Mike Salvatore
3db3df8bae
BB: Add a TODO about parse_log()
2022-10-01 19:21:54 -04:00
vakarisz
26a5b4cf4d
BB: Delete "skip_powershell_reuse" mark
...
Not sure why we would want to skip this test specifically
2022-09-27 17:28:12 +03:00
vakarisz
164c0d6127
BB: Add network diagram for powershell credential reuse test
2022-09-27 17:11:08 +03:00
vakarisz
85c101aff9
BB: Remove 46 from depth 3 test suite as it's reserved for credential reuse
2022-09-27 17:06:39 +03:00
vakarisz
031a0ab426
BB: Change powershell credential reuse test to a dedicated machine
...
Island shouldn't be part of the test, so powershell credential reuse was moved to powershell 46(exploited via log4shell) and powershell 44(exploited via credential reuse from powershell 46)
2022-09-27 17:06:39 +03:00
VakarisZ
9823301c3b
Merge pull request #2348 from guardicore/2299-rename-local-network-scan
...
Island: Rename local_network_scan
2022-09-27 16:00:36 +03:00
Shreya Malviya
688a41a11e
BB: Rename local_network_scan -> scan_my_networks in test_configurations/noop.py
2022-09-27 16:32:09 +05:30
vakarisz
b11cd9c5f1
Island: Remove agent controls
...
Agent controls are being replaced by agent signal events
2022-09-23 12:56:13 -04:00
Shreya Malviya
6174e8dfcb
BB: '/api/terminate-all-agents' -> '/api/agent-signals/terminate-all-agents'
2022-09-23 12:54:49 -04:00
Shreya Malviya
c586623b8b
BB: '/api/agent-signals/terminate-all' -> '/api/terminate-all-agents'
2022-09-23 12:54:49 -04:00
Shreya Malviya
1632d8b3e9
BB: 'kill_time' -> 'terminate_time'
2022-09-23 12:54:49 -04:00
Shreya Malviya
263fff28f3
BB: Use /api/agent-signals/terminate-all instead of /api/monkey-control/stop-all-agents
2022-09-23 12:54:49 -04:00
ilija-lazoroski
18ceb6c279
Merge pull request #2322 from guardicore/2181-credential-reuse-ete
...
2181 credential reuse ete
2022-09-21 13:58:12 +02:00
Ilija Lazoroski
3af38d7841
BB: Fix some minor configuration issue in CredentialsReuse
2022-09-20 18:06:12 +02:00
Ilija Lazoroski
a2b8fceb28
BB: Add new CredentialReuse machines info to the Docs
2022-09-20 17:52:24 +02:00
Ilija Lazoroski
246c78e8c1
BB: Add the new machine to the Terraform scripts
2022-09-20 17:52:00 +02:00
Ilija Lazoroski
07d1062b80
BB: Add CredentialsReuse machines to test_machine_list
2022-09-20 17:51:39 +02:00
Ilija Lazoroski
6c11eb2a6b
BB: Add new EtE test that reuses stolen ssh key to exploit a machine
...
Island --(password)--> A --(password)--> B --(A's SSH key)--> C
2022-09-20 17:49:55 +02:00
Ilija Lazoroski
c13dcf464c
BB: Export Credentials reuse with ssh key test configuration from
...
__init__
2022-09-20 17:49:01 +02:00
Ilija Lazoroski
a9bec168b1
BB: Add Credentials Reuse with ssh key test configuration
2022-09-20 17:48:30 +02:00
Kekoa Kaaikala
f635c2cd5f
BB: Removed unneccessary logs from ZerologonAnalyzer
2022-09-20 15:32:18 +00:00
Ilija Lazoroski
0c6997c147
BB: Get the secret value from credentials in ZerologonAnalyzer
2022-09-19 15:52:04 +02:00
Ilija Lazoroski
547c9f7028
BB: Fix tunneling ToC in documentation
2022-09-16 16:41:26 +02:00
Ilija Lazoroski
95741acdf4
BB: Shorten import of depth_4_a_test_configuration
2022-09-16 16:37:00 +02:00
Ilija Lazoroski
ecbee6a3cb
BB: Fix tunneling-13 ip address in the test_configuration
2022-09-16 16:36:26 +02:00
Ilija Lazoroski
8df35e0107
BB: Export depth_4_a_test_configuration from __init__
2022-09-16 16:35:54 +02:00
Ilija Lazoroski
b50725b939
BB: Change zone of Depth4 machines
2022-09-16 15:36:11 +02:00
Shreya Malviya
75dddb0861
BB: Remove usage of CredentialComponentType in Zerologon analyzer
2022-09-15 14:07:18 +05:30
Shreya Malviya
cf48189a07
BB: Use keyword parameters when creating Username/Password/NTHash objects
2022-09-15 14:00:14 +05:30
Shreya Malviya
f57dad05c1
BB: Use keyword parameters when creating Credentials objects
2022-09-15 13:55:49 +05:30
vakarisz
bc6da3d402
BB: Add documentation about changes to tunneling-11
2022-09-14 12:13:36 +03:00
vakarisz
c281666504
BB: Remove tunneling-12 from depth-3
2022-09-14 12:10:06 +03:00
vakarisz
7a33802b7c
BB: Add tunneling machines to the list of depth 3 test
2022-09-14 12:06:46 +03:00
Kekoa Kaaikala
e7bb5ce535
BB: Add interface to tunneling-11
2022-09-13 19:52:04 +00:00
Kekoa Kaaikala
b865c13a3b
BB: Revert depth_3_a test
2022-09-13 19:45:57 +00:00
vakarisz
c756c7ace2
BB: Add tunneling test diagrams
2022-09-09 17:51:37 +03:00
vakarisz
72c76319d1
BB: Move tunneling to depth 4a test suite
2022-09-08 16:58:14 +03:00
vakarisz
b6588925e2
BB: Add tunneling-13 machine
2022-09-08 16:56:32 +03:00
Mike Salvatore
646b3a1b46
BB: Add `simplify=True` to Credentials serialization
2022-09-07 11:48:33 +00:00
vakaris_zilius
472ca382f1
Island, BB: Fix credential conversion to dict bugs
2022-09-07 11:48:32 +00:00
vakarisz
d73cbee591
Agent, Island: Use pydantic credentials and methods
...
Since the interface of credential serialization changed, code was modified to use the new interface
2022-09-07 11:47:56 +00:00
Mike Salvatore
ce6d5cc705
BB: Add contained type to _propagation_credentials type hint
2022-09-06 10:10:08 -04:00
Ilija Lazoroski
eee6291a3e
BB: Set deep copy when copying agent_configuration
2022-09-06 15:49:02 +02:00
Ilija Lazoroski
b5bd0532b7
BB: Fix type annotation in noop_test_configuration
2022-09-06 15:41:54 +02:00
Shreya Malviya
c985337df0
BB: Fix configuration modification logic in all test configurations since TestConfiguration is a dataclass
2022-09-02 12:05:30 +05:30
Shreya Malviya
daec8843af
BB: Use positional arguments for PluginConfiguration object creation where missed in depth_1_a.py
2022-09-02 12:05:30 +05:30
Shreya Malviya
6cf62d48cb
BB: Use `replace_agent_configuration()` and `replace_propagation_credentials()` for all test configuration modifications
2022-09-02 12:05:30 +05:30
Shreya Malviya
2352bb0d5e
BB: Fix configuration modification logic in zerologon.py
2022-09-02 12:05:30 +05:30
Shreya Malviya
ad6449507d
BB: Fix configuration modification logic in wmi_mimikatz.py
2022-09-02 12:05:30 +05:30
Shreya Malviya
a0d0f127f9
BB: Fix configuration modification logic in smb_pth.py
2022-09-02 12:05:30 +05:30