p17860254
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
9,771 Commits 31 Branches 0 Tags 47 MiB
Commit Graph

9771 Commits

Author SHA1 Message Date
Shreya Malviya 95a3be0273 UT: Add test to check CredentialStolenEvent is published in MimikatzCredentialCollector 2022-08-17 11:47:52 +05:30
Shreya Malviya f453ff21fd UT: Pass event queue to MimikatzCredentialCollector's constructor in tests 2022-08-17 11:47:52 +05:30
Shreya Malviya c8a2c2156b Agent: Fix variable name in MimikatzCredentialCollector 2022-08-17 11:47:51 +05:30
Shreya Malviya 56770d25c6 Agent: Publish credentials stolen event in MimikatzCredentialCollector 2022-08-17 11:47:51 +05:30
Shreya Malviya e03f140749 Agent: Add function to publish credentials stolen event in Mimikatz credential collector 2022-08-17 11:47:51 +05:30
Shreya Malviya b5058ce611 Agent: Add event tag constants for Mimikatz credential collector 2022-08-17 11:47:51 +05:30
Shreya Malviya d745e10bf1 Agent: Accept event queue in Mimikatz collector's constructor 2022-08-17 11:47:51 +05:30
Mike Salvatore 2edaf52140
Merge pull request #2196 from guardicore/2176-modify-ssh-collector-for-events 
2176 modify ssh collector for events
 2022-08-16 12:41:14 -04:00
Ilija Lazoroski eec48e9cd8 Agent: Remove target from SSHCredentialCollector event construction 2022-08-16 17:31:02 +02:00
Ilija Lazoroski 205ff84b31 Common: Add defaults for each argument in AbstractEvent 2022-08-16 17:30:30 +02:00
Ilija Lazoroski b3d37d9223 Agent: Change SSHCredentialCollector tag to lowercase 2022-08-16 17:27:43 +02:00
Ilija Lazoroski 5466bd5dba UT: Remove unneeded fixture in SSHCredentialCollector tests 2022-08-16 17:26:25 +02:00
Ilija Lazoroski 142136dd41 Agent: Remove duplication in SSHCredentialCollector 2022-08-16 17:14:37 +02:00
Ilija Lazoroski d38a386f67 Agent: Add prefix `attack-` to attack tecniques tags 2022-08-16 14:25:28 +02:00
Ilija Lazoroski c18ceff85d Agent: Remove unneeded variable in SSHCredentialCollector 2022-08-16 14:24:26 +02:00
Ilija Lazoroski ea9082d412 Agent: Remove hack_event from CredentialsStolenEvent 2022-08-16 14:23:25 +02:00
Mike Salvatore 1d79d98689 Agent: Rename credentials_store -> propagation_credentials_repository 2022-08-16 08:17:04 -04:00
Ilija Lazoroski c3557caf1c Agent: Add _ATTACK_TECHNIQUE_ to attack_technique tags 2022-08-16 14:11:16 +02:00
Ilija Lazoroski fdd0368837 Agent: Extract SSH collector tags into constants 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 706a626d24 Agent: Move subscribtion to a separate method for readability 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 2a94a67767 Agent: Rename usr_info to user_info in ssh_handler 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 88bb856859 Common: Reorder params in docstring AbstractEvent 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 8f5681b1df Agent: Init a callable class and subscribe to it 2022-08-16 11:58:53 +02:00
Ilija Lazoroski d672fcfffe Agent: Fix a typo in ssh_handler 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 03d569cc00 Agent: Init SSHCredentialCollector with an IEventQueue 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 4aa71cba7e Agent: Remove default values from CredentialsStolenEvent creation 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 486a7a9225 Common: Use a temporary hack to define non-defaults from a inherited class event 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 5f631a78f7 Agent: Remove IGUID from config 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 39f07603a7 Agent: Define integer GUID and use it in ssh_handler 2022-08-16 11:58:53 +02:00
Ilija Lazoroski b22ccdb942 Agent: Publish CredentialsStolenEvent each time we find a SSHKeypair 2022-08-16 11:58:53 +02:00
Ilija Lazoroski e439a53bde UT: Fix SSHCredentialCollector test to accept IEventQueue 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 2610666f93 Agent: Publish an CredentialsStolenEvent from SSHCredentialCollector 2022-08-16 11:58:53 +02:00
Ilija Lazoroski 4952a544c0 Agent: Accept IEventQueue in SSHCollector constructor 2022-08-16 11:58:53 +02:00
Mike Salvatore d09c1a689e
Merge pull request #2200 from guardicore/2191-fix-credentials-repository-get 
2191 fix credentials repository get
 2022-08-15 15:45:03 -04:00
Kekoa Kaaikala e4f7707b66 Agent: Return credentials when credentials propagation fails 2022-08-15 19:25:54 +00:00
Kekoa Kaaikala 9e6a569393 Agent: Update credentials repository to cache per-instance 2022-08-15 19:25:54 +00:00
Mike Salvatore 500eeeb582
Merge pull request #2194 from guardicore/2191-trailing-url-slashes 
Island: Remove trailing slashes before registering a URL
 2022-08-15 14:25:28 -04:00
Kekoa Kaaikala a67a4418c9 Island: Remove PropagationCredentials URL trailing slash 2022-08-15 18:04:56 +00:00
Mike Salvatore 96f794e192 UT: Mark TestEvent* classes with `__test__ = False` 2022-08-15 14:04:09 -04:00
Kekoa Kaaikala 19df4d9755 Island: Enforce "no trailing slash" rule for URLs 2022-08-15 18:01:32 +00:00
Mike Salvatore 4e9aa62c61
Merge pull request #2195 from guardicore/refactor-island-boot 
Refactor island boot
 2022-08-15 08:35:00 -04:00
Mike Salvatore 01e886f866 Project: Remove step in travis build to upgrade pipenv 
It seems that every time a new version of pipenv is released it breaks
travis. For the moment, it seems that the magic combination is to
upgrade pip but not upgrade pipenv.

I've been unable to reproduce the issue outside of any environment other
than Travis CI.

Once we split our project up into multiple repos, we should strongly
consider switching to poetry.
 2022-08-15 08:23:17 -04:00
Mike Salvatore 879f809aa4 Project: Use the latest pip in travis build 2022-08-15 07:37:36 -04:00
Mike Salvatore fae4247505 Project: Add special `fix-travis` branch to travis build list 
When attempting to fix an issue with travis, it's important to actually
run travis. In order to do this without a pull request, I've added a
special `fix-travis` branch to the list of branches travis is allowed to
build.
 2022-08-15 07:34:39 -04:00
Mike Salvatore 9f89d3f508
Merge pull request #2193 from guardicore/2176-stolen-credentials-subscriber 
2176 stolen credentials subscriber
 2022-08-15 07:26:18 -04:00
Ilija Lazoroski f6712c5f84 Agent: Subscribe CredentialsStolenEvent to the EventQueue 2022-08-15 10:02:00 +02:00
Ilija Lazoroski b3ac7a6538 UT: Add tests for adding credentials from event to repository 2022-08-15 09:30:04 +02:00
Ilija Lazoroski db8e1e50da Agent: Add add_credentials_from_event_to_propagation_credentials_repository 
Callable class that adds credentials to the propagation credentials
repository
 2022-08-15 09:30:04 +02:00
Mike Salvatore d6e0b03a64 Island: Move island log file registration to setup_server.py 2022-08-12 12:02:23 -04:00
Mike Salvatore fdc041ead6 Island: Only call get_ip_addresses() once in server_setup.py 2022-08-12 11:57:31 -04:00