p17860254
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
9,865 Commits 31 Branches 0 Tags 47 MiB
Commit Graph

9865 Commits

Author SHA1 Message Date
Ilija Lazoroski 23604009a0 Common: Fix hint in IEventSerializer 2022-08-18 09:32:02 +02:00
Ilija Lazoroski 20f529d6a2 UT: Separate mimikatz credentials stolen event test 2022-08-18 09:22:59 +02:00
Kekoa Kaaikala 4f776f0102 UI: Add field for ransomed file extension 2022-08-17 20:10:23 +00:00
Shreya Malviya 132f3a3473 Project: Add event serializer entries to Vulture allowlist 2022-08-17 21:31:35 +05:30
Shreya Malviya 141c766b51 Common: Add EventSerializerRegistry 2022-08-17 21:29:06 +05:30
Shreya Malviya 0b9191ca43 Common: Add IEventSerializer to common/event_serializers/__init__.py 2022-08-17 21:28:33 +05:30
Kekoa Kaaikala 639fb26445 Agent: Improve the speed of bit flipping code 
- Remove a function call
- Use a generator
- Use a more efficient flip calculation (subtraction instead of xor)

Issue #2123
 2022-08-17 10:52:57 -04:00
Mike Salvatore 8b32e6d7a5
Merge pull request #2203 from guardicore/build-downgrade-pipenv 
Build: Downgrade pipenv to use 2022.7.4
 2022-08-17 09:01:07 -04:00
Ilija Lazoroski 8355d9e68a Buid: Export CI to get rid of nasty characters 2022-08-17 09:00:44 -04:00
Ilija Lazoroski a96efcdc7d Build: Downgrade pipenv to use 2022.7.4 
It seems that every time a new version of pipenv is released, it breaks
our build. See also 01e886f866.
 2022-08-17 08:59:51 -04:00
Shreya Malviya 6722057491 Agent: Use existing patch function in test_pypykatz_result_parsing_no_secrets 2022-08-17 18:03:07 +05:30
Shreya Malviya c09adfb01b Common: Add IEventSerializer 2022-08-17 17:57:28 +05:30
Mike Salvatore 85875e3323
Merge pull request #2198 from guardicore/2176-modify-zerologon-to-publish-events 
2176 modify zerologon to publish events
 2022-08-17 08:08:45 -04:00
Shreya Malviya 4334740002 UT: Simplify test_mimikatz_credentials_stolen_event_published 2022-08-17 17:31:06 +05:30
Shreya Malviya 2c3b29493f Agent: Define SSH_COLLECTOR_EVENT_TAGS as a frozenset 2022-08-17 17:29:48 +05:30
Shreya Malviya 5747c2e8b4 UT: Update MimikatzCredentialCollector test now that MIMIKATZ_EVENT_TAGS is a frozenset 2022-08-17 17:28:44 +05:30
Shreya Malviya 3dca01d5d5 Agent: Define MIMIKATZ_EVENT_TAGS as a frozenset 2022-08-17 17:28:18 +05:30
Shreya Malviya a3ddd6fb42 Common: Create directory and files for event serializer 2022-08-17 17:25:44 +05:30
Ilija Lazoroski 69e1f21312 Agent: Use frozenset for zerologon event tags 2022-08-17 13:45:13 +02:00
Ilija Lazoroski 74b9dd58fc Agent: Add _ATTACK_TECHNIQUE to zerologon technique tags 2022-08-17 12:11:23 +02:00
Shreya Malviya f9f3daffa7 UT: Add missing type hint to event_queue_subscriber fixture 2022-08-17 14:48:16 +05:30
Shreya Malviya f510b89c08 UT: Move event_queue_subscriber fixture back to test_pypubsub_event_queue.py 2022-08-17 14:46:54 +05:30
Shreya Malviya 11901b1835 UT: Simplify variable logic in MimikatzCredentialCollector's event publishing test 2022-08-17 14:44:43 +05:30
Shreya Malviya eb17b20625 UT: Simplify MimikatzCredentialCollector's event publishing test 2022-08-17 14:41:26 +05:30
Shreya Malviya 8f789b9d60 Agent: Remove unneeded argument passed to CredentialsStolenEvent in MimikatzCredentialCollector 2022-08-17 11:52:02 +05:30
Shreya Malviya 7faf6d3ecf Agent: Modify Mimikatz credential collector's attack technique tags' strings 2022-08-17 11:50:38 +05:30
Shreya Malviya 457cc6be27 Agent: Modify Mimikatz credential collector tag string 2022-08-17 11:49:43 +05:30
Shreya Malviya a0cf3d65f4 Agent: Rename variable in SSH handler 2022-08-17 11:48:35 +05:30
Shreya Malviya 140967b05f UT: Use event_queue_subscriber fixture in MimikatzCredentialCollector tests 2022-08-17 11:47:52 +05:30
Shreya Malviya b6c7001294 UT: Use event_queue_subscriber fixture in PyPubSubEventQueue tests 2022-08-17 11:47:52 +05:30
Shreya Malviya 2fbe9f3a4a UT: Create event_queue_subscriber fixture 2022-08-17 11:47:52 +05:30
Shreya Malviya b7ada959fa UT: Simplify MimikatzCredentialCollector's event publishing test 2022-08-17 11:47:52 +05:30
Shreya Malviya 95a3be0273 UT: Add test to check CredentialStolenEvent is published in MimikatzCredentialCollector 2022-08-17 11:47:52 +05:30
Shreya Malviya f453ff21fd UT: Pass event queue to MimikatzCredentialCollector's constructor in tests 2022-08-17 11:47:52 +05:30
Shreya Malviya c8a2c2156b Agent: Fix variable name in MimikatzCredentialCollector 2022-08-17 11:47:51 +05:30
Shreya Malviya 56770d25c6 Agent: Publish credentials stolen event in MimikatzCredentialCollector 2022-08-17 11:47:51 +05:30
Shreya Malviya e03f140749 Agent: Add function to publish credentials stolen event in Mimikatz credential collector 2022-08-17 11:47:51 +05:30
Shreya Malviya b5058ce611 Agent: Add event tag constants for Mimikatz credential collector 2022-08-17 11:47:51 +05:30
Shreya Malviya d745e10bf1 Agent: Accept event queue in Mimikatz collector's constructor 2022-08-17 11:47:51 +05:30
Ilija Lazoroski 3a9830415c Agent: Use default target for ZerologonExploiter event 2022-08-17 00:58:45 +02:00
Ilija Lazoroski f8b56dd171 Agent: Add T1098 (Account Manipulation) to ZerologonExploiter 2022-08-17 00:58:45 +02:00
Ilija Lazoroski 3c8091d242 Agent: Add T1003 tag to zerologon exploiter 2022-08-17 00:58:45 +02:00
Ilija Lazoroski b0f76383c4 Agent: Change zerologon tag to `zerologon-exploiter 
`
 2022-08-17 00:58:45 +02:00
Ilija Lazoroski 550c7465fa Agent: Add IEventQueue to ExploitWrapper 2022-08-17 00:58:45 +02:00
Ilija Lazoroski d400fcb215 Agent: Extract zerologon tags into constant 2022-08-17 00:58:45 +02:00
Ilija Lazoroski aaef2f1f81 UT: Fix Powershell tests to accept IEventQueue 2022-08-17 00:58:45 +02:00
Ilija Lazoroski 76bbe62c3b Agent: Modify Zerologon to publish CredentialsStolenEvent 2022-08-17 00:55:09 +02:00
Ilija Lazoroski f171e548f3 Agent: Modify exploiter wrapper to accept IEventQueue 2022-08-17 00:55:09 +02:00
Ilija Lazoroski c6cb477474 Agent: Add event_queue to the exploit_host in HostExploiter 2022-08-17 00:55:09 +02:00
Ilija Lazoroski fb0f7c86af Agent: Remove usage of CredentialsInterceptingTelemetryMessenger 2022-08-17 00:24:59 +02:00