Kekoa Kaaikala
57b4ec4117
BB: Refactor agent communication check
...
Updated CommunicationAnalyzer to use the /api/agents and /api/machines
endpoints to determine whether or not an agent communicated back to the
island.
Resolves PR #2388
2022-10-03 14:28:22 -04:00
Mike Salvatore
d922d71081
BB: Add error message when machine is missing interfaces
2022-10-03 10:14:48 -04:00
Mike Salvatore
378e8d55ff
BB: Add type hints to MonkeyLogsDownloader.__init__()
2022-10-03 07:54:36 -04:00
Mike Salvatore
477e80bfba
BB: Remove disused MonkeyIslandClient.find_log_in_db()
2022-10-03 07:52:40 -04:00
Mike Salvatore
fc24d80410
BB: Change agent log file name
...
Use underscores to improve readability
2022-10-03 07:51:40 -04:00
Mike Salvatore
e369ef2933
BB: Remove disused MonkeyLog
2022-10-02 16:57:58 -04:00
Mike Salvatore
6a783d9c3e
BB: Use threading to download logs
...
Reduces time to download logs by approx. 40%, but may be unnecessary
after resolving https://github.com/guardicore/monkey/issues/2383
2022-10-02 16:57:56 -04:00
Mike Salvatore
e4155648c1
BB: Download agent logs from new endpoints
2022-10-02 14:23:01 -04:00
Mike Salvatore
c706466cdd
BB: Add MonkeyIslandClient.get_agent_log()
2022-10-02 14:21:05 -04:00
Mike Salvatore
99c2c5c6ef
BB: Add MonkeyIslandClient.get_machines()
2022-10-02 14:20:49 -04:00
Mike Salvatore
b335601a05
BB: Add MonkeyIslandClient.get_agents()
2022-10-02 14:20:30 -04:00
Mike Salvatore
3db3df8bae
BB: Add a TODO about parse_log()
2022-10-01 19:21:54 -04:00
vakarisz
26a5b4cf4d
BB: Delete "skip_powershell_reuse" mark
...
Not sure why we would want to skip this test specifically
2022-09-27 17:28:12 +03:00
vakarisz
164c0d6127
BB: Add network diagram for powershell credential reuse test
2022-09-27 17:11:08 +03:00
vakarisz
85c101aff9
BB: Remove 46 from depth 3 test suite as it's reserved for credential reuse
2022-09-27 17:06:39 +03:00
vakarisz
031a0ab426
BB: Change powershell credential reuse test to a dedicated machine
...
Island shouldn't be part of the test, so powershell credential reuse was moved to powershell 46(exploited via log4shell) and powershell 44(exploited via credential reuse from powershell 46)
2022-09-27 17:06:39 +03:00
VakarisZ
9823301c3b
Merge pull request #2348 from guardicore/2299-rename-local-network-scan
...
Island: Rename local_network_scan
2022-09-27 16:00:36 +03:00
Shreya Malviya
688a41a11e
BB: Rename local_network_scan -> scan_my_networks in test_configurations/noop.py
2022-09-27 16:32:09 +05:30
vakarisz
b11cd9c5f1
Island: Remove agent controls
...
Agent controls are being replaced by agent signal events
2022-09-23 12:56:13 -04:00
Shreya Malviya
6174e8dfcb
BB: '/api/terminate-all-agents' -> '/api/agent-signals/terminate-all-agents'
2022-09-23 12:54:49 -04:00
Shreya Malviya
c586623b8b
BB: '/api/agent-signals/terminate-all' -> '/api/terminate-all-agents'
2022-09-23 12:54:49 -04:00
Shreya Malviya
1632d8b3e9
BB: 'kill_time' -> 'terminate_time'
2022-09-23 12:54:49 -04:00
Shreya Malviya
263fff28f3
BB: Use /api/agent-signals/terminate-all instead of /api/monkey-control/stop-all-agents
2022-09-23 12:54:49 -04:00
ilija-lazoroski
18ceb6c279
Merge pull request #2322 from guardicore/2181-credential-reuse-ete
...
2181 credential reuse ete
2022-09-21 13:58:12 +02:00
Ilija Lazoroski
3af38d7841
BB: Fix some minor configuration issue in CredentialsReuse
2022-09-20 18:06:12 +02:00
Ilija Lazoroski
a2b8fceb28
BB: Add new CredentialReuse machines info to the Docs
2022-09-20 17:52:24 +02:00
Ilija Lazoroski
246c78e8c1
BB: Add the new machine to the Terraform scripts
2022-09-20 17:52:00 +02:00
Ilija Lazoroski
07d1062b80
BB: Add CredentialsReuse machines to test_machine_list
2022-09-20 17:51:39 +02:00
Ilija Lazoroski
6c11eb2a6b
BB: Add new EtE test that reuses stolen ssh key to exploit a machine
...
Island --(password)--> A --(password)--> B --(A's SSH key)--> C
2022-09-20 17:49:55 +02:00
Ilija Lazoroski
c13dcf464c
BB: Export Credentials reuse with ssh key test configuration from
...
__init__
2022-09-20 17:49:01 +02:00
Ilija Lazoroski
a9bec168b1
BB: Add Credentials Reuse with ssh key test configuration
2022-09-20 17:48:30 +02:00
Kekoa Kaaikala
f635c2cd5f
BB: Removed unneccessary logs from ZerologonAnalyzer
2022-09-20 15:32:18 +00:00
Ilija Lazoroski
0c6997c147
BB: Get the secret value from credentials in ZerologonAnalyzer
2022-09-19 15:52:04 +02:00
Ilija Lazoroski
547c9f7028
BB: Fix tunneling ToC in documentation
2022-09-16 16:41:26 +02:00
Ilija Lazoroski
95741acdf4
BB: Shorten import of depth_4_a_test_configuration
2022-09-16 16:37:00 +02:00
Ilija Lazoroski
ecbee6a3cb
BB: Fix tunneling-13 ip address in the test_configuration
2022-09-16 16:36:26 +02:00
Ilija Lazoroski
8df35e0107
BB: Export depth_4_a_test_configuration from __init__
2022-09-16 16:35:54 +02:00
Ilija Lazoroski
b50725b939
BB: Change zone of Depth4 machines
2022-09-16 15:36:11 +02:00
Shreya Malviya
75dddb0861
BB: Remove usage of CredentialComponentType in Zerologon analyzer
2022-09-15 14:07:18 +05:30
Shreya Malviya
cf48189a07
BB: Use keyword parameters when creating Username/Password/NTHash objects
2022-09-15 14:00:14 +05:30
Shreya Malviya
f57dad05c1
BB: Use keyword parameters when creating Credentials objects
2022-09-15 13:55:49 +05:30
vakarisz
bc6da3d402
BB: Add documentation about changes to tunneling-11
2022-09-14 12:13:36 +03:00
vakarisz
c281666504
BB: Remove tunneling-12 from depth-3
2022-09-14 12:10:06 +03:00
vakarisz
7a33802b7c
BB: Add tunneling machines to the list of depth 3 test
2022-09-14 12:06:46 +03:00
Kekoa Kaaikala
e7bb5ce535
BB: Add interface to tunneling-11
2022-09-13 19:52:04 +00:00
Kekoa Kaaikala
b865c13a3b
BB: Revert depth_3_a test
2022-09-13 19:45:57 +00:00
vakarisz
c756c7ace2
BB: Add tunneling test diagrams
2022-09-09 17:51:37 +03:00
vakarisz
72c76319d1
BB: Move tunneling to depth 4a test suite
2022-09-08 16:58:14 +03:00
vakarisz
b6588925e2
BB: Add tunneling-13 machine
2022-09-08 16:56:32 +03:00
Mike Salvatore
646b3a1b46
BB: Add `simplify=True` to Credentials serialization
2022-09-07 11:48:33 +00:00