p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
7,455 Commits 30 Branches 0 Tags 47 MiB
Commit Graph

7455 Commits

Author SHA1 Message Date
Shreya Malviya a234713e08 Common: Reword process list collection PBA constant 2022-02-17 16:55:29 +05:30
Mike Salvatore f526933d84 Agent: Add TODO comment regarding OS checks in credential collectors 2022-02-17 06:18:44 -05:00
Mike Salvatore 704236a16f Common: Alphabetize TelemCategoryEnum 2022-02-16 15:31:26 -05:00
Mike Salvatore cc27dc9710 Changelog: Add changelog entry for SSHCollector 2022-02-16 15:17:13 -05:00
Mike Salvatore 0880e16c54 Agent: Change ICredentialCollector interface to return Sequence 
Being able to check if the ICredentialCollector returned an empty
Sequence is useful and easier than checking for an "empty" Iterable.
 2022-02-16 15:10:38 -05:00
Mike Salvatore 3a3a5f0c9c Agent: Implement run_credential_collector() in Puppet 2022-02-16 15:01:36 -05:00
Mike Salvatore 10ee9f9e75 Agent: Do not run SSHCredentialsCollector if the OS is not Linux 2022-02-16 14:57:05 -05:00
Mike Salvatore 92ddeebd4e Island: Add SSHCollector to system info collectors 2022-02-16 14:53:13 -05:00
Mike Salvatore 2f838372b5 Common: Add SSHCollector to system info collectors 2022-02-16 14:52:51 -05:00
Mike Salvatore dd1df14b8e Agent: Make credential collector names consistent 2022-02-16 14:52:17 -05:00
Mike Salvatore c96f272919 UT: Remove linux_credentials_collector test directory 2022-02-16 14:41:04 -05:00
Mike Salvatore 86a218d82b Agent: Add SSHCredentialCollector to credential_collectors.__init__.py 2022-02-16 14:40:11 -05:00
Mike Salvatore bf27a8c8ea Agent: Do not run pypykatz if the OS is not Windows 2022-02-16 14:22:44 -05:00
Mike Salvatore 419aa6fd84 Agent: Replace SysInfo w/ Credential collectors in IMaster and IPuppet 2022-02-16 14:14:45 -05:00
Mike Salvatore 5b53984014 Agent: Fix incorrect return type on PluginRegistry.get_plugin() 2022-02-16 14:11:27 -05:00
Mike Salvatore 5953373125 Agent: Change order in i_puppet/__init__.py to prevent circular import 2022-02-16 14:03:47 -05:00
Mike Salvatore 040b37697b Agent: Add telemetry type for sending stolen credentials 2022-02-16 13:58:55 -05:00
Mike Salvatore 49f1675b38
Merge pull request #1717 from guardicore/1695-ssh-credential-collector 
1695 ssh credential collector
 2022-02-16 12:45:38 -05:00
Ilija Lazoroski 897bc11d7b Agent: Use distinct fields for SSH Keypair 2022-02-16 18:37:16 +01:00
Ilija Lazoroski 5f8e3e3d8e Agent: Use Telemetry messenger to send SSH collector telemetries 2022-02-16 18:23:29 +01:00
Ilija Lazoroski 63d632d142 Agent: Rework ssh credential collector to match credential architecture 
* Parametrize empty result unit test
* Apply small changes to ssh credential collector
 2022-02-16 17:37:12 +01:00
Ilija Lazoroski a97b8706ec Agent: Add SSH keypair credential type 2022-02-16 17:29:21 +01:00
Ilija Lazoroski b1b0840aed Agent: Rename SSH credentials collector to match class name 2022-02-16 17:28:11 +01:00
Ilija Lazoroski 3d64d0d2e4 Island: Refactor T1145 report according to the attack telemetry 2022-02-16 15:44:35 +01:00
Ilija Lazoroski 6b64b655ce Agent: Add T1145 attack telemetry 2022-02-16 15:44:35 +01:00
Ilija Lazoroski a03a5145a7 Agent: Remove known_hosts from SSH Credential Collector 
It is not used anywhere.
 2022-02-16 15:44:35 +01:00
Ilija Lazoroski e9e5e95f49 Agent, UT: Separate ssh_handler from SSH Credential Collector 
* Add different UTs based on what ssh_handler returns
* Fix logic in SSH Credential Collector
 2022-02-16 15:44:35 +01:00
Ilija Lazoroski 5aa5e33356 Agent, UT: Refactor SSH info collector to credential collector 2022-02-16 15:44:35 +01:00
Shreya Malviya 7787984f4a BB: Remove ProcessListCollector from BB config templates 2022-02-16 17:31:40 +05:30
Shreya Malviya 3017e6b250 UT: Remove references to process list collection system info collector in test data 2022-02-16 17:25:43 +05:30
Shreya Malviya 32cad45676 Island: Refactor post breach telemetry processing functions 2022-02-16 17:09:13 +05:30
Shreya Malviya 44a7b7e148 Island: Fix TODO comment in monkey_island/cc/services/telemetry/processing/post_breach.py 2022-02-16 17:09:13 +05:30
Shreya Malviya 123f0aab16 Changelog: Add entry for process list collection PBA 2022-02-16 17:09:13 +05:30
Shreya Malviya e674f9e0c0 Island: Move antivirus check for ZT report from system info processing to PBA processing 2022-02-16 17:09:10 +05:30
Shreya Malviya 9d3931c380 Island: Fix T1082's mongo query to get the right data 2022-02-16 17:06:17 +05:30
Shreya Malviya ff6fd52979 UI: Modify how process list collection PBA is shown in Security report 2022-02-16 17:06:17 +05:30
Shreya Malviya afa7d4fca4 Agent: Modify process list collection PBA to return dict of processes instead of string 2022-02-16 17:06:17 +05:30
Shreya Malviya 5ab7bc520e UI: Modify variable names in T1082.js as per changes to backend 2022-02-16 17:06:17 +05:30
Shreya Malviya 547d4fce54 Island: Modify T1082's reporting to get data from process collection PBA too 2022-02-16 17:06:17 +05:30
Shreya Malviya 417f40d62d Agent: Add TODOs in automated master and process collection list PBA 2022-02-16 17:06:17 +05:30
Shreya Malviya 7cee2e49a2 Agent: Improve exception catching logic in process list collection PBA 2022-02-16 17:06:17 +05:30
Shreya Malviya fcfa01223d Project: Remove ProcessListCollector from Vulture allowlist 2022-02-16 17:06:17 +05:30
Shreya Malviya 6ab62c6f56 Docs: Change adding system info collectors' documentation to refer to 
existing files
 2022-02-16 17:06:17 +05:30
Shreya Malviya a8059f021a Island: Change config schema for process list collection 2022-02-16 17:06:10 +05:30
Shreya Malviya 4839f099a4 Agent: Add process list collection PBA 
Instead of a system info collector, it is now a PBA.
 2022-02-16 17:02:06 +05:30
Shreya Malviya 5d01f12d45 Common: Add PBA const and remove system info collector const for process list collection 2022-02-16 17:02:01 +05:30
Mike Salvatore 976c46cf86
Merge pull request #1715 from guardicore/1695-credential-collectors 
Agent: define credential collector, credentials interfaces
 2022-02-15 14:34:47 -05:00
Mike Salvatore a9bb2dee70 Agent: Renumber the CredentialType Enum 2022-02-15 14:26:15 -05:00
Mike Salvatore 879abf3df0 Agent: Export MimikatzCredentialCollector from credential_collectors 2022-02-15 14:21:07 -05:00
Mike Salvatore 0583cab8e0 Agent: Rename mimikatz_cred_collector.py to match the class name 2022-02-15 14:17:28 -05:00