Ilija Lazoroski
ddaada1f09
Agent: Revise event publishing in SSHExploiter
2022-10-06 13:15:42 +02:00
vakarisz
2248bdcd67
Island: Add _get_node_by_id method to mongo_node_repository.py
2022-10-06 14:10:47 +03:00
Shreya Malviya
e2453e481c
Agent: Rename variables in HostExploiter
2022-10-06 16:38:42 +05:30
Kekoa Kaaikala
254b4e1c6c
Agent: Update publish methods to accept timestamp
2022-10-05 19:43:25 +00:00
Kekoa Kaaikala
12e9aaf42e
Agent: Add abstract properties for exploiter tags
2022-10-05 17:32:48 +00:00
Kekoa Kaaikala
95b1d9c62d
Agent: Remove target from publish methods
2022-10-05 15:57:15 +00:00
vakarisz
249950d602
Island: Improve tcp handler code and coverage
2022-10-05 17:07:19 +03:00
vakarisz
6c913895c5
Island: Add TCP connections to nodes based on TCP scan event
2022-10-05 15:33:16 +03:00
vakarisz
bbcdc1bef4
Island: Make upsert_node method public
...
Updating/inserting the node into the repository is required outside of repository itself.
2022-10-05 15:33:11 +03:00
Mike Salvatore
73a8c14397
Merge branch '2269-add-attack-technique-tags' into develop
...
PR #2394
2022-10-05 08:25:51 -04:00
Ilija Lazoroski
63f869d296
Project: Add common.tags and HostExploiter publish functions to Vulture
2022-10-05 14:21:23 +02:00
Mike Salvatore
82217b4094
Merge branch 2267-add-network-services into develop
...
PR #2398
2022-10-05 08:20:13 -04:00
Mike Salvatore
10e3c97489
Island: Use Tuple[SocketAddress] for tcp_connections
...
There are serialization issues when using FrozenSet because pydantic
converts the SocketAddress to a dict, which is not hashable. There are
probably ways to work around this, but it's not worth the effort at thsi
time. If performance becomes an issue (doubtful) we can revisit using a
frozenset instead.
2022-10-05 14:51:31 +03:00
Mike Salvatore
8799a60f47
Island: Fix serialization/deserialization of Machine.network_services
2022-10-05 14:51:30 +03:00
Mike Salvatore
d8cf5d33dd
Common: Extract MutableInfectionMonkeyModelConfig
2022-10-05 14:51:30 +03:00
Mike Salvatore
eb3daf84f1
Common: Use strings for NetworkService Enum values
2022-10-05 14:51:30 +03:00
Mike Salvatore
f6ed8a997c
Common: Rename NetworkServiceNameEnum -> NetworkService
...
"Name" and "Enum" are redundant in this case
2022-10-05 14:51:25 +03:00
vakarisz
8bf1d1f46f
Island, Common: Add services to machine.py
2022-10-05 14:51:01 +03:00
vakarisz
a390c97b70
Island: Add tcp_connections to node
2022-10-05 14:50:02 +03:00
vakarisz
80a095b657
Agent: Use NetworkPort instead of Port
2022-10-05 14:50:02 +03:00
Ilija Lazoroski
2ece91b9df
Agent: Rename event_queue to agent_event_queue in SSHCredentialCollector
2022-10-05 11:37:58 +02:00
Ilija Lazoroski
c7e2b91735
Agent: Rename event_queue to agent_event_queue in
...
MimikatzCredentialCollector
2022-10-05 11:34:50 +02:00
Ilija Lazoroski
19fcf8d053
Agent: Import attack technique tags from common in MimikatzCollector
2022-10-05 11:30:09 +02:00
Ilija Lazoroski
c8aee645fa
Agent: Import attack technique tags from common in SSHCollector
2022-10-05 11:24:52 +02:00
Ilija Lazoroski
491612f9e8
Common: Add T1005 and T1145 attack technique tags
2022-10-05 11:21:28 +02:00
Ilija Lazoroski
0ed167fb48
Agent: Import attack technique tags from common in Zerologon
2022-10-05 11:13:39 +02:00
Ilija Lazoroski
e46bb8964d
Common: Add T1003 and T1098 attack technique tags
2022-10-05 11:11:18 +02:00
Mike Salvatore
fd8ea53e8b
Merge branch '2269-remove-find_monkeys_in_db' into develop
...
PR #2391
2022-10-04 18:21:00 -04:00
Mike Salvatore
bbbb1ac773
Island: Remove disused LogBlackboxEndpoint
2022-10-04 16:30:13 -04:00
Mike Salvatore
6ae7676322
BB: Pass generator instead of list comprehension to all()
...
This will allow a short-circuit.
2022-10-04 16:30:13 -04:00
Mike Salvatore
b713cce893
Island: Remove /api/test/monkey endpoint
2022-10-04 16:30:13 -04:00
Kekoa Kaaikala
2bea619786
BB: Removed unused method and endpoint
2022-10-04 16:30:13 -04:00
Kekoa Kaaikala
e0c9717da9
BB: Update test_compabitiblity to use new api
2022-10-04 16:30:13 -04:00
Kekoa Kaaikala
73fbc22e3d
BB: Remove find_monkeys_in_db
2022-10-04 16:30:13 -04:00
Mike Salvatore
a691a16625
Merge pull request #2393 from guardicore/2269-update-hostexploiter
...
2269 update hostexploiter
2022-10-04 15:34:08 -04:00
Mike Salvatore
3172433410
Agent: Swap order of _publish_{propagation,exploitation}_event()
...
Putting _publish_exploitation_event() first puts the methods in both
alphabetical and chronological order.
2022-10-04 15:20:14 -04:00
Mike Salvatore
8e6a098a2e
Project: Add HostExploiter methods to vulture_allowlist.py
2022-10-04 15:18:12 -04:00
Kekoa Kaaikala
a07eadce60
Common: Add T1570 attack technique
2022-10-04 18:00:41 +00:00
Kekoa Kaaikala
d1a8ce2082
Common: Add T1210 tag
2022-10-04 17:58:33 +00:00
Kekoa Kaaikala
6a100105be
Common: Order attack tags alphanumerically
2022-10-04 17:58:23 +00:00
Ilija Lazoroski
8b4af5c349
Common: Fix typo in attack tags
2022-10-04 17:57:57 +00:00
Ilija Lazoroski
dd35bebb3e
Common: Add T1203 attack technique tag
2022-10-04 17:57:16 +00:00
Ilija Lazoroski
bb11ea7857
Common: Add attack tags
2022-10-04 17:56:49 +00:00
Kekoa Kaaikala
ee77eddaab
Agent: Fix tuple type hint
2022-10-04 17:50:39 +00:00
Kekoa Kaaikala
116ae90f3d
UT: Remove host exploiter tests
2022-10-04 17:45:30 +00:00
Kekoa Kaaikala
b94002a984
Agent: Make publish methods private
2022-10-04 17:44:37 +00:00
Ilija Lazoroski
8e161f0fd9
Agent: Accept tuple as tags to HostExploiter publish events methods
2022-10-04 17:36:27 +00:00
Ilija Lazoroski
95b3556cd0
Agent: Exploiter name when publishing events to be __class__.__name__
2022-10-04 17:36:05 +00:00
Kekoa Kaaikala
a79d40b42e
UT: Fix powershell tests
2022-10-04 17:35:33 +00:00
Kekoa Kaaikala
3e86766aaf
Agent: Use default value for exploiter name
2022-10-04 17:35:05 +00:00