Commit Graph

4383 Commits

Author SHA1 Message Date
VakarisZ 70ec513f51 Added logging to the ZeroLogon analyzer 2021-03-08 13:10:14 +02:00
VakarisZ b43f669081 Bugfix: removed unneeded exploitation test run in ZeroLogon BB test 2021-03-08 12:35:31 +02:00
VakarisZ 44f6ce36b6 Fixed credentials in zerologon exploiter to match. 2021-03-08 12:05:00 +02:00
VakarisZ 263fa53ea5 Added an endpoint on the island for telemetry tests. This allows for tests like blackbox tests to send queries and check whether a certain telemetry is in the database or not 2021-03-08 11:13:31 +02:00
VakarisZ f6b0682297 Added ZeroLogon test to the BlackBox infrastructure. 2021-03-08 11:07:24 +02:00
VakarisZ 3f687f6aea Moved common config value paths to common 2021-03-08 11:06:18 +02:00
VakarisZ 3848dbeb32 Fixed a bug in configuration generation for BB tests. Bug was related to incorrect references 2021-03-05 10:50:55 +02:00
VakarisZ 8de21df309
Merge pull request #1015 from guardicore/release_crypto_package_requirement
Fixed cryptography requirement
2021-03-04 11:25:09 +02:00
VakarisZ 9fb0a5628d Fixed cryptography requirement for infection monkey, latest one doesn't have a pre-built wheel 2021-03-04 10:46:05 +02:00
Mike Salvatore 5bdb526db3
Merge pull request #1013 from guardicore/scoutsuite_docs
Scoutsuite docs
2021-03-03 11:51:29 -05:00
Mike Salvatore 2ff84c9dc8 docs: s/color coated/color coded/ 2021-03-03 11:50:50 -05:00
VakarisZ aacedc2e66 Improved phrasing in the scoutsuite documentation 2021-03-03 17:03:52 +02:00
Mike Salvatore bcc462ee94
Merge pull request #1004 from shreyamalviya/bugfix-incorrect-host-in-stolen-creds-report
Show exploited machine name under "Stolen From" in stolen credentials section
2021-03-03 09:19:55 -05:00
Shreya 243e077687 Remove accidental debug statement 2021-03-03 18:59:47 +05:30
VakarisZ c9552f9f44 Improved scoutsuite documentation: fixed incorrect description, added more screenshots and improved phrasing 2021-03-03 15:23:24 +02:00
Mike Salvatore d60ce37c5d cc: use fresh mongomock in each report test 2021-03-03 08:22:32 -05:00
VakarisZ 243b783a7e Moved scoutsuite docs to integrations from references 2021-03-03 14:37:31 +02:00
Shreya d772760ace Add unit tests for get_stolen_creds() 2021-03-03 17:08:36 +05:30
Shreya eecee86d92 Remove preceeding underscore from variables 2021-03-03 15:09:01 +05:30
Shreya 8d2e530eaa Show IP if domain name isn't available 2021-03-03 15:09:01 +05:30
Shreya 1528b00a1b Change origin of creds stolen using exploits from host machine to exploited machine 2021-03-03 15:09:01 +05:30
VakarisZ eb41376f53
Merge pull request #1014 from guardicore/scoutsuite_submodule_retargetting
Re-targeted scoutsuite submodule to use latest commit
2021-03-03 11:33:06 +02:00
VakarisZ 2dc9c26a7c Re-targeted scoutsuite submodule to use our branch 2021-03-03 11:25:49 +02:00
VakarisZ cb60b8dbd2 Removed unused Badge component import from ScoutSuiteRuleButton.js 2021-03-03 11:24:21 +02:00
VakarisZ 6b52d4931e Added ScoutSuite documentation to documentation hub 2021-03-03 10:59:14 +02:00
VakarisZ 5987cee226 Improved scoutsuite rule display by giving resource path more space. 2021-03-03 10:24:12 +02:00
VakarisZ 719c90e9b3 Removed unimportant AWS info present in screenshots 2021-03-03 10:23:11 +02:00
Mike Salvatore 05f39f301f
Merge pull request #1011 from guardicore/blackbox_config_auto_generation
Blackbox config auto generation
2021-03-02 12:08:46 -05:00
Mike Salvatore 875027d3f3 ui: replace double with single quotes in SecurityReport.js 2021-03-02 12:08:03 -05:00
VakarisZ 5837240107 Refactored tests to use the new configuration parser 2021-03-02 15:23:27 +02:00
VakarisZ aaab827e32 Refactored configuration parser to pull configs, apply template and submit them instead of loading configs from file. 2021-03-02 15:23:27 +02:00
VakarisZ 8ca72bbf31 Simplified test configuration templates even more and removed old and outdated configuration files 2021-03-02 15:23:23 +02:00
VakarisZ edc8fff0a7 Extracted relevant config parameters for each BB test and made templates from those 2021-03-02 15:20:17 +02:00
VakarisZ b652e0d851
Merge pull request #983 from shreyamalviya/bugfix-run-monkey-manual-ignores-configured-ip
Show only configured IPs for Run Monkey -> Manual page
2021-03-02 14:15:39 +02:00
Mike Salvatore 1b73c56d67
Merge pull request #998 from guardicore/zerologon-password-reset-warning
Zerologon password reset warning
2021-03-02 07:01:03 -05:00
Mike Salvatore 60395a8509
Merge pull request #1006 from guardicore/attack-config-unsafe-warning
Attack config unsafe warning
2021-03-02 06:37:17 -05:00
Shreya 5f66a99f30 Consider non-threat issues when calculating threat count 2021-03-02 14:53:17 +05:30
Shreya 6babcd099a Change warning order and phrasing in report 2021-03-02 13:02:56 +05:30
VakarisZ 89907d133e Improved warning icon display style in the overview 2021-03-02 09:09:25 +02:00
Mike Salvatore a152da02d2 ui: show warning when unsafe ATT&CK configuration is submitted 2021-03-01 12:00:05 -05:00
Mike Salvatore 4d4a01b6a2 ui: resolve race condition in ATT&CK configuration page 2021-03-01 11:57:59 -05:00
Mike Salvatore ac530b2555 cc: reword zerologon exploiter class info 2021-03-01 10:35:04 -05:00
VakarisZ 9e3fe03ce1 Replace double quotes with single quotes in SecurityReport.js 2021-03-01 10:27:56 -05:00
VakarisZ 9171ed8190 Minor formatting improvements in SecurityReport.js 2021-03-01 10:27:56 -05:00
VakarisZ e49b7b85cc Improved formatting and link styles in SecurityReport.js 2021-03-01 10:27:56 -05:00
VakarisZ 8eeed20f7e Changed zerologon links to be more consistent and have a style 2021-03-01 10:27:56 -05:00
VakarisZ b3e9922d0f Changed the logic of zerologon password restoration issue overview to be more consistent with the function of issue map. 2021-03-01 10:27:56 -05:00
Mike Salvatore cfaf4a15c3
Merge pull request #1000 from guardicore/unsafe-options-confirmation
Unsafe options confirmation
2021-03-01 10:25:28 -05:00
Mike Salvatore 5050f33f1a ui: add missing semicolons to ConfigurePage.js 2021-03-01 10:14:08 -05:00
Shreya 7b0f35b8a4 Add comment to unit tests, specifying where else changes need to be made 2021-03-01 18:00:52 +05:30