Merge branch 'develop' into 764/swimm-tutorials

This commit is contained in:
Shay Nehmad 2020-08-17 16:33:00 +03:00
commit f040b0219d
28 changed files with 564 additions and 222 deletions

View File

@ -1,15 +1,20 @@
# What is this? # What does this PR do?
Fixes #`put issue number here`. Fixes #`put issue number here`.
Add any further explanations here. Add any further explanations here.
## Checklist ## PR Checklist
* [ ] Have you added an explanation of what your changes do and why you'd like to include them? * [ ] Have you added an explanation of what your changes do and why you'd like to include them?
* [ ] Have you successfully tested your changes locally?
* [ ] Is the TravisCI build passing? * [ ] Is the TravisCI build passing?
## Proof that it works ## Testing Checklist
If applicable, add screenshots or log transcripts of the feature working
* [ ] Added relevant unit tests?
* [ ] Have you successfully tested your changes locally? Elaborate:
> Tested by {Running the Monkey locally with relevant config/running Island/...}
* [ ] If applicable, add screenshots or log transcripts of the feature working
## Explain Changes
## Changes
Are the commit messages enough? If not, elaborate. Are the commit messages enough? If not, elaborate.

View File

@ -51,17 +51,16 @@ The Infection Monkey uses the following techniques and exploits to propagate to
* SambaCry * SambaCry
* Elastic Search (CVE-2015-1427) * Elastic Search (CVE-2015-1427)
* Weblogic server * Weblogic server
* and more * and more, see our [Documentation hub](https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/) for more information about our RCE exploiters.
## Setup ## Setup
Check out the [Setup](https://github.com/guardicore/monkey/wiki/setup) page in the Wiki or a quick getting [started guide](https://www.guardicore.com/infectionmonkey/wt/). Check out the [Setup](https://www.guardicore.com/infectionmonkey/docs/setup/) page in the Wiki or a quick getting [started guide](https://www.guardicore.com/infectionmonkey/docs/usage/getting-started/).
The Infection Monkey supports a variety of platforms, documented [in the wiki](https://github.com/guardicore/monkey/wiki/OS-compatibility). The Infection Monkey supports a variety of platforms, documented [in our documentation hub](https://www.guardicore.com/infectionmonkey/docs/reference/operating_systems_support/).
## Building the Monkey from source ## Building the Monkey from source
To deploy development version of monkey you should refer to readme in the [deployment scripts](deployment_scripts) folder. To deploy development version of monkey you should refer to readme in the [deployment scripts](deployment_scripts)
If you only want to build the monkey from source, see [Setup](https://github.com/guardicore/monkey/wiki/Setup#compile-it-yourself) folder or follow documentation in [documentation hub](https://www.guardicore.com/infectionmonkey/docs/development/setup-development-environment/).
and follow the instructions at the readme files under [infection_monkey](monkey/infection_monkey) and [monkey_island](monkey/monkey_island).
### Build status ### Build status
| Branch | Status | | Branch | Status |

View File

@ -14,11 +14,11 @@ To extract the `tar.gz` file, run `tar -xvzf monkey-island-docker.tar.gz`.
Once youve extracted the container from the tar.gz file, run the following commands: Once youve extracted the container from the tar.gz file, run the following commands:
```sh ```sh
sudo docker load -i dk.monkeyisland.latest.tar sudo docker load -i dk.monkeyisland.1.9.0.tar
sudo docker pull mongo sudo docker pull mongo
sudo mkdir -p /var/monkey-mongo/data/db sudo mkdir -p /var/monkey-mongo/data/db
sudo docker run --name monkey-mongo --network=host -v /var/monkey-mongo/data/db:/data/db -d mongo sudo docker run --name monkey-mongo --network=host -v /var/monkey-mongo/data/db:/data/db -d mongo
sudo docker run --name monkey-island --network=host -d guardicore/monkey-island:1.8.2 sudo docker run --name monkey-island --network=host -d guardicore/monkey-island:1.9.0
``` ```
## Upgrading ## Upgrading

View File

@ -35,6 +35,24 @@ sha256sum monkey-linux-64
## Latest version checksums ## Latest version checksums
| Filename | Type | Version | SHA256 hash |
|-|-|-|-|
monkey-windows-64.exe | Windows Agent | 1.9.0 | `24622cb8dbabb0cf4b25ecd3c13800c72ec5b59b76895b737ece509640d4c068`
monkey-windows-32.exe | Windows Agent | 1.9.0 | `67f12171c3859a21fc8f54c5b2299790985453e9ac028bb80efc7328927be3d8`
monkey-linux-64 | Linux Agent | 1.9.0 | `aec6b14dc2bea694eb01b517cca70477deeb695f39d40b1d9e5ce02a8075c956`
monkey-linux-32 | Linux Agent | 1.9.0 | `4c24318026239530ed2437bfef1a01147bb1f3479696eb4eee6009326ce6b380`
infection_monkey_deb.tgz | Debian Package | 1.9.0 | `33c23ddae283e3aafe965d264bc88464b66db3dd6874fd7e5cbcd4e931b3bb25`
infection_monkey_debzt.tgz | Debian Package | 1.9.0 | `cc53fe9632f44248357d6bd20cf8629be9baf8688468fa6d3e186dcebf10cef6`
Monkey Island v1.9.0_3546_windows.exe | Windows Installer | 1.9.0 | `371f6d25e8cb16ea7ebdfd367092ee65b33db2ec35b44d96705716641eaa59e8`
Monkey Island v1.9.0_3546_windowszt.exe | Windows Installer | 1.9.0 | `662c611fb83bb8c7ef5f99c5d5ae04f5758727c688238d6a3cd4c58675581695`
infection_monkey_docker_docker_20200806_153913.tgz | Docker | 1.9.0 | `5da11c539045a395ced5dd572d331c4f0e9315a3ee192c06279ff4fef668b96e`
infection_monkey_docker_dockerzt_20200806_154742.tgz | Docker | 1.9.0 | `a84dbaad32ae42cc2d359ffbe062aec493a7253cf706a2d45f0d0b1c230f9348`
monkey-island-vmware.ova | OVA | 1.9.0 | `3861d46518e8a92e49992b26dbff9fe8e8a4ac5fd24d68e68b13e7fd3fa22247`
monkey-island-vmwarezt.ova | OVA | 1.9.0 | `03d356eb35e6515146f5bd798bb62cb15c56fcdf83a5281cf6cdc9b901586026`
## Older checksums
| Filename | Type | Version | SHA256 hash | | Filename | Type | Version | SHA256 hash |
|-|-|-|-| |-|-|-|-|
monkey-windows-64.exe | Windows Agent | 1.8.2 | `2e6a1cb5523d87ddfd48f75b10114617343fbac8125fa950ba7f00289b38b550` monkey-windows-64.exe | Windows Agent | 1.8.2 | `2e6a1cb5523d87ddfd48f75b10114617343fbac8125fa950ba7f00289b38b550`
@ -46,9 +64,15 @@ Monkey Island v1.8.2_3536_windows.exe | Windows Installer | 1.8.2 | `2be528685d6
Monkey Island v1.8.2_3536_windowszt.exe | Windows Installer | 1.8.2 | `f282ce4dd50abe54671948fb5b3baf913087459444e451660971290a72fe244a` Monkey Island v1.8.2_3536_windowszt.exe | Windows Installer | 1.8.2 | `f282ce4dd50abe54671948fb5b3baf913087459444e451660971290a72fe244a`
infection_monkey_docker_docker_20200607_172156.tgz | Docker | 1.8.2 | `0e4bc731ef7e8bf19b759709672375890136c008526be454850d334d9ba5012d` infection_monkey_docker_docker_20200607_172156.tgz | Docker | 1.8.2 | `0e4bc731ef7e8bf19b759709672375890136c008526be454850d334d9ba5012d`
infection_monkey_docker_dockerzt_20200607_172521.tgz | Docker | 1.8.2 | `0f4b0cd6fd54dc14ea50c5d2fb3fc711e9863518bd5bffd04e08a0f17eb99e75` infection_monkey_docker_dockerzt_20200607_172521.tgz | Docker | 1.8.2 | `0f4b0cd6fd54dc14ea50c5d2fb3fc711e9863518bd5bffd04e08a0f17eb99e75`
monkey-windows-64.exe | Windows Agent | 1.8.0 | `f0bc144ba4ff46094225adaf70d3e92e9aaddb13b59e4e47aa3c2b26fd7d9ad7`
## All checksums monkey-windows-32.exe | Windows Agent | 1.8.0 | `1ddb093f9088a4d4c0af289ff568bbe7a0d057e725e6447055d4fe6c5f4e2c08`
monkey-linux-64 | Linux Agent | 1.8.0 | `d41314e5df72d5a470974522935c0b03dcb1c1e6b094d4ab700b04d5fec59ae6`
### 1.8.0 and older monkey-linux-32 | Linux Agent | 1.8.0 | `217cc2b9481f6454fa0a13adf12d9b29ce4e1e6a319971c8db9b446952ce3fb2`
infection_monkey_deb.tgz | Debian Package | 1.8.0 | `9c5254583ce786768ea55df8063152bd19e0f21a83e6f4f873c5dccc5a1c9d5e`
You can find all these checksums in [this page](https://www.guardicore.com/infectionmonkey/checksums.html). infection_monkey_debzt.tgz | Debian Package | 1.8.0 | `90A0824EC98680944B15B86CF5CFA09D48EDA406300C4CAE54432DB05F486D07`
Monkey Island v1.8.0_3513_windows.exe | Windows Installer | 1.8.0 | `ce9a9d0539c14ebe2a10cf3b36991b309abd7b62dd7fb7522a549d8987b0f0f4`
Monkey Island v1.8.0_3514_windowszt.exe | Windows Installer | 1.8.0 | `0b535a802ac43455d702b45673859b940c1feb7702b46a6a2cbc699672b0c89d`
infection_monkey_docker_docker_20200330_201419.tgz | Docker | 1.8.0 | `4f15a5008e43d8c5184456771dd9e8d70104b4ec79e34b53d230662604a7d190`
infection_monkey_docker_dockerzt_20200401_174529.tgz | Docker | 1.8.0 | `d94404134d879f3d859c77454df4abd0dbca00b8cae4b1c52d3b38e847f34e4c`
monkey-island-vmware.ova | OVA | 1.8.0 | `6BC4E85A0EA81045BD88E2D5A9F98F0DD40DE99E94D1E343D13FA418045A6915`
monkey-island-vmwarezt.ova | OVA | 1.8.0 | `79A043D85521F94024F8B0428A7A33B4D3F5B13F9D2B83F72C73C8D0BB12ED91`

View File

@ -18,13 +18,14 @@ Watch an overview video:
The MITRE ATT&CK report is centred around the ATT&CK matrix: The MITRE ATT&CK report is centred around the ATT&CK matrix:
![MITRE Report](/images/usage/reports/mitre-report-0.jpg "MITRE Report") ![MITRE Report](/images/usage/reports/mitre-report-0.png "MITRE Report")
The Monkey rates your network on the attack techniques it attempted. For each technique, you can get The Monkey rates your network on the attack techniques it attempted. For each technique, you can get
- {{< label danger Red >}}: The Monkey **successfully used** the technique in the simulation. That means your network is vulnerable to this technique being employed. - {{< label danger Red >}}: The Monkey **successfully used** the technique in the simulation. That means your network is vulnerable to this technique being employed.
- {{< label warning Yellow >}}: The Monkey **tried to use** the technique, but didnt manage to. That means your network isnt vulnerable to the way Monkey employs this technique. - {{< label warning Yellow >}}: The Monkey **tried to use** the technique, but didnt manage to. That means your network isnt vulnerable to the way Monkey employs this technique.
- {{< label other Grey >}}: The Monkey **didn't try** the technique this time. Perhaps it wasn't relevant to this network or wasn't configured. - {{< label unused "Dark Gray" >}}: The Monkey **didn't try** the technique. Perhaps it wasn't relevant to this network.
- {{< label disabled "Light Gray" >}}: The Monkey **didn't try** the technique since it wasn't configured.
Then, you can see exactly HOW the technique was used in this attack, and also what you should do to mitigate it, by clicking on the technique and seeing the details. For example, lets look at the [**Brute Force**](https://attack.mitre.org/techniques/T1110/) technique thats a part of employing the [**Credentials Access**](https://attack.mitre.org/tactics/TA0006/) tactic: Then, you can see exactly HOW the technique was used in this attack, and also what you should do to mitigate it, by clicking on the technique and seeing the details. For example, lets look at the [**Brute Force**](https://attack.mitre.org/techniques/T1110/) technique thats a part of employing the [**Credentials Access**](https://attack.mitre.org/tactics/TA0006/) tactic:

View File

@ -1,104 +0,0 @@
---
title: "Scenarios"
date: 2020-05-26T21:01:19+03:00
draft: false
weight: 2
tags: ["usage"]
pre: "<i class='fas fa-map-marked-alt'></i> "
---
In this page we show how you can use the Infection Monkey to simulate breach and attack scenarios as well as to share some cool tips and tricks you can use to up your Infection Monkey game. This page is aimed at both novice and experienced Monkey users. You can also refer to [our FAQ](../../faq) for more specific questions and answers.
Here are a few scenarios that can be replicated in your own environment by executing the Monkey from different locations within the network, or with some tweaks to the Monkeys configuration.
{{% notice note %}}
No worries! The Monkey does not cause any permanent system modifications that impact security or operations. You will be able to track the Monkey using the log files it leaves in well defined locations. [See our FAQ for more details](../faq).
{{% /notice %}}
- [Your network has been breached via internet facing servers](#your-network-has-been-breached-via-internet-facing-servers)
- [Simulate this scenario using the Monkey](#simulate-this-scenario-using-the-monkey)
- [You are the newest victim of a phishing fraud! 🎣](#you-are-the-newest-victim-of-a-phishing-fraud)
- [Simulate this scenario using the Monkey](#simulate-this-scenario-using-the-monkey-1)
- [You want to test your network segmentation](#you-want-to-test-your-network-segmentation)
- [Simulate this scenario using the Monkey](#simulate-this-scenario-using-the-monkey-2)
- [You want to verify your security solutions, procedures and teams are working as intended](#you-want-to-verify-your-security-solutions-procedures-and-teams-are-working-as-intended)
- [Simulate this scenario using the Monkey](#simulate-this-scenario-using-the-monkey-3)
- [Other useful tips](#other-useful-tips)
## Your network has been breached via internet facing servers
Whether it was the [Hex-men campaign](https://www.guardicore.com/2017/12/beware-the-hex-men/) that hit your Internet-facing DB server, a [cryptomining operation that attacked your WordPress site](https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining-2/) or any other malicious campaign the attackers are now trying to go deeper into your network.
### Simulate this scenario using the Monkey
To simulate this breach scenario, execute the Infection Monkey on different machines that host internet-facing services such as your web servers (Apache, Tomcat, NGINX…) or your VPN servers. To see how to execute the Monkey on these servers, [refer to this FAQ question](../../faq#after-ive-set-up-monkey-island-how-can-i-execute-the-monkey).
{{% notice tip %}}
If you want to simulate a very “deep” attack into your network, see our [configuration documentation](../configuration).
{{% /notice %}}
After executing the Monkey, evaluate the results of this simulation using the information in the Report page. There you will find a summary of the most important things the simulation has discovered, a detailed report of all the Monkeys findings and more. You can also use the Infection Map to analyze the Monkeys progress through the network, and to see each Monkeys detailed telemetry and logs.
## You are the newest victim of a phishing fraud! 🎣
Almost everyone is prone to phishing attacks. Results of a successful phishing attempt can be **extremely costly** as demonstrated in our report [IResponse to IEncrypt](https://www.guardicore.com/2019/04/iresponse-to-iencrypt/).
This scenario begins in a section of the network which is a potential phishing spot. Phishing attacks target human users - as such, these types of attacks try to penetrate the network via a service an employee is using, such as an email with an attached malware or social media message with a link redirecting to a malicious website. These are just two examples of where and how an attacker may choose to launch their campaign.
### Simulate this scenario using the Monkey
To simulate the damage from a successful phishing attack using the Infection Monkey, choose machines in your network from potentially problematic group of machines, such as the laptop of one of your heavy email users or one of your strong IT users (think of people who are more likely to correspond with people outside of your organization).
- After setting up the Island add the users **real** credentials (usernames and passwords) to the Monkeys configuration (Dont worry, this sensitive data is not accessible and is not distributed or used in any way other than being sent to the monkeys, and can be easily eliminated by resetting the Monkey Islands configuration). Now you can simulate an attacker attempting to probe deeper in the network with credentials “successfully” phished.
- You can configure these credentials for the Monkey as follows:
From the **“Basic - Credentials”** tab of the Islands configuration, under the **“Exploit password list”** press the + button and add the passwords you would like the Monkey to use. Do the same with usernames in the **“Exploit user list”**.
![Exploit password and user lists](/images/usage/scenarios/user-password-lists.png "Exploit password and user lists")
After supplying the Monkey with the passwords and usernames, execute the Monkey from the simulated “victim” machines. To do this, click “**2. Run Monkey**” from the left sidebar menu and choose “**Run on machine of your choice**”.
## You want to test your network segmentation
Segmentation is a method of creating secure zones in data centers and cloud deployments that allows companies to isolate workloads from one another and secure them individually, typically using policies. A useful way to test the effectiveness of your segmentation is to ensure that your network segments are properly separated, e,g, your Development is separated from your Production, your applications are separated from one another etc. "to security test is to verify that your network segmentation is configured properly. This way you make sure that even if a certain attacker has breached your defenses, it cant move laterally from point A to point B.
[Segmentation is key](https://www.guardicore.com/use-cases/micro-segmentation/) to protecting your network, reducing the attack surface and minimizing the damage of a breach. The Monkey can help you test your segmentation settings with its cross-segment traffic testing feature.
### Simulate this scenario using the Monkey
As an example, the following configuration makes sure machines in the “10.0.0.0/24” segment (segment A) and the “11.0.0.2/32” segment (segment B) cant communicate with each other, along with an additional machine in 13.37.41.50.
![How to configure network segmentation testing](/images/usage/scenarios/segmentation-config.png "How to configure network segmentation testing")
## You want to verify your security solutions, procedures and teams are working as intended
The Infection Monkey can help you verify that your security solutions are working the way you expected them to. These may include your IR and SOC teams, your SIEM, your firewall, your endpoint security solution, and more.
### Simulate this scenario using the Monkey
Run the Monkey with whichever configuration you prefer. The default is good enough for many cases; but for example, you can add some old users and passwords. Running the Monkey on both the Island and on a few other machines in the network is also recommended, as it increases coverage and propagation rates.
After running the Monkey, follow the Monkeys actions on the Monkey Islands infection map.
Now you can match this activity from the Monkey timeline display to your internal SIEM and make sure your security solutions are identifying and correctly alerting on different attacks.
- The red arrows indicate successful exploitations. If you see red arrows, those incidents ought to be reported as exploitation attempts, so check whether you are receiving alerts from your security systems as expected.
- The orange arrows indicate scanning activity, usually used by attackers to locate potential vulnerabilities. If you see orange arrows, those incidents ought to be reported as scanning attempts (and possibly as segmentation violations).
- The blue arrows indicate tunneling activity, usually used by attackers to infiltrate “protected” networks from the Internet. Perhaps someone is trying to bypass your firewall to gain access to a protected service in your network? Check if your micro-segmentation / firewall solution identify or report anything.
While running this scenario, be on the lookout for the action that should arise: Did you get a phone call telling you about suspicious activity inside your network? Are events flowing into your security events aggregators? Are you getting emails from your IR teams? Is the endpoint protection software you installed on machines in the network reporting on anything? Are your compliance scanners detecting anything wrong?
## Other useful tips
Here are a few tips which can help you push the Infection Monkey even further:
- Make sure the Monkey is configured to scan its local network but in addition, configure it with specific targets. To add these targets, add their IP addresses (or the IP ranges in which they reside) to the Scan IP/subnet list using the `+` button. Heres an example of how this is achieved:
![How to configure Scan IP/subnet list](/images/usage/scenarios/scan-list-config.png "How to configure Scan IP/subnet list")
- Every network has its old “skeleton keys” that should have long been discarded. Configure the Monkey with old and stale passwords, but make sure that they were really discarded using the Monkey. To add the old passwords, in the islands configuration, go to the “Exploit password list” under “Basic - Credentials” and use the “+” button to add the old passwords to the configuration. For example, here we added a few extra passwords (and a username as well) to the configuration:
![Exploit password and user lists](/images/usage/scenarios/user-password-lists.png "Exploit password and user lists")
- To see the Monkey executing in real-time on your servers, add the **post-breach action** command: `wall “Infection Monkey was here”`. This post breach command will broadcast a message across all open terminals on the servers the Monkey breached, to achieve the following: Let you know the Monkey ran successfully on the server. let you follow the breach “live” alongside the infection map, and check which terminals are logged and monitored inside your network. See below:
![How to configure post breach commands](/images/usage/scenarios/pba-example.png "How to configure post breach commands.")

View File

@ -0,0 +1,24 @@
+++
title = "Use Cases"
date = 2020-08-12T12:52:59+03:00
weight = 3
chapter = true
pre = "<i class='fas fa-map-marked-alt'></i> "
+++
# Use cases
This section describes possible use cases for the "Infection Monkey" and helps to
understand how this tool can be configured.
You can also refer to [our FAQ](../../faq) for more specific questions and answers.
{{% notice note %}}
No worries! The Monkey uses safe exploiters and does not cause any permanent system modifications that impact security or operations.
{{% /notice %}}
#### Section contents:
- [Network breach](./network-breach) - Simulate internal network breach.
- [Network segmentation](./network-segmentation) - Test network segmentation.
- [Credential leak](./credential-leak) - Assess the impact of successful phishing attack or other form of credential leak.
- [IDS/IPS Test](./ids-test) - Test your network defence solutions.
- [Other](./other) - Tips and tricks about configuring monkey for your needs.

View File

@ -0,0 +1,39 @@
---
title: "Credential Leak"
date: 2020-08-12T13:04:25+03:00
draft: true
weight: 4
---
## Overview
Numerous attack techniques(from phishing to dumpster diving) might result in a credential leak,
which can be **extremely costly** as demonstrated in our report [IResponse to IEncrypt](https://www.guardicore.com/2019/04/iresponse-to-iencrypt/).
Infection Monkey can help assess the impact of stolen credentials by automatically searching
where these credentials can be reused.
## Configuration
#### Important configuration values:
- **Exploits -> Credentials** After setting up the Island add the users **real** credentials
(usernames and passwords) to the Monkeys configuration (Dont worry, this sensitive data is not accessible and is not
distributed or used in any way other than being sent to the monkeys, and can be easily eliminated by resetting the Monkey Islands configuration).
- **Internal -> Exploits -> SSH keypair list** Monkey automatically gathers SSH keys on the current system.
For this to work, Monkey Island or initial Monkey needs to have access to SSH key files(grant permission or run Monkey as root).
To make sure SSH keys were gathered successfully, refresh the page and check this configuration value after you run the Monkey
(content of keys will not be displayed, it will appear as `<Object>`).
To simulate the damage from a successful phishing attack using the Infection Monkey, choose machines in your network
from potentially problematic group of machines, such as the laptop of one of your heavy email users or
one of your strong IT users (think of people who are more likely to correspond with people outside of
your organization). Execute the Monkey on chosen machines by clicking on “**1. Run Monkey**” from the left sidebar menu
and choosing “**Run on machine of your choice**”.
![Exploit password and user lists](/images/usage/scenarios/user-password-lists.png "Exploit password and user lists")
## Assessing results
To assess the impact of leaked credentials see Security report. It's possible, that credential leak resulted in even
more leaked credentials, for that look into **Security report -> Stolen credentials**.

View File

@ -0,0 +1,54 @@
---
title: "IDS/IPS Test"
date: 2020-08-12T13:07:47+03:00
draft: true
weight: 5
---
## Overview
The Infection Monkey can help you verify that your security solutions are working the way you expected them to.
These may include your IR and SOC teams, your SIEM, your firewall, your endpoint security solution, and more.
## Configuration
#### Important configuration values:
- **Monkey -> Post breach** Post breach actions simulate the actions an attacker would make on infected system.
To test something not present on the tool, you can provide your own file or command to be ran.
The default configuration is good enough for many cases, but configuring testing scope and adding brute-force
credentials is a good bet in any scenario.
Running the Monkey on both the Island and on a few other machines in the network manually is also recommended,
as it increases coverage and propagation rates.
![Post breach configuration](/images/usage/scenarios/ids-test.png "Post breach configuration")
## Assessing results
After running the Monkey, follow the Monkeys actions on the Monkey Islands infection map.
Now you can match this activity from the Monkey timeline display to your internal SIEM and make sure your security
solutions are identifying and correctly alerting on different attacks.
- The red arrows indicate successful exploitations. If you see red arrows, those incidents ought to be reported as
exploitation attempts, so check whether you are receiving alerts from your security systems as expected.
- The orange arrows indicate scanning activity, usually used by attackers to locate potential vulnerabilities.
If you see orange arrows, those incidents ought to be reported as scanning attempts (and possibly as segmentation violations).
- The blue arrows indicate tunneling activity, usually used by attackers to infiltrate “protected” networks from
the Internet. Perhaps someone is trying to bypass your firewall to gain access to a protected service in your network?
Check if your micro-segmentation / firewall solution identify or report anything.
While running this scenario, be on the lookout for the action that should arise:
Did you get a phone call telling you about suspicious activity inside your network? Are events flowing
into your security events aggregators? Are you getting emails from your IR teams?
Is the endpoint protection software you installed on machines in the network reporting on anything? Are your
compliance scanners detecting anything wrong?
Lastly, check Zero Trust and Mitre ATT&CK reports, to see which attacks can be executed on the network and how to
fix it.
![Map](/images/usage/scenarios/map-full-cropped.png "Map")

View File

@ -0,0 +1,42 @@
---
title: "Network Breach"
date: 2020-08-12T13:04:55+03:00
draft: true
weight: 1
---
## Overview
Whether it was the [Hex-men campaign](https://www.guardicore.com/2017/12/beware-the-hex-men/) that hit your
Internet-facing DB server, a [cryptomining operation that attacked your WordPress site](https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining-2/)
or any other malicious campaign the attackers are now trying to go deeper into your network.
Infection Monkey will help you assess the impact of internal network breach, by trying to propagate within it
using service vulnerabilities, brute-forcing and other safe attack methods.
## Configuration
#### Important configuration values:
- **Exploits -> Exploits** You can review the exploits Infection Monkey will be using. By default all
safe exploiters are selected.
- **Exploits -> Credentials** This configuration value will be used for brute-forcing. We use most popular passwords
and usernames, but feel free to adjust it according to your native language and other factors. Keep in mind that long
lists means longer scanning times.
- **Network -> Scope** Make sure to properly configure the scope of the scan. You can select **Local network scan**
and allow Monkey to propagate until maximum **Scan depth**(hop count) is reached or you can fine tune it by providing
specific network ranges in **Scan target list**. Scanning local network is more realistic, but providing specific
targets will make scanning process substantially faster.
- **(Optional) Internal -> Network -> TCP scanner** You can add custom ports your organization is using.
- **(Optional) Monkey -> Post Breach Actions** If you only want to test propagation in the network, you can turn off
all post breach actions. These actions simulate attacker's behaviour after getting access to a new system, but in no
way helps to exploit new machines.
![Exploiter selector](/images/usage/use-cases/network-breach.PNG "Exploiter selector")
## Assessing results
Check infection map and security report to see how far monkey managed to propagate in the network and which
vulnerabilities it used in doing so. If you left post breach actions selected, you should also check ATT&CK and
Zero Trust reports.
![Map](/images/usage/use-cases/map-full-cropped.png "Map")

View File

@ -0,0 +1,50 @@
---
title: "Network Segmentation"
date: 2020-08-12T13:05:05+03:00
draft: true
weight: 3
---
## Overview
Segmentation is a method of creating secure zones in data centers and cloud deployments that allows companies to
isolate workloads from one another and secure them individually, typically using policies.
A useful way to test the effectiveness of your segmentation is to ensure that your network segments are
properly separated, e,g, your Development is separated from your Production, your applications are separated from one
another etc. To security test is to verify that your network segmentation is configured properly. This way you make
sure that even if a certain attacker has breached your defenses, it cant move laterally from point A to point B.
[Segmentation is key](https://www.guardicore.com/use-cases/micro-segmentation/) to protecting your network, reducing
the attack surface and minimizing the damage of a breach. The Monkey can help you test your segmentation settings with
its cross-segment traffic testing feature.
## Configuration
#### Important configuration values:
- **Network -> Network analysis -> Network segmentation testing** This configuration setting allows you to define
subnets that should be segregated from each other. If any of provided networks can reach each other, you'll see it
in security report.
- **(Optional) Network -> Scope** You can disable **Local network scan** and leave other options by default if you only want to
test for network segmentation without any lateral movement.
- **(Optional) Monkey -> Post Breach Actions** If you only want to test segmentation in the network, you can turn off
all post breach actions. These actions simulate attacker's behaviour after getting access to a new system, so they
might trigger your defence solutions which will interrupt segmentation test.
Execute Monkeys on machines in different subnetworks manually, by choosing “**1. Run Monkey**” from the left sidebar menu
and clicking on “**Run on machine of your choice**”.
Alternatively, you could provide valid credentials and allow Monkey to propagate to relevant subnetworks by itself.
Note that if Monkey can't communicate to the Island, it will
not be able to send scan results, so make sure all machines can reach the island.
![How to configure network segmentation testing](/images/usage/scenarios/segmentation-config.png "How to configure network segmentation testing")
## Assessing results
Check infection map and security report for segmentation problems. Ideally, all scanned nodes should only have
edges with the Island Server.
![Map](/images/usage/use-cases/segmentation-map.PNG "Map")

View File

@ -0,0 +1,41 @@
---
title: "Other"
date: 2020-08-12T13:07:55+03:00
draft: true
weight: 100
---
## Overview
This page provides additional information about configuring monkeys, tips and tricks and creative usage scenarios.
## ATT&CK & Zero Trust scanning
You can use **ATT&CK** configuration section to select which techniques you want to scan. Keep in mind that ATT&CK
matrix configuration just changes the overall configuration by modifying related fields, thus you should start by
modifying and saving the matrix. After that you can change credentials and scope of the scan, but exploiters,
post breach actions and other configuration values will be already chosen based on ATT&CK matrix and shouldn't be
modified.
There's currently no way to configure monkey using Zero Trust framework, but regardless of configuration options,
you'll always be able to see ATT&CK and Zero Trust reports.
## Tips and tricks
- Use **Monkey -> Persistent scanning** configuration section to either have periodic scans or to increase
reliability of exploitations.
- To increase propagation run monkey as root/administrator. This will ensure that monkey will gather credentials
on current system and use them to move laterally.
- Every network has its old “skeleton keys” that should have long been discarded. Configure the Monkey with old and stale passwords, but make sure that they were really discarded using the Monkey. To add the old passwords, in the islands configuration, go to the “Exploit password list” under “Basic - Credentials” and use the “+” button to add the old passwords to the configuration. For example, here we added a few extra passwords (and a username as well) to the configuration:
![Exploit password and user lists](/images/usage/scenarios/user-password-lists.png "Exploit password and user lists")
- To see the Monkey executing in real-time on your servers, add the **post-breach action** command: `wall “Infection Monkey was here”`. This post breach command will broadcast a message across all open terminals on the servers the Monkey breached, to achieve the following: Let you know the Monkey ran successfully on the server. let you follow the breach “live” alongside the infection map, and check which terminals are logged and monitored inside your network. See below:
![How to configure post breach commands](/images/usage/scenarios/pba-example.png "How to configure post breach commands.")
- If you're scanning a large network, consider narrowing the scope and scanning it bit by bit if scan times become too
long. Lowering the amount of credentials, exploiters or post breach actions can also help to lower scanning times.

View File

@ -59,21 +59,28 @@
<section id="homepage-shortcuts"> <section id="homepage-shortcuts">
<div class="container"> <div class="container">
<div class="row justify-content-center"> <div class="row justify-content-center">
<div class="col-lg-4 col-sm-6 mb-3"> <div class="col-lg-3 col-sm-6 mb-3">
<a href="setup/" class="px-4 py-5 bg-white shadow text-center d-block"> <a href="setup/" class="px-4 py-5 bg-white shadow text-center d-block">
<i class="fas fa-cogs d-block mb-4" style="font-size: x-large;"></i> <i class="fas fa-cogs d-block mb-4" style="font-size: x-large;"></i>
<h4 class="mb-3 mt-0">Setup</h4> <h4 class="mb-3 mt-0">Setup</h4>
<p class="mb-0">See how to install the Infection Monkey.</p> <p class="mb-0">See how to install the Infection Monkey.</p>
</a> </a>
</div> </div>
<div class="col-lg-4 col-sm-6 mb-3"> <div class="col-lg-3 col-sm-6 mb-3">
<a href="usage/getting-started/" class="px-4 py-5 bg-white shadow text-center d-block"> <a href="usage/getting-started/" class="px-4 py-5 bg-white shadow text-center d-block">
<i class="fas fa-play-circle d-block mb-4" style="font-size: x-large;"></i> <i class="fas fa-play-circle d-block mb-4" style="font-size: x-large;"></i>
<h4 class="mb-3 mt-0">Getting Started</h4> <h4 class="mb-3 mt-0">Getting Started</h4>
<p class="mb-0">Set the Monkey wild in your datacenter.</p> <p class="mb-0">Set the Monkey wild in your datacenter.</p>
</a> </a>
</div> </div>
<div class="col-lg-4 col-sm-6 mb-3"> <div class="col-lg-3 col-sm-6 mb-3">
<a href="usage/use-cases" class="px-4 py-5 bg-white shadow text-center d-block">
<i class="fas fa-map-marked-alt d-block mb-4" style="font-size: x-large;"></i>
<h4 class="mb-3 mt-0">Use Cases</h4>
<p class="mb-0">Learn about use cases of the Infection Monkey.</p>
</a>
</div>
<div class="col-lg-3 col-sm-6 mb-3">
<a href="faq/" class="px-4 py-5 bg-white shadow text-center d-block"> <a href="faq/" class="px-4 py-5 bg-white shadow text-center d-block">
<i class="fas fa-question d-block mb-4" style="font-size: x-large;"></i> <i class="fas fa-question d-block mb-4" style="font-size: x-large;"></i>
<h4 class="mb-3 mt-0">FAQs</h4> <h4 class="mb-3 mt-0">FAQs</h4>

View File

@ -9,4 +9,5 @@
.info {background-color: #2196F3;} /* Blue */ .info {background-color: #2196F3;} /* Blue */
.warning {background-color: #ff9800;} /* Orange */ .warning {background-color: #ff9800;} /* Orange */
.danger {background-color: #f44336;} /* Red */ .danger {background-color: #f44336;} /* Red */
.other {background-color: #e7e7e7; color: black;} /* Gray */ .unused {background-color: #8d8d8d;} /* Dark Gray */
.disabled {background-color: #cfcfcf; color: black;} /* Light Gray */

Binary file not shown.

Before

Width:  |  Height:  |  Size: 172 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 159 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 60 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.5 MiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 86 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 26 KiB

View File

@ -4,6 +4,7 @@ import os
import subprocess import subprocess
import sys import sys
import time import time
from threading import Thread
import infection_monkey.tunnel as tunnel import infection_monkey.tunnel as tunnel
from common.network.network_utils import get_host_from_network_location from common.network.network_utils import get_host_from_network_location
@ -138,9 +139,9 @@ class InfectionMonkey(object):
StateTelem(is_done=False, version=get_version()).send() StateTelem(is_done=False, version=get_version()).send()
TunnelTelem().send() TunnelTelem().send()
LOG.debug("Starting the post-breach phase.") LOG.debug("Starting the post-breach phase asynchronously.")
self.collect_system_info_if_configured() post_breach_phase = Thread(target=self.start_post_breach_phase)
PostBreach().execute_all_configured() post_breach_phase.start()
LOG.debug("Starting the propagation phase.") LOG.debug("Starting the propagation phase.")
self.shutdown_by_max_depth_reached() self.shutdown_by_max_depth_reached()
@ -230,10 +231,17 @@ class InfectionMonkey(object):
if monkey_tunnel: if monkey_tunnel:
monkey_tunnel.stop() monkey_tunnel.stop()
monkey_tunnel.join() monkey_tunnel.join()
post_breach_phase.join()
except PlannedShutdownException: except PlannedShutdownException:
LOG.info("A planned shutdown of the Monkey occurred. Logging the reason and finishing execution.") LOG.info("A planned shutdown of the Monkey occurred. Logging the reason and finishing execution.")
LOG.exception("Planned shutdown, reason:") LOG.exception("Planned shutdown, reason:")
def start_post_breach_phase(self):
self.collect_system_info_if_configured()
PostBreach().execute_all_configured()
def shutdown_by_max_depth_reached(self): def shutdown_by_max_depth_reached(self):
if 0 == WormConfiguration.depth: if 0 == WormConfiguration.depth:
TraceTelem(MAX_DEPTH_REACHED_MESSAGE).send() TraceTelem(MAX_DEPTH_REACHED_MESSAGE).send()

View File

@ -1,4 +1,5 @@
import logging import logging
from multiprocessing.dummy import Pool
from typing import Sequence from typing import Sequence
from infection_monkey.post_breach.pba import PBA from infection_monkey.post_breach.pba import PBA
@ -24,12 +25,8 @@ class PostBreach(object):
""" """
Executes all post breach actions. Executes all post breach actions.
""" """
for pba in self.pba_list: pool = Pool(5)
try: pool.map(self.run_pba, self.pba_list)
LOG.debug("Executing PBA: '{}'".format(pba.name))
pba.run()
except Exception as e:
LOG.error("PBA {} failed. Error info: {}".format(pba.name, e))
LOG.info("All PBAs executed. Total {} executed.".format(len(self.pba_list))) LOG.info("All PBAs executed. Total {} executed.".format(len(self.pba_list)))
@staticmethod @staticmethod
@ -38,3 +35,10 @@ class PostBreach(object):
:return: A list of PBA objects. :return: A list of PBA objects.
""" """
return PBA.get_instances() return PBA.get_instances()
def run_pba(self, pba):
try:
LOG.debug("Executing PBA: '{}'".format(pba.name))
pba.run()
except Exception as e:
LOG.error("PBA {} failed. Error info: {}".format(pba.name, e))

View File

@ -9,7 +9,8 @@ from werkzeug.utils import secure_filename
from monkey_island.cc.resources.auth.auth import jwt_required from monkey_island.cc.resources.auth.auth import jwt_required
from monkey_island.cc.services.config import ConfigService from monkey_island.cc.services.config import ConfigService
from monkey_island.cc.services.post_breach_files import ( from monkey_island.cc.services.post_breach_files import (
PBA_LINUX_FILENAME_PATH, PBA_WINDOWS_FILENAME_PATH, UPLOADS_DIR) PBA_LINUX_FILENAME_PATH, PBA_UPLOAD_PATH, PBA_WINDOWS_FILENAME_PATH,
UPLOADS_DIR)
__author__ = 'VakarisZ' __author__ = 'VakarisZ'
@ -18,6 +19,9 @@ LOG = logging.getLogger(__name__)
LINUX_PBA_TYPE = 'PBAlinux' LINUX_PBA_TYPE = 'PBAlinux'
WINDOWS_PBA_TYPE = 'PBAwindows' WINDOWS_PBA_TYPE = 'PBAwindows'
# This path is used by flask, which means that local directory is different from UPLOADS_DIR
FLASK_UPLOAD_PATH = PBA_UPLOAD_PATH[-1]
class FileUpload(flask_restful.Resource): class FileUpload(flask_restful.Resource):
""" """
@ -39,7 +43,7 @@ class FileUpload(flask_restful.Resource):
filename = ConfigService.get_config_value(copy.deepcopy(PBA_LINUX_FILENAME_PATH)) filename = ConfigService.get_config_value(copy.deepcopy(PBA_LINUX_FILENAME_PATH))
else: else:
filename = ConfigService.get_config_value(copy.deepcopy(PBA_WINDOWS_FILENAME_PATH)) filename = ConfigService.get_config_value(copy.deepcopy(PBA_WINDOWS_FILENAME_PATH))
return send_from_directory(UPLOADS_DIR, filename) return send_from_directory(FLASK_UPLOAD_PATH, filename)
@jwt_required @jwt_required
def post(self, file_type): def post(self, file_type):

View File

@ -88,7 +88,8 @@ SCHEMA = {
"link": "https://attack.mitre.org/techniques/T1156", "link": "https://attack.mitre.org/techniques/T1156",
"description": "Adversaries may abuse shell scripts by " "description": "Adversaries may abuse shell scripts by "
"inserting arbitrary shell commands to gain persistence, which " "inserting arbitrary shell commands to gain persistence, which "
"would be executed every time the user logs in or opens a new shell." "would be executed every time the user logs in or opens a new shell.",
"depends_on": ["T1504"]
}, },
"T1136": { "T1136": {
"title": "Create account", "title": "Create account",
@ -117,7 +118,8 @@ SCHEMA = {
"link": "https://attack.mitre.org/techniques/T1168/", "link": "https://attack.mitre.org/techniques/T1168/",
"description": "Linux supports multiple methods for creating pre-scheduled and " "description": "Linux supports multiple methods for creating pre-scheduled and "
"periodic background jobs. Job scheduling can be used by adversaries to " "periodic background jobs. Job scheduling can be used by adversaries to "
"schedule running malicious code at some specified date and time." "schedule running malicious code at some specified date and time.",
"depends_on": ["T1053"]
}, },
"T1504": { "T1504": {
"title": "PowerShell profile", "title": "PowerShell profile",
@ -127,7 +129,8 @@ SCHEMA = {
"link": "https://attack.mitre.org/techniques/T1504", "link": "https://attack.mitre.org/techniques/T1504",
"description": "Adversaries may gain persistence and elevate privileges " "description": "Adversaries may gain persistence and elevate privileges "
"in certain situations by abusing PowerShell profiles which " "in certain situations by abusing PowerShell profiles which "
"are scripts that run when PowerShell starts." "are scripts that run when PowerShell starts.",
"depends_on": ["T1156"]
}, },
"T1053": { "T1053": {
"title": "Scheduled task", "title": "Scheduled task",
@ -137,7 +140,8 @@ SCHEMA = {
"link": "https://attack.mitre.org/techniques/T1053", "link": "https://attack.mitre.org/techniques/T1053",
"description": "Windows utilities can be used to schedule programs or scripts to " "description": "Windows utilities can be used to schedule programs or scripts to "
"be executed at a date and time. An adversary may use task scheduling to " "be executed at a date and time. An adversary may use task scheduling to "
"execute programs at system startup or on a scheduled basis for persistence." "execute programs at system startup or on a scheduled basis for persistence.",
"depends_on": ["T1168"]
}, },
"T1166": { "T1166": {
"title": "Setuid and Setgid", "title": "Setuid and Setgid",

View File

@ -11,7 +11,8 @@ logger = logging.getLogger(__name__)
# Where to find file names in config # Where to find file names in config
PBA_WINDOWS_FILENAME_PATH = ['monkey', 'post_breach', 'PBA_windows_filename'] PBA_WINDOWS_FILENAME_PATH = ['monkey', 'post_breach', 'PBA_windows_filename']
PBA_LINUX_FILENAME_PATH = ['monkey', 'post_breach', 'PBA_linux_filename'] PBA_LINUX_FILENAME_PATH = ['monkey', 'post_breach', 'PBA_linux_filename']
UPLOADS_DIR = Path('monkey_island', 'cc', 'userUploads') PBA_UPLOAD_PATH = ['monkey_island', 'cc', 'userUploads']
UPLOADS_DIR = Path(*PBA_UPLOAD_PATH)
def remove_PBA_files(): def remove_PBA_files():

View File

@ -1,6 +1,6 @@
{ {
"name": "infection-monkey", "name": "infection-monkey",
"version": "1.8.2", "version": "1.9.0",
"lockfileVersion": 1, "lockfileVersion": 1,
"requires": true, "requires": true,
"dependencies": { "dependencies": {
@ -1310,9 +1310,9 @@
} }
}, },
"@sindresorhus/is": { "@sindresorhus/is": {
"version": "3.0.0", "version": "3.1.0",
"resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-3.0.0.tgz", "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-3.1.0.tgz",
"integrity": "sha512-kqA5I6Yun7PBHk8WN9BBP1c7FfN2SrD05GuVSEYPqDb4nerv7HqYfgBfMIKmT/EuejURkJKLZuLyGKGs6WEG9w==" "integrity": "sha512-n4J+zu52VdY43kdi/XdI9DzuMr1Mur8zFL5ZRG2opCans9aiFwkPxHYFEb5Xgy7n1Z4K6WfI4FpqUqsh3E8BPQ=="
}, },
"@snyk/cli-interface": { "@snyk/cli-interface": {
"version": "2.8.0", "version": "2.8.0",
@ -1338,9 +1338,9 @@
}, },
"dependencies": { "dependencies": {
"tslib": { "tslib": {
"version": "2.0.0", "version": "2.0.1",
"resolved": "https://registry.npmjs.org/tslib/-/tslib-2.0.0.tgz", "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.0.1.tgz",
"integrity": "sha512-lTqkx847PI7xEDYJntxZH89L2/aXInsyF2luSafe/+0fHOMjlBNXdH6th7f70qxLDhul7KZK0zC8V5ZIyHl0/g==" "integrity": "sha512-SgIkNheinmEBgx1IUNirK0TUD4X9yjjBRTqqjggWCU3pUEqIk3/Uwl3yRixYKT6WjQuGiwDv4NomL3wqRCj+CQ=="
} }
} }
}, },
@ -1641,9 +1641,9 @@
} }
}, },
"tslib": { "tslib": {
"version": "2.0.0", "version": "2.0.1",
"resolved": "https://registry.npmjs.org/tslib/-/tslib-2.0.0.tgz", "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.0.1.tgz",
"integrity": "sha512-lTqkx847PI7xEDYJntxZH89L2/aXInsyF2luSafe/+0fHOMjlBNXdH6th7f70qxLDhul7KZK0zC8V5ZIyHl0/g==" "integrity": "sha512-SgIkNheinmEBgx1IUNirK0TUD4X9yjjBRTqqjggWCU3pUEqIk3/Uwl3yRixYKT6WjQuGiwDv4NomL3wqRCj+CQ=="
} }
} }
}, },
@ -3392,9 +3392,9 @@
} }
}, },
"buffer": { "buffer": {
"version": "5.5.0", "version": "5.6.0",
"resolved": "https://registry.npmjs.org/buffer/-/buffer-5.5.0.tgz", "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.6.0.tgz",
"integrity": "sha512-9FTEDjLjwoAkEwyMGDjYJQN2gfRgOKBKRfiglhvibGbpeeU/pQn1bJxQqm32OD/AIeEuHxU9roxXxg34Byp/Ww==", "integrity": "sha512-/gDYp/UtU0eA1ys8bOs9J6a+E/KWIY+DZ+Q2WESNUA0jFRsJOc0SNUO6xJ5SGA1xueg3NL65W6s+NY5l9cunuw==",
"requires": { "requires": {
"base64-js": "^1.0.2", "base64-js": "^1.0.2",
"ieee754": "^1.1.4" "ieee754": "^1.1.4"
@ -3506,9 +3506,9 @@
}, },
"dependencies": { "dependencies": {
"get-stream": { "get-stream": {
"version": "5.1.0", "version": "5.2.0",
"resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.1.0.tgz", "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.2.0.tgz",
"integrity": "sha512-EXr1FOzrzTfGeL0gQdeFEvOMm2mzMOglyiOXSTpPC+iAjAKftbr3jpCMWynogwYnM+eSj9sHGc6wjIcDvYiygw==", "integrity": "sha512-nBF+F1rAZVCu/p7rjzgA+Yb4lfYXrpl7a6VmJrU8wF9I1CKvP/QwPNZHnOlwbTkY6dvtFIzFMSyQXbLoTQPRpA==",
"requires": { "requires": {
"pump": "^3.0.0" "pump": "^3.0.0"
} }
@ -3726,9 +3726,9 @@
"integrity": "sha512-GRMWDxpOB6Dgk2E5Uo+3eEBvtOOlimMmpbFiKuLFnQzYDavtLFY3K5ona41jgN/WdRZtG7utuVSVTL4HbZHGkw==" "integrity": "sha512-GRMWDxpOB6Dgk2E5Uo+3eEBvtOOlimMmpbFiKuLFnQzYDavtLFY3K5ona41jgN/WdRZtG7utuVSVTL4HbZHGkw=="
}, },
"clipanion": { "clipanion": {
"version": "2.4.2", "version": "2.4.4",
"resolved": "https://registry.npmjs.org/clipanion/-/clipanion-2.4.2.tgz", "resolved": "https://registry.npmjs.org/clipanion/-/clipanion-2.4.4.tgz",
"integrity": "sha512-kBCYtQKI4/R/zjierdwoDAsNUSvoh4pX2tseYxgLYQcKIpdPsHZrFWiQOfbe2Scd/btsqJEc4q6g55q0p5DZAw==" "integrity": "sha512-KjyCBz8xplftHjIK/nOqq/9b3hPlXbAAo/AxoITrO4yySpQ6a9QSJDAfOx9PfcRUHteeqbdNxZKSPfeFqQ7plg=="
}, },
"cliui": { "cliui": {
"version": "5.0.0", "version": "5.0.0",
@ -6550,9 +6550,9 @@
} }
}, },
"got": { "got": {
"version": "11.5.0", "version": "11.5.2",
"resolved": "https://registry.npmjs.org/got/-/got-11.5.0.tgz", "resolved": "https://registry.npmjs.org/got/-/got-11.5.2.tgz",
"integrity": "sha512-vOZEcEaK0b6x11uniY0HcblZObKPRO75Jvz53VKuqGSaKCM/zEt0sj2LGYVdqDYJzO3wYdG+FPQQ1hsgoXy7vQ==", "integrity": "sha512-yUhpEDLeuGiGJjRSzEq3kvt4zJtAcjKmhIiwNp/eUs75tRlXfWcHo5tcBaMQtnjHWC7nQYT5HkY/l0QOQTkVww==",
"requires": { "requires": {
"@sindresorhus/is": "^3.0.0", "@sindresorhus/is": "^3.0.0",
"@szmarczak/http-timer": "^4.0.5", "@szmarczak/http-timer": "^4.0.5",
@ -6561,7 +6561,7 @@
"cacheable-lookup": "^5.0.3", "cacheable-lookup": "^5.0.3",
"cacheable-request": "^7.0.1", "cacheable-request": "^7.0.1",
"decompress-response": "^6.0.0", "decompress-response": "^6.0.0",
"http2-wrapper": "^1.0.0-beta.4.8", "http2-wrapper": "^1.0.0-beta.5.0",
"lowercase-keys": "^2.0.0", "lowercase-keys": "^2.0.0",
"p-cancelable": "^2.0.0", "p-cancelable": "^2.0.0",
"responselike": "^2.0.0" "responselike": "^2.0.0"
@ -7497,9 +7497,9 @@
} }
}, },
"is-docker": { "is-docker": {
"version": "2.0.0", "version": "2.1.1",
"resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.0.0.tgz", "resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.1.1.tgz",
"integrity": "sha512-pJEdRugimx4fBMra5z2/5iRdZ63OhYV0vr0Dwm5+xtW4D1FvRkB8hamMIhnWfyJeDdyr/aa7BDyNbtG38VxgoQ==" "integrity": "sha512-ZOoqiXfEwtGknTiuDEy8pN2CfE3TxMHprvNer1mXiqwkOT77Rw3YVrUQ52EqAOU3QAWDQ+bQdx7HJzrv7LS2Hw=="
}, },
"is-extendable": { "is-extendable": {
"version": "0.1.1", "version": "0.1.1",
@ -8018,9 +8018,9 @@
} }
}, },
"lodash": { "lodash": {
"version": "4.17.19", "version": "4.17.20",
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz", "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz",
"integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==" "integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA=="
}, },
"lodash-es": { "lodash-es": {
"version": "4.17.15", "version": "4.17.15",
@ -8047,11 +8047,21 @@
"resolved": "https://registry.npmjs.org/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz", "resolved": "https://registry.npmjs.org/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz",
"integrity": "sha1-4j8/nE+Pvd6HJSnBBxhXoIblzO8=" "integrity": "sha1-4j8/nE+Pvd6HJSnBBxhXoIblzO8="
}, },
"lodash.constant": {
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/lodash.constant/-/lodash.constant-3.0.0.tgz",
"integrity": "sha1-v+Bczn5RWzEokl1jYhOEIL1iSRA="
},
"lodash.curry": { "lodash.curry": {
"version": "4.1.1", "version": "4.1.1",
"resolved": "https://registry.npmjs.org/lodash.curry/-/lodash.curry-4.1.1.tgz", "resolved": "https://registry.npmjs.org/lodash.curry/-/lodash.curry-4.1.1.tgz",
"integrity": "sha1-JI42By7ekGUB11lmIAqG2riyMXA=" "integrity": "sha1-JI42By7ekGUB11lmIAqG2riyMXA="
}, },
"lodash.filter": {
"version": "4.6.0",
"resolved": "https://registry.npmjs.org/lodash.filter/-/lodash.filter-4.6.0.tgz",
"integrity": "sha1-ZosdSYFgOuHMWm+nYBQ+SAtMSs4="
},
"lodash.flatmap": { "lodash.flatmap": {
"version": "4.5.0", "version": "4.5.0",
"resolved": "https://registry.npmjs.org/lodash.flatmap/-/lodash.flatmap-4.5.0.tgz", "resolved": "https://registry.npmjs.org/lodash.flatmap/-/lodash.flatmap-4.5.0.tgz",
@ -8067,11 +8077,26 @@
"resolved": "https://registry.npmjs.org/lodash.flow/-/lodash.flow-3.5.0.tgz", "resolved": "https://registry.npmjs.org/lodash.flow/-/lodash.flow-3.5.0.tgz",
"integrity": "sha1-h79AKSuM+D5OjOGjrkIJ4gBxZ1o=" "integrity": "sha1-h79AKSuM+D5OjOGjrkIJ4gBxZ1o="
}, },
"lodash.foreach": {
"version": "4.5.0",
"resolved": "https://registry.npmjs.org/lodash.foreach/-/lodash.foreach-4.5.0.tgz",
"integrity": "sha1-Gmo16s5AEoDH8G3d7DUWWrJ+PlM="
},
"lodash.get": { "lodash.get": {
"version": "4.4.2", "version": "4.4.2",
"resolved": "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz", "resolved": "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz",
"integrity": "sha1-LRd/ZS+jHpObRDjVNBSZ36OCXpk=" "integrity": "sha1-LRd/ZS+jHpObRDjVNBSZ36OCXpk="
}, },
"lodash.has": {
"version": "4.5.2",
"resolved": "https://registry.npmjs.org/lodash.has/-/lodash.has-4.5.2.tgz",
"integrity": "sha1-0Z9NwQlQWMzL4rDN9O4P5Ko3yGI="
},
"lodash.isarray": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/lodash.isarray/-/lodash.isarray-4.0.0.tgz",
"integrity": "sha1-KspJayjEym1yZxUxNZDALm6jRAM="
},
"lodash.isempty": { "lodash.isempty": {
"version": "4.4.0", "version": "4.4.0",
"resolved": "https://registry.npmjs.org/lodash.isempty/-/lodash.isempty-4.4.0.tgz", "resolved": "https://registry.npmjs.org/lodash.isempty/-/lodash.isempty-4.4.0.tgz",
@ -8082,16 +8107,46 @@
"resolved": "https://registry.npmjs.org/lodash.isequal/-/lodash.isequal-4.5.0.tgz", "resolved": "https://registry.npmjs.org/lodash.isequal/-/lodash.isequal-4.5.0.tgz",
"integrity": "sha1-QVxEePK8wwEgwizhDtMib30+GOA=" "integrity": "sha1-QVxEePK8wwEgwizhDtMib30+GOA="
}, },
"lodash.isfunction": {
"version": "3.0.9",
"resolved": "https://registry.npmjs.org/lodash.isfunction/-/lodash.isfunction-3.0.9.tgz",
"integrity": "sha512-AirXNj15uRIMMPihnkInB4i3NHeb4iBtNg9WRWuK2o31S+ePwwNmDPaTL3o7dTJ+VXNZim7rFs4rxN4YU1oUJw=="
},
"lodash.isundefined": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/lodash.isundefined/-/lodash.isundefined-3.0.1.tgz",
"integrity": "sha1-I+89lTVWUgOmbO/VuDD4SJEa+0g="
},
"lodash.keys": {
"version": "4.2.0",
"resolved": "https://registry.npmjs.org/lodash.keys/-/lodash.keys-4.2.0.tgz",
"integrity": "sha1-oIYCrBLk+4P5H8H7ejYKTZujUgU="
},
"lodash.map": {
"version": "4.6.0",
"resolved": "https://registry.npmjs.org/lodash.map/-/lodash.map-4.6.0.tgz",
"integrity": "sha1-dx7Hg540c9nEzeKLGTlMNWL09tM="
},
"lodash.pick": { "lodash.pick": {
"version": "4.4.0", "version": "4.4.0",
"resolved": "https://registry.npmjs.org/lodash.pick/-/lodash.pick-4.4.0.tgz", "resolved": "https://registry.npmjs.org/lodash.pick/-/lodash.pick-4.4.0.tgz",
"integrity": "sha1-UvBWEP/53tQiYRRB7R/BI6AwAbM=" "integrity": "sha1-UvBWEP/53tQiYRRB7R/BI6AwAbM="
}, },
"lodash.reduce": {
"version": "4.6.0",
"resolved": "https://registry.npmjs.org/lodash.reduce/-/lodash.reduce-4.6.0.tgz",
"integrity": "sha1-8atrg5KZrUj3hKu/R2WW8DuRTTs="
},
"lodash.set": { "lodash.set": {
"version": "4.3.2", "version": "4.3.2",
"resolved": "https://registry.npmjs.org/lodash.set/-/lodash.set-4.3.2.tgz", "resolved": "https://registry.npmjs.org/lodash.set/-/lodash.set-4.3.2.tgz",
"integrity": "sha1-2HV7HagH3eJIFrDWqEvqGnYjCyM=" "integrity": "sha1-2HV7HagH3eJIFrDWqEvqGnYjCyM="
}, },
"lodash.size": {
"version": "4.2.0",
"resolved": "https://registry.npmjs.org/lodash.size/-/lodash.size-4.2.0.tgz",
"integrity": "sha1-cf517T6r2yvLc6GwtPUcOS7ie4Y="
},
"lodash.topairs": { "lodash.topairs": {
"version": "4.3.0", "version": "4.3.0",
"resolved": "https://registry.npmjs.org/lodash.topairs/-/lodash.topairs-4.3.0.tgz", "resolved": "https://registry.npmjs.org/lodash.topairs/-/lodash.topairs-4.3.0.tgz",
@ -8102,6 +8157,21 @@
"resolved": "https://registry.npmjs.org/lodash.topath/-/lodash.topath-4.5.2.tgz", "resolved": "https://registry.npmjs.org/lodash.topath/-/lodash.topath-4.5.2.tgz",
"integrity": "sha1-NhY1Hzu6YZlKCTGYlmC9AyVP0Ak=" "integrity": "sha1-NhY1Hzu6YZlKCTGYlmC9AyVP0Ak="
}, },
"lodash.transform": {
"version": "4.6.0",
"resolved": "https://registry.npmjs.org/lodash.transform/-/lodash.transform-4.6.0.tgz",
"integrity": "sha1-EjBkIvYzJK7YSD0/ODMrX2cFR6A="
},
"lodash.union": {
"version": "4.6.0",
"resolved": "https://registry.npmjs.org/lodash.union/-/lodash.union-4.6.0.tgz",
"integrity": "sha1-SLtQiECfFvGCFmZkHETdGqrjzYg="
},
"lodash.values": {
"version": "4.3.0",
"resolved": "https://registry.npmjs.org/lodash.values/-/lodash.values-4.3.0.tgz",
"integrity": "sha1-o6bCsOvsxcLLocF+bmIP6BtT00c="
},
"log-symbols": { "log-symbols": {
"version": "3.0.0", "version": "3.0.0",
"resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-3.0.0.tgz", "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-3.0.0.tgz",
@ -8170,9 +8240,9 @@
} }
}, },
"macos-release": { "macos-release": {
"version": "2.4.0", "version": "2.4.1",
"resolved": "https://registry.npmjs.org/macos-release/-/macos-release-2.4.0.tgz", "resolved": "https://registry.npmjs.org/macos-release/-/macos-release-2.4.1.tgz",
"integrity": "sha512-ko6deozZYiAkqa/0gmcsz+p4jSy3gY7/ZsCEokPaYd8k+6/aXGkiTgr61+Owup7Sf+xjqW8u2ElhoM9SEcEfuA==" "integrity": "sha512-H/QHeBIN1fIGJX517pvK8IEK53yQOW7YcEI55oYtgjDdoCQQz7eJS94qt5kNrscReEyuD/JcdFCm2XBEcGOITg=="
}, },
"make-dir": { "make-dir": {
"version": "2.1.0", "version": "2.1.0",
@ -12302,9 +12372,9 @@
} }
}, },
"open": { "open": {
"version": "7.0.4", "version": "7.1.0",
"resolved": "https://registry.npmjs.org/open/-/open-7.0.4.tgz", "resolved": "https://registry.npmjs.org/open/-/open-7.1.0.tgz",
"integrity": "sha512-brSA+/yq+b08Hsr4c8fsEW2CRzk1BmfN3SAK/5VCHQ9bdoZJ4qa/+AfR0xHjlbbZUyPkUHs1b8x1RqdyZdkVqQ==", "integrity": "sha512-lLPI5KgOwEYCDKXf4np7y1PBEkj7HYIyP2DY8mVDRnx0VIIu6bNrRB0R66TuO7Mack6EnTNLm4uvcl1UoklTpA==",
"requires": { "requires": {
"is-docker": "^2.0.0", "is-docker": "^2.0.0",
"is-wsl": "^2.1.1" "is-wsl": "^2.1.1"
@ -12537,9 +12607,9 @@
}, },
"dependencies": { "dependencies": {
"get-stream": { "get-stream": {
"version": "5.1.0", "version": "5.2.0",
"resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.1.0.tgz", "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.2.0.tgz",
"integrity": "sha512-EXr1FOzrzTfGeL0gQdeFEvOMm2mzMOglyiOXSTpPC+iAjAKftbr3jpCMWynogwYnM+eSj9sHGc6wjIcDvYiygw==", "integrity": "sha512-nBF+F1rAZVCu/p7rjzgA+Yb4lfYXrpl7a6VmJrU8wF9I1CKvP/QwPNZHnOlwbTkY6dvtFIzFMSyQXbLoTQPRpA==",
"requires": { "requires": {
"pump": "^3.0.0" "pump": "^3.0.0"
} }
@ -13698,12 +13768,12 @@
} }
}, },
"react-particles-js": { "react-particles-js": {
"version": "3.2.1", "version": "3.3.0",
"resolved": "https://registry.npmjs.org/react-particles-js/-/react-particles-js-3.2.1.tgz", "resolved": "https://registry.npmjs.org/react-particles-js/-/react-particles-js-3.3.0.tgz",
"integrity": "sha512-sZ6jmwbbHQOtqsChlI7X9iee+iN4C1g9BLch2f9Ck9dvJmAaVT8/kQB1gOQLROFKIFIzQyt34gXzrI7ZNwNspQ==", "integrity": "sha512-pc9oJWEHH3UR1sJurL98TPrEWr0Yf2E8j+f8PLDpgbnQirTRqfwEvTRNJ/Ibvt6233WycCrndn6ImfL0PDEr7A==",
"requires": { "requires": {
"lodash": "^4.17.11", "lodash": "^4.17.11",
"tsparticles": "^1.13.6" "tsparticles": "^1.17.1"
} }
}, },
"react-redux": { "react-redux": {
@ -14638,11 +14708,22 @@
} }
}, },
"sha3": { "sha3": {
"version": "2.1.2", "version": "2.1.3",
"resolved": "https://registry.npmjs.org/sha3/-/sha3-2.1.2.tgz", "resolved": "https://registry.npmjs.org/sha3/-/sha3-2.1.3.tgz",
"integrity": "sha512-agYUtkzMsdFTQkM3ECyt6YW0552fyEb0tYZkl7olurS1Vg2Ms5+2SdF4VFPC1jnwtiXMb8b0fSyuAGZh+q2mAw==", "integrity": "sha512-Io53D4o9qOmf3Ow9p/DoGLQiQHhtuR0ulbyambvRSG+OX5yXExk2yYfvjHtb7AtOyk6K6+sPeK/qaowWc/E/GA==",
"requires": { "requires": {
"buffer": "5.5.0" "buffer": "5.6.0"
},
"dependencies": {
"buffer": {
"version": "5.6.0",
"resolved": "https://registry.npmjs.org/buffer/-/buffer-5.6.0.tgz",
"integrity": "sha512-/gDYp/UtU0eA1ys8bOs9J6a+E/KWIY+DZ+Q2WESNUA0jFRsJOc0SNUO6xJ5SGA1xueg3NL65W6s+NY5l9cunuw==",
"requires": {
"base64-js": "^1.0.2",
"ieee754": "^1.1.4"
}
}
} }
}, },
"shallow-clone": { "shallow-clone": {
@ -14833,9 +14914,9 @@
} }
}, },
"snyk": { "snyk": {
"version": "1.361.3", "version": "1.363.0",
"resolved": "https://registry.npmjs.org/snyk/-/snyk-1.361.3.tgz", "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.363.0.tgz",
"integrity": "sha512-93SxV9WD+pN/9bGRizfoiYwfKHy5mDyTCdOYtWcVbTFMi7Gf+I4Q5YprunHBTeJLLh0+qsD6l77QBo9GiYyiaA==", "integrity": "sha512-hFmVOcMOEgAlEUcag65ZoFRvJufwB0Z8yUOKqyjWODiyeyW+eAxkUcIjVNuMjamxdXQHVJU78Tdq5Y7moI380g==",
"requires": { "requires": {
"@snyk/cli-interface": "2.8.0", "@snyk/cli-interface": "2.8.0",
"@snyk/dep-graph": "1.18.3", "@snyk/dep-graph": "1.18.3",
@ -14861,7 +14942,7 @@
"semver": "^6.0.0", "semver": "^6.0.0",
"snyk-config": "3.1.0", "snyk-config": "3.1.0",
"snyk-docker-plugin": "3.13.1", "snyk-docker-plugin": "3.13.1",
"snyk-go-plugin": "1.14.2", "snyk-go-plugin": "1.16.0",
"snyk-gradle-plugin": "3.5.1", "snyk-gradle-plugin": "3.5.1",
"snyk-module": "3.1.0", "snyk-module": "3.1.0",
"snyk-mvn-plugin": "2.17.1", "snyk-mvn-plugin": "2.17.1",
@ -15027,17 +15108,61 @@
} }
}, },
"snyk-go-plugin": { "snyk-go-plugin": {
"version": "1.14.2", "version": "1.16.0",
"resolved": "https://registry.npmjs.org/snyk-go-plugin/-/snyk-go-plugin-1.14.2.tgz", "resolved": "https://registry.npmjs.org/snyk-go-plugin/-/snyk-go-plugin-1.16.0.tgz",
"integrity": "sha512-r/uaM3gk/RF7m/VGYswxlnA6I+kMgK3eVPsPyf7400BhqF8noh8K7v10CEg67mHA4JM0l7dZASqejr/5kKw9ZQ==", "integrity": "sha512-XNGHEFyP+pCzcqmXnj5T/1Oy6AZzm2WkTSuUpohWQ/09ecMRCCv2yrr/kwMQemrKN4+7CoJS/9xfm3GnNlzVHA==",
"requires": { "requires": {
"@snyk/dep-graph": "1.19.3",
"@snyk/graphlib": "2.1.9-patch", "@snyk/graphlib": "2.1.9-patch",
"debug": "^4.1.1", "debug": "^4.1.1",
"snyk-go-parser": "1.4.1", "snyk-go-parser": "1.4.1",
"tmp": "0.1.0", "tmp": "0.2.0",
"tslib": "^1.10.0" "tslib": "^1.10.0"
}, },
"dependencies": { "dependencies": {
"@snyk/dep-graph": {
"version": "1.19.3",
"resolved": "https://registry.npmjs.org/@snyk/dep-graph/-/dep-graph-1.19.3.tgz",
"integrity": "sha512-WJLUFKBokoFK5imi0t8Dkyj+uqtS/5Ziuf4oE/OOFX30UqP1ffMDkv9/3sqBJQVQ9FjdgsX3Cm8JZMtMlYRc6w==",
"requires": {
"@snyk/graphlib": "2.1.9-patch.2",
"lodash.isequal": "^4.5.0",
"object-hash": "^2.0.3",
"semver": "^6.0.0",
"source-map-support": "^0.5.19",
"tslib": "^1.13.0"
},
"dependencies": {
"@snyk/graphlib": {
"version": "2.1.9-patch.2",
"resolved": "https://registry.npmjs.org/@snyk/graphlib/-/graphlib-2.1.9-patch.2.tgz",
"integrity": "sha512-BjJzOXDNzoEMBOjSks7vadu5f0c39SeorJMi9vUvvWM5dcE22CZqcN9VMRW5DYTifUJiCWszkm5TOyfYfB0bfg==",
"requires": {
"lodash.clone": "^4.5.0",
"lodash.constant": "^3.0.0",
"lodash.filter": "^4.6.0",
"lodash.foreach": "^4.5.0",
"lodash.has": "^4.5.2",
"lodash.isarray": "^4.0.0",
"lodash.isempty": "^4.4.0",
"lodash.isfunction": "^3.0.9",
"lodash.isundefined": "^3.0.1",
"lodash.keys": "^4.2.0",
"lodash.map": "^4.6.0",
"lodash.reduce": "^4.6.0",
"lodash.size": "^4.2.0",
"lodash.transform": "^4.6.0",
"lodash.union": "^4.6.0",
"lodash.values": "^4.3.0"
}
},
"tslib": {
"version": "1.13.0",
"resolved": "https://registry.npmjs.org/tslib/-/tslib-1.13.0.tgz",
"integrity": "sha512-i/6DQjL8Xf3be4K/E6Wgpekn5Qasl1usyw++dAA35Ue5orEn65VIxOA+YvNNl9HV3qv70T7CNwjODHZrLwvd1Q=="
}
}
},
"debug": { "debug": {
"version": "4.1.1", "version": "4.1.1",
"resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz",
@ -15051,12 +15176,25 @@
"resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
"integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
}, },
"tmp": { "rimraf": {
"version": "0.1.0", "version": "3.0.2",
"resolved": "https://registry.npmjs.org/tmp/-/tmp-0.1.0.tgz", "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz",
"integrity": "sha512-J7Z2K08jbGcdA1kkQpJSqLF6T0tdQqpR2pnSUXsIchbPdTI9v3e85cLW0d6WDhwuAleOV71j2xWs8qMPfK7nKw==", "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==",
"requires": { "requires": {
"rimraf": "^2.6.3" "glob": "^7.1.3"
}
},
"semver": {
"version": "6.3.0",
"resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz",
"integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw=="
},
"tmp": {
"version": "0.2.0",
"resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.0.tgz",
"integrity": "sha512-spsb5g6EiPmteS5TcOAECU3rltCMDMp4VMU2Sb0+WttN4qGobEkMAd+dkr1cubscN08JGNDX765dPbGImbG7MQ==",
"requires": {
"rimraf": "^3.0.0"
} }
} }
} }
@ -15149,9 +15287,9 @@
} }
}, },
"tslib": { "tslib": {
"version": "2.0.0", "version": "2.0.1",
"resolved": "https://registry.npmjs.org/tslib/-/tslib-2.0.0.tgz", "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.0.1.tgz",
"integrity": "sha512-lTqkx847PI7xEDYJntxZH89L2/aXInsyF2luSafe/+0fHOMjlBNXdH6th7f70qxLDhul7KZK0zC8V5ZIyHl0/g==" "integrity": "sha512-SgIkNheinmEBgx1IUNirK0TUD4X9yjjBRTqqjggWCU3pUEqIk3/Uwl3yRixYKT6WjQuGiwDv4NomL3wqRCj+CQ=="
} }
} }
}, },
@ -16941,18 +17079,18 @@
"integrity": "sha512-tTSkux6IGPnUGUd1XAZHcpu85MOkIl5zX49pO+jfsie3eP0B6pyhOlLXm3cAC6T7s+euSDDUUV+Acop5WmtkVg==" "integrity": "sha512-tTSkux6IGPnUGUd1XAZHcpu85MOkIl5zX49pO+jfsie3eP0B6pyhOlLXm3cAC6T7s+euSDDUUV+Acop5WmtkVg=="
}, },
"tsparticles": { "tsparticles": {
"version": "1.15.2", "version": "1.17.7",
"resolved": "https://registry.npmjs.org/tsparticles/-/tsparticles-1.15.2.tgz", "resolved": "https://registry.npmjs.org/tsparticles/-/tsparticles-1.17.7.tgz",
"integrity": "sha512-7jzJJdd3kypce3QQryJtoULqw9O05WyG8wsqqOU1a3Xvt+eRdBpwOVUnjV6NDrMqYjPHBW9/vmb0ppH1tfTmiQ==", "integrity": "sha512-+9b0YplbE38WPxWAMwYQ6+VLZ4LsDG8N3RAPx8ezwsi0IfR1ZEirfuHOUoYv3KfPMpmJOxf0F4jAFcq47uwyMA==",
"requires": { "requires": {
"pathseg": "^1.2.0", "pathseg": "^1.2.0",
"tslib": "^2.0.0" "tslib": "^2.0.0"
}, },
"dependencies": { "dependencies": {
"tslib": { "tslib": {
"version": "2.0.0", "version": "2.0.1",
"resolved": "https://registry.npmjs.org/tslib/-/tslib-2.0.0.tgz", "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.0.1.tgz",
"integrity": "sha512-lTqkx847PI7xEDYJntxZH89L2/aXInsyF2luSafe/+0fHOMjlBNXdH6th7f70qxLDhul7KZK0zC8V5ZIyHl0/g==" "integrity": "sha512-SgIkNheinmEBgx1IUNirK0TUD4X9yjjBRTqqjggWCU3pUEqIk3/Uwl3yRixYKT6WjQuGiwDv4NomL3wqRCj+CQ=="
} }
} }
}, },
@ -18052,9 +18190,9 @@
"integrity": "sha1-+OGqHuWlPsW/FR/6CXQqatdpeHY=" "integrity": "sha1-+OGqHuWlPsW/FR/6CXQqatdpeHY="
}, },
"windows-release": { "windows-release": {
"version": "3.3.1", "version": "3.3.3",
"resolved": "https://registry.npmjs.org/windows-release/-/windows-release-3.3.1.tgz", "resolved": "https://registry.npmjs.org/windows-release/-/windows-release-3.3.3.tgz",
"integrity": "sha512-Pngk/RDCaI/DkuHPlGTdIkDiTAnAkyMjoQMZqRsxydNl1qGXNIoZrB7RK8g53F2tEgQBMqQJHQdYZuQEEAu54A==", "integrity": "sha512-OSOGH1QYiW5yVor9TtmXKQvt2vjQqbYS+DqmsZw+r7xDwLXEeT3JGW0ZppFmHx4diyXmxt238KFR3N9jzevBRg==",
"requires": { "requires": {
"execa": "^1.0.0" "execa": "^1.0.0"
} }

View File

@ -74,7 +74,7 @@
"file-saver": "^2.0.2", "file-saver": "^2.0.2",
"filepond": "^4.18.0", "filepond": "^4.18.0",
"jwt-decode": "^2.2.0", "jwt-decode": "^2.2.0",
"lodash": "^4.17.15", "lodash": "^4.17.20",
"marked": "^1.1.1", "marked": "^1.1.1",
"normalize.css": "^8.0.0", "normalize.css": "^8.0.0",
"npm": "^6.14.7", "npm": "^6.14.7",
@ -96,7 +96,7 @@
"react-hot-loader": "^4.12.20", "react-hot-loader": "^4.12.20",
"react-json-tree": "^0.11.2", "react-json-tree": "^0.11.2",
"react-jsonschema-form-bs4": "^1.7.1", "react-jsonschema-form-bs4": "^1.7.1",
"react-particles-js": "^3.2.1", "react-particles-js": "^3.3.0",
"react-redux": "^5.1.2", "react-redux": "^5.1.2",
"react-router-dom": "^4.3.1", "react-router-dom": "^4.3.1",
"react-spinners": "^0.9.0", "react-spinners": "^0.9.0",
@ -104,8 +104,8 @@
"react-toggle": "^4.1.1", "react-toggle": "^4.1.1",
"react-tooltip-lite": "^1.12.0", "react-tooltip-lite": "^1.12.0",
"redux": "^4.0.4", "redux": "^4.0.4",
"sha3": "^2.0.7", "sha3": "^2.1.3",
"snyk": "^1.361.3" "snyk": "^1.363.0"
}, },
"snyk": true "snyk": true
} }

View File

@ -23,7 +23,7 @@ function aggregateShellStartupPba(results) {
failedOutputs += results[i].result[0]; failedOutputs += results[i].result[0];
} }
} }
if(aggregatedPbaResult === undefined) return; if(aggregatedPbaResult === undefined) return results;
results = results.filter(result => result.name !== SHELL_STARTUP_NAME); results = results.filter(result => result.name !== SHELL_STARTUP_NAME);
aggregatedPbaResult.result[0] = successfulOutputs + failedOutputs; aggregatedPbaResult.result[0] = successfulOutputs + failedOutputs;