From 836069ab117644a0070fba319d9bfd1e6d5d1d85 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Wed, 22 Sep 2021 16:10:13 +0530 Subject: [PATCH] island: Change config schema definitions' titles to title case and so they make more sense --- .../definitions/exploiter_classes.py | 2 +- .../definitions/finger_classes.py | 16 +++++++------- .../definitions/post_breach_actions.py | 22 +++++++++---------- .../system_info_collector_classes.py | 12 +++++----- 4 files changed, 25 insertions(+), 27 deletions(-) diff --git a/monkey/monkey_island/cc/services/config_schema/definitions/exploiter_classes.py b/monkey/monkey_island/cc/services/config_schema/definitions/exploiter_classes.py index 9a7922a0f..981756bc7 100644 --- a/monkey/monkey_island/cc/services/config_schema/definitions/exploiter_classes.py +++ b/monkey/monkey_island/cc/services/config_schema/definitions/exploiter_classes.py @@ -1,7 +1,7 @@ from monkey_island.cc.services.utils.typographic_symbols import WARNING_SIGN EXPLOITER_CLASSES = { - "title": "Exploit class", + "title": "Exploiters", "description": "Click on exploiter to get more information about it." + WARNING_SIGN + " Note that using unsafe exploits may cause crashes of the exploited " diff --git a/monkey/monkey_island/cc/services/config_schema/definitions/finger_classes.py b/monkey/monkey_island/cc/services/config_schema/definitions/finger_classes.py index 2a617e011..6389f1b13 100644 --- a/monkey/monkey_island/cc/services/config_schema/definitions/finger_classes.py +++ b/monkey/monkey_island/cc/services/config_schema/definitions/finger_classes.py @@ -1,5 +1,5 @@ FINGER_CLASSES = { - "title": "Fingerprint class", + "title": "Fingerprinters", "description": "Fingerprint modules collect info about external services " "Infection Monkey scans.", "type": "string", @@ -7,7 +7,7 @@ FINGER_CLASSES = { { "type": "string", "enum": ["SMBFinger"], - "title": "SMBFinger", + "title": "SMB Fingerprinter", "safe": True, "info": "Figures out if SMB is running and what's the version of it.", "attack_techniques": ["T1210"], @@ -15,7 +15,7 @@ FINGER_CLASSES = { { "type": "string", "enum": ["SSHFinger"], - "title": "SSHFinger", + "title": "SSH Fingerprinter", "safe": True, "info": "Figures out if SSH is running.", "attack_techniques": ["T1210"], @@ -23,21 +23,21 @@ FINGER_CLASSES = { { "type": "string", "enum": ["PingScanner"], - "title": "PingScanner", + "title": "Ping Scanner", "safe": True, "info": "Tries to identify if host is alive and which OS it's running by ping scan.", }, { "type": "string", "enum": ["HTTPFinger"], - "title": "HTTPFinger", + "title": "HTTP Fingerprinter", "safe": True, "info": "Checks if host has HTTP/HTTPS ports open.", }, { "type": "string", "enum": ["MySQLFinger"], - "title": "MySQLFinger", + "title": "MySQL Fingerprinter", "safe": True, "info": "Checks if MySQL server is running and tries to get it's version.", "attack_techniques": ["T1210"], @@ -45,7 +45,7 @@ FINGER_CLASSES = { { "type": "string", "enum": ["MSSQLFinger"], - "title": "MSSQLFinger", + "title": "MSSQL Fingerprinter", "safe": True, "info": "Checks if Microsoft SQL service is running and tries to gather " "information about it.", @@ -54,7 +54,7 @@ FINGER_CLASSES = { { "type": "string", "enum": ["ElasticFinger"], - "title": "ElasticFinger", + "title": "Elastic Fingerprinter", "safe": True, "info": "Checks if ElasticSearch is running and attempts to find it's " "version.", "attack_techniques": ["T1210"], diff --git a/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py b/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py index be1aa802b..7d62ac36e 100644 --- a/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py +++ b/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py @@ -1,14 +1,13 @@ POST_BREACH_ACTIONS = { - "title": "Post breach actions", + "title": "Post-Breach Actions", "description": "Runs scripts/commands on infected machines. These actions safely simulate what " - "an adversary" - "might do after breaching a new machine. Used in ATT&CK and Zero trust reports.", + "an adversary might do after breaching a new machine. Used in ATT&CK and Zero trust reports.", "type": "string", "anyOf": [ { "type": "string", "enum": ["CommunicateAsBackdoorUser"], - "title": "Communicate as backdoor user", + "title": "Communicate as Backdoor User", "safe": True, "info": "Attempts to create a new user, create HTTPS requests as that " "user and delete the user " @@ -18,7 +17,7 @@ POST_BREACH_ACTIONS = { { "type": "string", "enum": ["ModifyShellStartupFiles"], - "title": "Modify shell startup files", + "title": "Modify Shell Startup Files", "safe": True, "info": "Attempts to modify shell startup files, like ~/.profile, " "~/.bashrc, ~/.bash_profile " @@ -29,7 +28,7 @@ POST_BREACH_ACTIONS = { { "type": "string", "enum": ["HiddenFiles"], - "title": "Hidden files and directories", + "title": "Hidden Files and Directories", "safe": True, "info": "Attempts to create a hidden file and remove it afterward.", "attack_techniques": ["T1158"], @@ -37,11 +36,10 @@ POST_BREACH_ACTIONS = { { "type": "string", "enum": ["TrapCommand"], - "title": "Trap", + "title": "Trap Command", "safe": True, "info": "On Linux systems, attempts to trap a terminate signal in order " - "to execute a command " - "upon receiving that signal. Removes the trap afterwards.", + "to execute a command upon receiving that signal. Removes the trap afterwards.", "attack_techniques": ["T1154"], }, { @@ -57,7 +55,7 @@ POST_BREACH_ACTIONS = { { "type": "string", "enum": ["ScheduleJobs"], - "title": "Job scheduling", + "title": "Job Scheduling", "safe": True, "info": "Attempts to create a scheduled job on the system and remove it.", "attack_techniques": ["T1168", "T1053"], @@ -74,7 +72,7 @@ POST_BREACH_ACTIONS = { { "type": "string", "enum": ["SignedScriptProxyExecution"], - "title": "Signed script proxy execution", + "title": "Signed Script Proxy Execution", "safe": False, "info": "On Windows systems, attempts to execute an arbitrary file " "with the help of a pre-existing signed script.", @@ -91,7 +89,7 @@ POST_BREACH_ACTIONS = { { "type": "string", "enum": ["ClearCommandHistory"], - "title": "Clear command history", + "title": "Clear Command History", "safe": False, "info": "Attempts to clear the command history.", "attack_techniques": ["T1146"], diff --git a/monkey/monkey_island/cc/services/config_schema/definitions/system_info_collector_classes.py b/monkey/monkey_island/cc/services/config_schema/definitions/system_info_collector_classes.py index 9a4a39050..072640352 100644 --- a/monkey/monkey_island/cc/services/config_schema/definitions/system_info_collector_classes.py +++ b/monkey/monkey_island/cc/services/config_schema/definitions/system_info_collector_classes.py @@ -15,7 +15,7 @@ SYSTEM_INFO_COLLECTOR_CLASSES = { { "type": "string", "enum": [ENVIRONMENT_COLLECTOR], - "title": "Environment collector", + "title": "Environment Collector", "safe": True, "info": "Collects information about machine's environment (on " "premise/GCP/AWS).", "attack_techniques": ["T1082"], @@ -23,7 +23,7 @@ SYSTEM_INFO_COLLECTOR_CLASSES = { { "type": "string", "enum": [MIMIKATZ_COLLECTOR], - "title": "Mimikatz collector", + "title": "Mimikatz Collector", "safe": True, "info": "Collects credentials from Windows credential manager.", "attack_techniques": ["T1003", "T1005"], @@ -31,7 +31,7 @@ SYSTEM_INFO_COLLECTOR_CLASSES = { { "type": "string", "enum": [AWS_COLLECTOR], - "title": "AWS collector", + "title": "AWS Collector", "safe": True, "info": "If on AWS, collects more information about the AWS instance " "currently running on.", @@ -40,7 +40,7 @@ SYSTEM_INFO_COLLECTOR_CLASSES = { { "type": "string", "enum": [HOSTNAME_COLLECTOR], - "title": "Hostname collector", + "title": "Hostname Collector", "safe": True, "info": "Collects machine's hostname.", "attack_techniques": ["T1082", "T1016"], @@ -48,7 +48,7 @@ SYSTEM_INFO_COLLECTOR_CLASSES = { { "type": "string", "enum": [PROCESS_LIST_COLLECTOR], - "title": "Process list collector", + "title": "Process List Collector", "safe": True, "info": "Collects a list of running processes on the machine.", "attack_techniques": ["T1082"], @@ -56,7 +56,7 @@ SYSTEM_INFO_COLLECTOR_CLASSES = { { "type": "string", "enum": [AZURE_CRED_COLLECTOR], - "title": "Azure credential collector", + "title": "Azure Credential Collector", "safe": True, "info": "Collects password credentials from Azure VMs", "attack_techniques": ["T1003", "T1005"],