Commit Graph

449 Commits

Author SHA1 Message Date
Mike Salvatore 3db3df8bae BB: Add a TODO about parse_log() 2022-10-01 19:21:54 -04:00
vakarisz 26a5b4cf4d BB: Delete "skip_powershell_reuse" mark
Not sure why we would want to skip this test specifically
2022-09-27 17:28:12 +03:00
vakarisz 164c0d6127 BB: Add network diagram for powershell credential reuse test 2022-09-27 17:11:08 +03:00
vakarisz 85c101aff9 BB: Remove 46 from depth 3 test suite as it's reserved for credential reuse 2022-09-27 17:06:39 +03:00
vakarisz 031a0ab426 BB: Change powershell credential reuse test to a dedicated machine
Island shouldn't be part of the test, so powershell credential reuse was moved to powershell 46(exploited via log4shell) and powershell 44(exploited via credential reuse from powershell 46)
2022-09-27 17:06:39 +03:00
VakarisZ 9823301c3b
Merge pull request #2348 from guardicore/2299-rename-local-network-scan
Island: Rename local_network_scan
2022-09-27 16:00:36 +03:00
Shreya Malviya 688a41a11e BB: Rename local_network_scan -> scan_my_networks in test_configurations/noop.py 2022-09-27 16:32:09 +05:30
vakarisz b11cd9c5f1 Island: Remove agent controls
Agent controls are being replaced by agent signal events
2022-09-23 12:56:13 -04:00
Shreya Malviya 6174e8dfcb BB: '/api/terminate-all-agents' -> '/api/agent-signals/terminate-all-agents' 2022-09-23 12:54:49 -04:00
Shreya Malviya c586623b8b BB: '/api/agent-signals/terminate-all' -> '/api/terminate-all-agents' 2022-09-23 12:54:49 -04:00
Shreya Malviya 1632d8b3e9 BB: 'kill_time' -> 'terminate_time' 2022-09-23 12:54:49 -04:00
Shreya Malviya 263fff28f3 BB: Use /api/agent-signals/terminate-all instead of /api/monkey-control/stop-all-agents 2022-09-23 12:54:49 -04:00
ilija-lazoroski 18ceb6c279
Merge pull request #2322 from guardicore/2181-credential-reuse-ete
2181 credential reuse ete
2022-09-21 13:58:12 +02:00
Ilija Lazoroski 3af38d7841 BB: Fix some minor configuration issue in CredentialsReuse 2022-09-20 18:06:12 +02:00
Ilija Lazoroski a2b8fceb28 BB: Add new CredentialReuse machines info to the Docs 2022-09-20 17:52:24 +02:00
Ilija Lazoroski 246c78e8c1 BB: Add the new machine to the Terraform scripts 2022-09-20 17:52:00 +02:00
Ilija Lazoroski 07d1062b80 BB: Add CredentialsReuse machines to test_machine_list 2022-09-20 17:51:39 +02:00
Ilija Lazoroski 6c11eb2a6b BB: Add new EtE test that reuses stolen ssh key to exploit a machine
Island --(password)--> A --(password)--> B --(A's SSH key)--> C
2022-09-20 17:49:55 +02:00
Ilija Lazoroski c13dcf464c BB: Export Credentials reuse with ssh key test configuration from
__init__
2022-09-20 17:49:01 +02:00
Ilija Lazoroski a9bec168b1 BB: Add Credentials Reuse with ssh key test configuration 2022-09-20 17:48:30 +02:00
Kekoa Kaaikala f635c2cd5f BB: Removed unneccessary logs from ZerologonAnalyzer 2022-09-20 15:32:18 +00:00
Ilija Lazoroski 0c6997c147 BB: Get the secret value from credentials in ZerologonAnalyzer 2022-09-19 15:52:04 +02:00
Ilija Lazoroski 547c9f7028 BB: Fix tunneling ToC in documentation 2022-09-16 16:41:26 +02:00
Ilija Lazoroski 95741acdf4 BB: Shorten import of depth_4_a_test_configuration 2022-09-16 16:37:00 +02:00
Ilija Lazoroski ecbee6a3cb BB: Fix tunneling-13 ip address in the test_configuration 2022-09-16 16:36:26 +02:00
Ilija Lazoroski 8df35e0107 BB: Export depth_4_a_test_configuration from __init__ 2022-09-16 16:35:54 +02:00
Ilija Lazoroski b50725b939 BB: Change zone of Depth4 machines 2022-09-16 15:36:11 +02:00
Shreya Malviya 75dddb0861 BB: Remove usage of CredentialComponentType in Zerologon analyzer 2022-09-15 14:07:18 +05:30
Shreya Malviya cf48189a07 BB: Use keyword parameters when creating Username/Password/NTHash objects 2022-09-15 14:00:14 +05:30
Shreya Malviya f57dad05c1 BB: Use keyword parameters when creating Credentials objects 2022-09-15 13:55:49 +05:30
vakarisz bc6da3d402 BB: Add documentation about changes to tunneling-11 2022-09-14 12:13:36 +03:00
vakarisz c281666504 BB: Remove tunneling-12 from depth-3 2022-09-14 12:10:06 +03:00
vakarisz 7a33802b7c BB: Add tunneling machines to the list of depth 3 test 2022-09-14 12:06:46 +03:00
Kekoa Kaaikala e7bb5ce535 BB: Add interface to tunneling-11 2022-09-13 19:52:04 +00:00
Kekoa Kaaikala b865c13a3b BB: Revert depth_3_a test 2022-09-13 19:45:57 +00:00
vakarisz c756c7ace2 BB: Add tunneling test diagrams 2022-09-09 17:51:37 +03:00
vakarisz 72c76319d1 BB: Move tunneling to depth 4a test suite 2022-09-08 16:58:14 +03:00
vakarisz b6588925e2 BB: Add tunneling-13 machine 2022-09-08 16:56:32 +03:00
Mike Salvatore 646b3a1b46 BB: Add `simplify=True` to Credentials serialization 2022-09-07 11:48:33 +00:00
vakaris_zilius 472ca382f1 Island, BB: Fix credential conversion to dict bugs 2022-09-07 11:48:32 +00:00
vakarisz d73cbee591 Agent, Island: Use pydantic credentials and methods
Since the interface of credential serialization changed, code was modified to use the new interface
2022-09-07 11:47:56 +00:00
Mike Salvatore ce6d5cc705 BB: Add contained type to _propagation_credentials type hint 2022-09-06 10:10:08 -04:00
Ilija Lazoroski eee6291a3e BB: Set deep copy when copying agent_configuration 2022-09-06 15:49:02 +02:00
Ilija Lazoroski b5bd0532b7 BB: Fix type annotation in noop_test_configuration 2022-09-06 15:41:54 +02:00
Shreya Malviya c985337df0 BB: Fix configuration modification logic in all test configurations since TestConfiguration is a dataclass 2022-09-02 12:05:30 +05:30
Shreya Malviya daec8843af BB: Use positional arguments for PluginConfiguration object creation where missed in depth_1_a.py 2022-09-02 12:05:30 +05:30
Shreya Malviya 6cf62d48cb BB: Use `replace_agent_configuration()` and `replace_propagation_credentials()` for all test configuration modifications 2022-09-02 12:05:30 +05:30
Shreya Malviya 2352bb0d5e BB: Fix configuration modification logic in zerologon.py 2022-09-02 12:05:30 +05:30
Shreya Malviya ad6449507d BB: Fix configuration modification logic in wmi_mimikatz.py 2022-09-02 12:05:30 +05:30
Shreya Malviya a0d0f127f9 BB: Fix configuration modification logic in smb_pth.py 2022-09-02 12:05:30 +05:30