issue #1597 will need to be resolved before the signal handler can be
fully ready. For now, don't register the signal handler.
 2021-11-24 13:46:18 -05:00
Shreya Malviya 7b0f08ee54 Agent: Finish implementing MockMaster 
Also modified ExploitTelem and PostBreachTelem internals, and
MockPuppet.
 2021-11-24 13:54:46 +05:30
Ilija Lazoroski 839024f243 Island: Fix formatting in config 2021-11-23 15:20:19 +01:00
Mike Salvatore 4fc484cd8d Agent: Add a preliminary MockPuppet implementation 2021-11-22 13:05:30 -05:00
VakarisZ a8d6f936f1 Agent, Island: remove hostname collector 2021-11-17 11:30:12 +02:00
VakarisZ 0175199540 Island, Agent: remove environment collector 2021-11-16 17:49:38 +02:00
VakarisZ f5c8db979f Project: remove remaining sambacry exploiter references in performance.py config template, vulture_allowlist.py and monkey_config_standard.json unit test data file 2021-11-10 15:44:05 +02:00
Shreya Malviya ee79ea0a9d Project: Remove variable 'VSFTPD' from Vulture's allowlist 2021-10-29 18:15:38 +05:30
VakarisZ 8b9ddb0c4b Removed unnecessary vulture ignores from whitelist 2021-09-28 11:04:42 +03:00
VakarisZ e6ad125be9 Change the telemetry model to have a method for fetching the telemetries based on queries. 
Telemetry code mainly uses queries and mongoengine has no good way of field encryption, that's why this method prefers to handle queries rather than Telemetry models
 2021-09-24 13:31:26 +03:00
VakarisZ c7e91c5784 Add report model and a unit test for it's encryption 2021-09-21 10:39:39 +03:00
Mike Salvatore 805ef70db1
Merge pull request #1425 from guardicore/powershell_exploiter 
PowerShell Remoting exploiter refactor
 2021-08-30 07:54:29 -04:00
Mike Salvatore 8aedc2c391 Agent: Add pyinstaller hooks for pypsrp 2021-08-25 14:44:31 -04:00
Ilija Lazoroski 5cee9443ff Zoo: Remove GCPHandler class. Powershell-3-47 renamed to 
Powershell-3-46. Powershell-45 moved to different zone
 2021-08-24 15:11:22 +02:00
Shreya Malviya b6c3623e74 agent, island, vulture: Update class name and text related to powershell exploiter to maintain consistency ('PowerShell Remoting') 2021-08-24 13:15:47 +05:30
VakarisZ 2b71fb80c7 Fixed missing powershell exploiter report components. 2021-08-24 11:40:39 +05:30