p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
3,941 Commits 30 Branches 0 Tags 47 MiB
Commit Graph

2200 Commits

Author SHA1 Message Date
Shay Nehmad 806bc91dd7 Fix page titles 2020-08-04 15:29:06 +03:00
Shay Nehmad 86364ddb8c Update Side NavBar 
Removed a useless step from the process, added link to documentation
 2020-08-04 15:03:55 +03:00
Shay Nehmad 7403bf14fa Update homepage look and feel 2020-08-04 15:03:03 +03:00
Shreya fe6cd2b076 Cleanup folder/file 2020-08-04 17:32:35 +05:30
Shreya 04eb0650cd Create $Profile if it doesn't exist 
(Runs a powershell script instead of commands like other PBAs)
 2020-08-04 17:29:28 +05:30
Shreya f30b81eec7 Remove "Public" from USERS in windows modify shell startup PBA 
Otherwise it'll look for a profile.ps1 file in the Public folder too
 2020-08-04 17:29:28 +05:30
Shay Nehmad c48eef8f94
Merge branch 'release/1.9.0' into develop 2020-08-04 14:26:27 +03:00
VakarisZ e703c7c46a Merge remote-tracking branch 'upstream/hotfix/mongomock-breaking-change' into release/1.9.0 2020-08-03 17:21:52 +03:00
VakarisZ d74c3d15ca Fixed island's config.py default value setting method to handle 3 layers of nested objects 2020-08-03 11:45:31 +03:00
Shreya 51c2655e2b Shift the config variable change to the allocated function 2020-08-03 09:44:21 +03:00
Shreya f6e362b1c8 Set flask config 'JSON_SORT_KEYS' to false 2020-08-03 09:44:14 +03:00
Shreya Malviya 7d369f7399
Merge pull request #731 from shreyamalviya/modifications-T1156-T1504 
Telemetry modifications for "modify shell startup files" PBA
 2020-08-02 20:59:32 +05:30
Shay Nehmad 773a51c8b3
Merge pull request #748 from guardicore/snyk-upgrade-e016476ee14841b120e9c69733509641 
[Snyk] Upgrade react-bootstrap from 1.1.0 to 1.1.1
 2020-08-02 11:32:21 +03:00
Shay Nehmad e9939075a8 Upgrade JS packages to close vuln 
npm patch and react-bootstrap minor
 2020-08-02 11:23:47 +03:00
Shay Nehmad 698df75511 See cd034305d0 
This is a breaking change for us, for now we'll stay with the old version until we take a deeper look into this
 2020-08-01 18:10:49 +03:00
Shreya 435637ad3a Add test for `process_post_breach_telemetry()` 2020-08-01 15:59:57 +05:30
Shreya b80e504400 Shift the config variable change to the allocated function 2020-07-31 23:21:57 +05:30
Shreya f6fd93bcb1 Set flask config 'JSON_SORT_KEYS' to false 2020-07-31 22:11:39 +05:30
VakarisZ c513c2628a Fixed jwtHeader method to return "Bearer X" type header instead of "JWT X" 2020-07-30 17:26:19 +03:00
VakarisZ dc592c43fe Merge remote-tracking branch 'shreya/modifications-T1156-T1504' into release/1.9.0 2020-07-30 10:24:49 +03:00
snyk-bot 2d3e84e773 fix: upgrade react-bootstrap from 1.1.0 to 1.1.1 
Snyk has created this PR to upgrade react-bootstrap from 1.1.0 to 1.1.1.

See this package in npm:
https://www.npmjs.com/package/react-bootstrap

See this project in Snyk:
https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr
 2020-07-30 07:00:34 +00:00
VakarisZ f778ea6406 Version number bump 2020-07-30 09:35:30 +03:00
VakarisZ 10b15b3efe Merge remote-tracking branch 'shreya/modifications-T1156-T1504' into modifications-T1156-T1504 
# Conflicts:
#	monkey/monkey_island/cc/services/attack/technique_reports/T1136.py
#	monkey/monkey_island/cc/services/attack/technique_reports/T1154.py
#	monkey/monkey_island/cc/services/attack/technique_reports/T1156.py
#	monkey/monkey_island/cc/services/attack/technique_reports/T1158.py
#	monkey/monkey_island/cc/services/attack/technique_reports/T1166.py
#	monkey/monkey_island/cc/services/attack/technique_reports/T1168.py
#	monkey/monkey_island/cc/services/attack/technique_reports/T1504.py
#	monkey/monkey_island/cc/services/telemetry/processing/post_breach.py
#	monkey/monkey_island/cc/ui/src/components/report-components/security/PostBreach.js
 2020-07-29 12:52:17 +03:00
VakarisZ d37fea06d8 Grouped Shell Startup modification PBA outputs data into a single PBA 2020-07-29 12:49:51 +03:00
Shreya 6afeab003a Pass build 2020-07-29 15:02:55 +05:30
Shreya 56975acf81 Mongo query changes for T1156 and T1504 2020-07-29 14:51:00 +05:30
Shreya f378c5e896 Merge remote-tracking branch 'upstream/develop' into modifications-T1156-T1504 2020-07-29 14:23:25 +05:30
Shay Nehmad ad6c57f853 Merge branch 'develop' into snyk-upgrade-c3ce20b4990347d825b5c588ba6e2919 2020-07-29 11:12:54 +03:00
VakarisZ b96c4e0f7c
Merge pull request #717 from shreyamalviya/mitre-report-message-modifications 
ATT&CK report message modifications
 2020-07-29 10:37:45 +03:00
Shreya a30ce663c0 Delete test file for AttackTechnique 2020-07-28 21:07:56 +05:30
Shreya b0dde1eb04 Change font color for disabled technique in report matrix 2020-07-28 21:07:11 +05:30
Shreya 16e2c94037 Add decorator for checking if technique is disabled 2020-07-28 21:06:22 +05:30
Shreya 3bc9fd5040 Improve code readibility 
TODO: Add tests
 2020-07-28 17:00:35 +05:30
Shreya 4833ec906a Small CR changes 2020-07-28 17:00:35 +05:30
Shreya 5f53ea995c Pass build 2020-07-28 17:00:35 +05:30
Shreya e19c3c20eb Generate T1156 and T1504 reports via mongo query 2020-07-28 17:00:35 +05:30
Shreya a5fd87c2aa Modifications to get the telemetry feed and reports rendering properly 2020-07-28 17:00:35 +05:30
Shreya b92fe47005 Override `run()` for PBA "modify shell startup files" + assign EXECUTION_WITHOUT_OUTPUT to all relevant PBAs on the island side 2020-07-28 17:00:35 +05:30
Shreya 177b713930 Fixes 2020-07-28 17:00:35 +05:30
Shreya d391255498 Modify `run()` for "modify shell startup files" PBA 2020-07-28 17:00:35 +05:30
Shreya 6698de3edb Move data modification for PBA from frontend to backend 2020-07-28 17:00:35 +05:30
Shreya b2ef06ea01 CR changes 
- Added nested classes
- Extracted repetitive code
 2020-07-28 17:00:35 +05:30
Shreya a6e7c934f5 Manipulate PBA data to show multiple results of PBAs as separate entries in the report 2020-07-28 17:00:35 +05:30
Shreya 18e73de629 Modify logic to call PostBreachTelem.send() only once for modify shell startup files PBA 2020-07-28 17:00:35 +05:30
Shay Nehmad ac21aca70d Tested upgrade + small UI bugfix 2020-07-28 12:33:20 +03:00
Shreya 98ef46b4ec Change logic for checking technique status 2020-07-28 14:58:39 +05:30
snyk-bot d3f72847b6 fix: upgrade react-bootstrap from 1.0.1 to 1.1.0 
Snyk has created this PR to upgrade react-bootstrap from 1.0.1 to 1.1.0.

See this package in npm:
https://www.npmjs.com/package/react-bootstrap

See this project in Snyk:
https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr
 2020-07-28 07:00:57 +00:00
Shreya 76aae1faec Change MITRE report color scheme 2020-07-27 23:20:20 +05:30
Shreya 005278cda0 Small CR changes 2020-07-27 23:20:20 +05:30
Shreya 877b08fa6b Techniques' unscanned messages' phrasing changes 2020-07-27 23:20:20 +05:30
Shreya 92ab1ad2f2 Test for AttackTechnique 2020-07-27 23:20:20 +05:30
Shreya a927da3bef CR changes 2020-07-27 23:19:30 +05:30
Shreya 07457457b2 Pass build 2020-07-27 23:19:30 +05:30
Shreya 6456564cae Add test for AttackTechnique 
Issue with `_check_status` function since it tries to fetch from mongodb which doesn't exist in testing env
 2020-07-27 23:19:30 +05:30
Shreya 740dc43727 Modify "unscanned" messages for some techniques 
+ other tiny changes in techniques' messages
 2020-07-27 23:17:31 +05:30
Shreya d313985661 Pass build 2020-07-27 23:17:31 +05:30
Shreya 83a362bf90 Add hyperlink to configuration page in "disabled" status message in MITRE report 2020-07-27 23:17:31 +05:30
Shreya 60f67f9ee4 Update after pulling from develop 2020-07-27 23:17:30 +05:30
Shreya 57f30a8979 Update after pulling from develop 2020-07-27 23:16:55 +05:30
Shreya e377e72a4c Keep default 2020-07-27 23:16:12 +05:30
Shreya 0cbb0b931d Document PostBreachTechnique class 2020-07-27 23:16:12 +05:30
Shreya ce5921eaad Add fn to check if disabled in config 2020-07-27 23:16:12 +05:30
Shreya 2685c50841 Change icon for disabled status 2020-07-27 23:15:48 +05:30
Shreya e9dfd0bc54 Small changes 2020-07-27 23:15:06 +05:30
Shreya d8adaef046 Pass build 2020-07-27 23:15:06 +05:30
Shreya 8078acdf7f Add DISABLED status for attack techniques 2020-07-27 23:15:06 +05:30
Shreya d25ad3a209 Refactor PBA report data code 
Only with T1158 for now
 2020-07-27 23:11:12 +05:30
Shreya 9217581e1c Add optional parameter 'configuration' in _check_status() 2020-07-27 23:10:36 +05:30
Shreya 6512d5de11 Pass build 2020-07-27 23:10:36 +05:30
Shreya 2d45439ecb Add test for AttackTechnique 
Issue with `_check_status` function since it tries to fetch from mongodb which doesn't exist in testing env
 2020-07-27 23:10:36 +05:30
Shreya 172f72b730 Modify "unscanned" messages for some techniques 
+ other tiny changes in techniques' messages
 2020-07-27 23:10:36 +05:30
Shreya ad771fb2ce Pass build 2020-07-27 23:10:36 +05:30
Shreya 103b1348b7 Add hyperlink to configuration page in "disabled" status message in MITRE report 2020-07-27 23:10:36 +05:30
Shreya ed269577b3 Update after pulling from develop 2020-07-27 23:10:36 +05:30
Shreya 82f1e531e7 Update after pulling from develop 2020-07-27 23:10:36 +05:30
Shreya aa599cbb10 Keep default 2020-07-27 23:10:36 +05:30
Shreya 41f2994c22 Document PostBreachTechnique class 2020-07-27 23:10:36 +05:30
Shreya 50aa068639 Add fn to check if disabled in config 2020-07-27 23:10:36 +05:30
Shreya cd7cdf846e Change icon for disabled status 2020-07-27 23:10:36 +05:30
Shreya c77467079b Small changes 2020-07-27 23:10:36 +05:30
Shreya fa7cff755f Pass build 2020-07-27 23:10:36 +05:30
Shreya ab91f24866 Add DISABLED status for attack techniques 2020-07-27 23:10:36 +05:30
Shreya 7cb0e111cc Refactor PBA report data code 
Only with T1158 for now
 2020-07-27 23:10:36 +05:30
snyk-bot 5271ebc424 fix: monkey/monkey_island/cc/ui/package.json & monkey/monkey_island/cc/ui/package-lock.json to reduce vulnerabilities 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MARKED-584281
 2020-07-27 17:33:31 +00:00
VakarisZ fade717754 Linting fixes in ValidationErrorMessages.js and ValidationFormats.js 2020-07-27 17:00:29 +03:00
VakarisZ fd1d3404e7 Merge remote-tracking branch 'upstream/feature/configuration_improvement' into feature/configuration_improvements 
# Conflicts:
#	monkey/monkey_island/cc/ui/src/components/configuration-components/ValidationFormats.js
 2020-07-27 16:50:19 +03:00
VakarisZ 64a8d71439 Added the the ability to assing info/warnings to configuration fields/sections. Moved network warning under "Scope" 2020-07-27 16:48:33 +03:00
VakarisZ 0be9b19186 Added custom config validation errors 2020-07-27 15:32:45 +03:00
VakarisZ 026daba3e0 Validation bugfix (unescaped .), improved comments 2020-07-27 11:57:40 +03:00
VakarisZ 02a710e15a Updated default password list according to the most popular password statistics 2020-07-27 11:49:31 +03:00
Shreya e6c93056cc Improve code readibility 
TODO: Add tests
 2020-07-26 23:50:03 +05:30
Shreya e6560ba3d4 Small CR changes 2020-07-26 23:25:30 +05:30
Shay Nehmad e21d67c37a Clean some JS warnings 2020-07-26 14:40:13 +03:00
Shay Nehmad 0deb8c63c5 Fix import formatting 2020-07-26 11:21:57 +03:00
Shreya 45fdf4b62c Pass build 2020-07-24 23:15:54 +05:30
Shreya eaf0cc854f Generate T1156 and T1504 reports via mongo query 2020-07-24 22:43:50 +05:30
VakarisZ 951794a707 More linting fixes 2020-07-24 17:23:53 +03:00
VakarisZ 49825d460b Bugfix in HeightCalculator.js 2020-07-24 17:20:24 +03:00
VakarisZ b366d12c99 Linting fixes 2020-07-24 17:17:38 +03:00
VakarisZ ecea415e36 Separated InternalConfig into separate tabs for easier navigation 2020-07-24 17:02:53 +03:00
Shreya 90fe06e212 Modifications to get the telemetry feed and reports rendering properly 2020-07-24 18:21:04 +05:30
Shreya 5a7e8a0b08 Override `run()` for PBA "modify shell startup files" + assign EXECUTION_WITHOUT_OUTPUT to all relevant PBAs on the island side 2020-07-24 18:21:04 +05:30
Shreya 1fdca52788 Fixes 2020-07-24 18:20:33 +05:30
Shreya f6556704d6 Modify `run()` for "modify shell startup files" PBA 2020-07-24 18:20:33 +05:30
Shreya dec7d9021f Move data modification for PBA from frontend to backend 2020-07-24 18:18:53 +05:30
Shreya a39a0c2ce6 CR changes 
- Added nested classes
- Extracted repetitive code
 2020-07-24 18:18:53 +05:30
Shreya 1182a3ad03 Manipulate PBA data to show multiple results of PBAs as separate entries in the report 2020-07-24 18:18:53 +05:30
Shreya 5fc6b6eb40 Modify logic to call PostBreachTelem.send() only once for modify shell startup files PBA 2020-07-24 18:18:53 +05:30
VakarisZ 76401f0778 Rolled back server_config.json to a clean one 2020-07-24 12:41:07 +03:00
VakarisZ cf45ec9401 Typo fixes and improvements 2020-07-24 12:40:06 +03:00
VakarisZ e8d210f001 Merge remote-tracking branch 'upstream/develop' into feature/configuration_improvements 2020-07-24 11:25:06 +03:00
VakarisZ 53707436df
Merge pull request #733 from guardicore/feature/pba_linux_bugfixes 
Removed unused imports and improved logging in PBA
 2020-07-24 11:24:19 +03:00
VakarisZ 6f993d34e1
Merge pull request #737 from guardicore/feature/broken_attack_matix_ui 
Fixed broken attack matrix checkbox UI in config
 2020-07-24 11:23:34 +03:00
VakarisZ d049b88c99 Merge remote-tracking branch 'upstream/develop' into feature/configuration_improvements 2020-07-24 11:22:09 +03:00
VakarisZ a1c11df50b Added descriptions to post breach actions, where it was missing 2020-07-24 11:20:42 +03:00
VakarisZ cc78076d32 Added hostname's to IP range validation 2020-07-24 10:45:33 +03:00
VakarisZ c1717d01a5 Merge branch 'feature/configuration_improvement' of https://github.com/guardicore/monkey into feature/configuration_improvements 2020-07-24 09:45:52 +03:00
VakarisZ 696dd83ef6 Changed exploiter documentation links in config 2020-07-24 09:45:17 +03:00
VakarisZ c9468b8600 Changed empty checkbox UI to unfilled in AdvancedMultiSelect.js 2020-07-24 09:18:56 +03:00
Shay Nehmad b25802c466 Merge branch 'feature/configuration_improvement' of https://github.com/guardicore/monkey into feature/configuration_improvement 2020-07-23 18:18:59 +03:00
Shay Nehmad 336c3cbb47 Update descriptions of config values 
Now can use whitespace
 2020-07-23 18:18:53 +03:00
VakarisZ 5449084394 Added validation to important tabs (not-internal) 2020-07-23 16:04:29 +03:00
Shay Nehmad 17587802ff pywin32 is missing from the Monkey 
WMI package upgraded and required pywin32.
because we have this package imported but not used in linux machines
we downgraded
 2020-07-23 12:45:37 +03:00
VakarisZ db6552a136 Moved "victims_max_exploit" and "victims_max_find" to "internal", increased "victims_max_exploit" default to 100 2020-07-23 10:52:05 +03:00
VakarisZ bca5ad912e "Exploits" config section moved to "Internal", UI fix for other moved sections 2020-07-23 10:41:17 +03:00
VakarisZ 2506fdc501 "Network" config section moved to "Internal" 2020-07-23 10:18:03 +03:00
VakarisZ b2eb5a40ad Removed "Monkey island" config tab (moved everything into internal) 2020-07-23 09:44:13 +03:00
VakarisZ 57ee55d9ff Moved "is monkey alive" into internal(still hidden) config, fixed PBA UI 2020-07-23 09:12:27 +03:00
VakarisZ 2c96ace908 Mimikatz, Azure collectors moved to system info collectors in config, "Behaviour" renamed to "Post breach" in config 2020-07-22 18:06:49 +03:00
VakarisZ 8b2797306b Split up config_schema.py into separate files 2020-07-22 13:19:12 +03:00
VakarisZ 3fec6ac753 Renamed values in config: Network->General to Network->Scope, Exploits->General to Exploits->Exploiters 2020-07-22 12:33:21 +03:00
VakarisZ eba779cd2d Merge remote-tracking branch 'upstream/develop' into feature/configuration_improvements 2020-07-22 12:05:59 +03:00
VakarisZ fb5d3a0541 Fixed broken attack matrix checkbox UI in config 2020-07-22 12:02:13 +03:00
Shay Nehmad 27b1c7a710
Merge pull request #729 from guardicore/snyk-fix-8605a12c0d6e7129269774950a531099 
[Snyk] Security upgrade PyJWT from 1.4.2 to 1.5.1
 2020-07-21 18:55:58 +03:00
Shay Nehmad 2bbb2d2c2c Some small CR fixes - improved doc and logs 2020-07-21 18:40:08 +03:00
Shay Nehmad dd1320418a Update vsftpd.py 2020-07-21 18:17:29 +03:00
Shay Nehmad c66fd0f2a6 Update vsftpd.py 2020-07-21 18:08:22 +03:00
Shay Nehmad 1072607c42 Fix import order 2020-07-21 18:02:17 +03:00
Shay Nehmad 1f26d7ffb9 replace flask-jwt with flask-jwt-extended 2020-07-21 17:30:21 +03:00
Shay Nehmad ed2366e612
Merge pull request #730 from guardicore/snyk-upgrade-1d178c687faf134440c71413f44c538d 
[Snyk] Upgrade react-tooltip-lite from 1.11.2 to 1.12.0
 2020-07-21 17:19:44 +03:00
VakarisZ 271466c6b5 Removed core-js/fn/object/assign import 2020-07-21 16:08:23 +03:00
VakarisZ d00abde17b Removed one more unused import 2020-07-21 12:33:08 +03:00
VakarisZ 8c356d91f5 Merge remote-tracking branch 'upstream/develop' into feature/configuration_improvements 
# Conflicts:
#	monkey/monkey_island/cc/ui/package-lock.json
 2020-07-21 12:29:31 +03:00
VakarisZ 3db8e0cb2f Merge remote-tracking branch 'upstream/develop' into change_file_privileges_bugfix 2020-07-21 12:23:37 +03:00
VakarisZ 3af6fff5ca Fixed bug: linux only PBA's throwing errors on Windows 2020-07-21 12:10:23 +03:00
Shay Nehmad 1827cfab93 Merge branch 'develop' into snyk-fix-8605a12c0d6e7129269774950a531099 2020-07-21 12:05:17 +03:00
Shay Nehmad 35a665b831 Merge branch 'develop' into snyk-upgrade-1d178c687faf134440c71413f44c538d 2020-07-21 11:49:35 +03:00
VakarisZ eb4056ab7f Removed should exploit network machines config param - same will be achieved by removing all exploiters. 2020-07-21 11:29:29 +03:00
Shay Nehmad f34d7d45e8
Merge pull request #728 from guardicore/snyk-upgrade-7f12d9c688d2cf1b551e62e93453c526 
[Snyk] Upgrade @babel/polyfill from 7.8.7 to 7.10.1
 2020-07-21 10:59:32 +03:00
Shay Nehmad 594d3f2f97 Single quotes 2020-07-21 10:52:45 +03:00
VakarisZ f70b2240e1 Hid "Is monkey alive" field in configuration 2020-07-21 10:43:37 +03:00
Shay Nehmad dd50f9d4aa Fix some key prop errors so that our pages don't have errors 
It might avoid some bugs in the future as well: https://stackoverflow.com/questions/28329382/understanding-unique-keys-for-array-children-in-react-js
 2020-07-20 18:38:15 +03:00
VakarisZ 9f21ce07f1 Changed important tabs to be highlighted rather than having text in the front 2020-07-20 18:22:37 +03:00
Shreya 28e0a6ec97 Make setuid/setgid and trap PBAs not crash on windows 2020-07-20 20:09:19 +05:30
VakarisZ 167d1f50d5 Removed hidden descriptions 2020-07-20 17:32:08 +03:00
VakarisZ c88488c415 Merge remote-tracking branch 'upstream/develop' into feature/configuration_improvements 
# Conflicts:
#	monkey/monkey_island/cc/ui/package-lock.json
 2020-07-20 17:20:43 +03:00
VakarisZ f790750f57 Changed the style in configuration page to differentiate config value title from description 2020-07-20 17:15:01 +03:00
Shay Nehmad fc6db1ffbc @babel/polyfill is deprected. 
Instead of updating it, we'll use corejs 3.
https://babeljs.io/docs/en/babel-preset-env
 2020-07-20 16:59:33 +03:00
Shay Nehmad 7bc9760eef Merge branch 'develop' into snyk-upgrade-7f12d9c688d2cf1b551e62e93453c526 2020-07-20 16:29:38 +03:00
Shay Nehmad 0a1d7174c5 update package.lock mess after ugly merge. 
Let npm i do the work instead of doing it manually
 2020-07-20 16:15:29 +03:00
Shay Nehmad cd6216779f Merge branch 'develop' into snyk-upgrade-bb05e006ee678bf67c3eb4c3c10b3cdf 2020-07-20 16:09:06 +03:00
Shay Nehmad 844b2f1e2a Deleted redundant const 2020-07-20 16:04:27 +03:00
VakarisZ 35e90fc95d Added style that allows hiding config input component title and description (because advanced multi select has title and description built in) 2020-07-20 15:22:21 +03:00
VakarisZ fb9428b8a3 Added advanced selector component to all config definitions, refactored it in a way that allows to define all advanced selector properties on config_schema.py 2020-07-20 15:10:57 +03:00
snyk-bot 21eef102a8 fix: upgrade react-tooltip-lite from 1.11.2 to 1.12.0 
Snyk has created this PR to upgrade react-tooltip-lite from 1.11.2 to 1.12.0.

See this package in NPM:
https://www.npmjs.com/package/react-tooltip-lite

See this project in Snyk:
https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr
 2020-07-18 07:00:29 +00:00
Shay Nehmad ce7f5508ed Merge branch 'develop' into snyk-upgrade-7f12d9c688d2cf1b551e62e93453c526 2020-07-16 14:42:44 +03:00
Shay Nehmad 4dfdd447ee Update package-lock.json 
npm audit fix + lock to correct versions
 2020-07-16 14:33:05 +03:00
Shay Nehmad ed7a5ab708 Merge branch 'develop' into snyk-fix-661b0a9571c71708f17fef5d173a39ea 2020-07-16 14:20:08 +03:00
snyk-bot ab0c9c5456 fix: monkey/monkey_island/requirements.txt to reduce vulnerabilities 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PYJWT-40693
 2020-07-16 11:17:07 +00:00
Shay Nehmad 491660eb2e Added name and version to the package-json (won't compile otherwise) 
See https://stackoverflow.com/a/60112825/4119906
 2020-07-16 14:15:41 +03:00
Shay Nehmad 5fd1128554
Merge pull request #724 from guardicore/snyk-upgrade-9b0bb6804d80cebfbdc83144d3ab1240 
[Snyk] Upgrade: @fortawesome/fontawesome-svg-core, @fortawesome/free-regular-svg-icons, @fortawesome/free-solid-svg-icons, @fortawesome/react-fontawesome
 2020-07-16 14:05:52 +03:00
Shay Nehmad a7ea163d81
Merge pull request #723 from guardicore/snyk-upgrade-95eb22e72c073a402cf50c305cd68d19 
[Snyk] Upgrade rc-progress from 2.5.3 to 2.6.1
 2020-07-16 14:04:18 +03:00
Shay Nehmad 7170d5441a Update package-lock.json 2020-07-16 13:51:08 +03:00
Shay Nehmad 7e45540361 Merge branch 'develop' into snyk-fix-661b0a9571c71708f17fef5d173a39ea 2020-07-16 13:42:34 +03:00
Shay Nehmad f92cf0d973
Merge pull request #727 from guardicore/py-import-order-travis 
Py import order travis
 2020-07-16 11:29:46 +03:00
Shay Nehmad d3718a8943 Final fixed imports 2020-07-16 10:32:27 +03:00
snyk-bot 96f31a492b fix: upgrade @babel/polyfill from 7.8.7 to 7.10.1 
Snyk has created this PR to upgrade @babel/polyfill from 7.8.7 to 7.10.1.

See this package in NPM:
https://www.npmjs.com/package/@babel/polyfill

See this project in Snyk:
https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr
 2020-07-16 07:01:19 +00:00
Shay Nehmad 9846477bea Change to isort from flake8-import-order 
fix issues in envs/ as well
 2020-07-15 18:46:04 +03:00
Shay Nehmad 81c950b469 Ran isort to order all imports and pass CI tests 2020-07-15 17:55:45 +03:00
Shay Nehmad 832662602d Update package-lock.json 2020-07-15 17:02:47 +03:00
Shay Nehmad 4cc05637e5 Merge branch 'develop' into snyk-upgrade-bb05e006ee678bf67c3eb4c3c10b3cdf 2020-07-15 16:51:50 +03:00
Shay Nehmad 1e8e9a7d41 Bugfix in file upload for PBAs (nonexistent directory) 2020-07-15 16:49:34 +03:00
Ace Pace 3fb1d248ae Fix typos 2020-07-15 16:26:57 +03:00
snyk-bot 7ef2afb3fb fix: upgrade multiple dependencies with Snyk 
Snyk has created this PR to upgrade:
  - @fortawesome/fontawesome-svg-core from 1.2.28 to 1.2.29.
    See this package in NPM: https://www.npmjs.com/package/@fortawesome/fontawesome-svg-core
  - @fortawesome/free-regular-svg-icons from 5.13.0 to 5.13.1.
    See this package in NPM: https://www.npmjs.com/package/@fortawesome/free-regular-svg-icons
  - @fortawesome/free-solid-svg-icons from 5.13.0 to 5.13.1.
    See this package in NPM: https://www.npmjs.com/package/@fortawesome/free-solid-svg-icons
  - @fortawesome/react-fontawesome from 0.1.9 to 0.1.11.
    See this package in NPM: https://www.npmjs.com/package/@fortawesome/react-fontawesome

See this project in Snyk:
https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr
 2020-07-15 07:01:52 +00:00
snyk-bot e417ed3e27 fix: upgrade rc-progress from 2.5.3 to 2.6.1 
Snyk has created this PR to upgrade rc-progress from 2.5.3 to 2.6.1.

See this package in NPM:
https://www.npmjs.com/package/rc-progress

See this project in Snyk:
https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr
 2020-07-15 07:01:47 +00:00
snyk-bot 40aca91b28 fix: upgrade filepond from 4.13.5 to 4.18.0 
Snyk has created this PR to upgrade filepond from 4.13.5 to 4.18.0.

See this package in NPM:
https://www.npmjs.com/package/filepond

See this project in Snyk:
https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr
 2020-07-15 07:01:41 +00:00
snyk-bot f98e2ea972 fix: upgrade react-spinners from 0.5.13 to 0.9.0 
Snyk has created this PR to upgrade react-spinners from 0.5.13 to 0.9.0.

See this package in NPM:
https://www.npmjs.com/package/react-spinners

See this project in Snyk:
https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr
 2020-07-15 07:01:36 +00:00
snyk-bot 2f0b777533 fix: monkey/monkey_island/cc/ui/package.json, monkey/monkey_island/cc/ui/package-lock.json & monkey/monkey_island/cc/ui/.snyk to reduce vulnerabilities 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NPM-575435


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
 2020-07-14 15:09:34 +00:00
Shreya 5bbef83b83 Linux: delete `TEMP_CRON` file even if command fails 2020-07-13 20:13:47 +05:30
Shreya c38875d71e Code review changes 
- windows commands readibility
- f-strings
- directory structure
 2020-07-13 20:08:04 +05:30
Shreya 9c0c298631 Mongo search logic changes + used/scanned/unscanned message changes 2020-07-13 20:08:04 +05:30
Shreya 7588cd8eea Add T1053 (windows PBA) 2020-07-13 20:08:04 +05:30
Shreya 73c4070f54 Add T1168 (linux PBA) 2020-07-13 20:05:49 +05:30
Shreya 37b4717eb1 Add techniques' info to attack_schema 2020-07-13 20:03:32 +05:30
Shreya ec26baae8f Add PBA T1166 2020-07-13 19:40:08 +05:30
Shreya e6b3613db2 Check status using mongo 2020-07-13 19:20:38 +05:30
Shreya d9d8c813aa Code review + other tiny changes 2020-07-13 19:11:13 +05:30
Shreya a74f2a5ead Add PBA T1154 2020-07-13 19:11:13 +05:30
Shreya Malviya 8c255ece06
Merge pull request #693 from shreyamalviya/mongo-search-T1136 
Use mongo search for T1136's report data
 2020-07-13 19:06:35 +05:30
Shay Nehmad d501bf3b00 Add six minimum requirement to explicitly resolve conflict 
Added pip freeze to travis to ease debugging
 2020-07-08 16:43:52 +03:00
Shay Nehmad 45035cc3c3 Unlock pyinstaller 
On systems where you have one venv for agent and server, the pyinstaller version is our own build from the GC repo
 2020-07-08 16:04:32 +03:00
Shay Nehmad 9ce2c5eb83 Sort and lock pip requirement files 2020-07-08 15:56:48 +03:00
Shreya e12374b7d3 Add mongo query to count successful PBA attempts 2020-07-04 15:29:25 +05:30
VakarisZ 6a824efab3 Finished AdvancedMultiSelect component 2020-07-03 17:41:41 +03:00
VakarisZ 989020c5ba Removed old react-jsonshema-form npm package 2020-07-03 17:38:43 +03:00
VakarisZ 67eeb2b670 Grouped stylesheets into components and pages 2020-07-03 17:38:02 +03:00
Shreya 8c18731b45 Use mongo search for T1136's report data 2020-07-03 15:56:40 +05:30
VakarisZ fda600eb60 Finished PBA refactoring 2020-06-30 18:10:48 +03:00
VakarisZ aad9e5069e PBA file refactoring almost working 2020-06-30 16:07:43 +03:00
VakarisZ 6cc4c85132
Merge pull request #688 from guardicore/password_setup 
Password setup and bootstrap v4 migration
 2020-06-25 11:52:33 +03:00
VakarisZ 8a31ff21b8 Disabled no-unescaped-entities, because it throws warnings on ' usage in text, because typographically it's not an apostrophe 2020-06-25 11:33:28 +03:00
VakarisZ edfbf370c6 Merge remote-tracking branch 'upstream/password_setup' into password_setup 2020-06-25 11:01:34 +03:00
VakarisZ 4e9a749c7d Couple of PEP8 issues related to password creation files fixed 2020-06-25 11:01:20 +03:00
Shay Nehmad f34a607f15
Merge pull request #692 from guardicore/mongo_requirement_fix 
Changed minimum mongodb version required
 2020-06-25 10:59:17 +03:00
Shay Nehmad 4c6f2efe18 Merge branch 'password_setup' of https://github.com/guardicore/monkey into password_setup 2020-06-25 10:56:06 +03:00
Shay Nehmad 27c50fdc55 Fix some whitespace issues in the events modal 2020-06-25 10:54:59 +03:00
VakarisZ 938a5e225c Merge remote-tracking branch 'upstream/password_setup' into password_setup 2020-06-25 10:53:12 +03:00
VakarisZ d22e784aaa Redundant failed login attempts with no auth credentials fixed 2020-06-25 10:52:56 +03:00
Shay Nehmad da58ea7250 Adding some server logs re: registration 
Will possibly help debug client issues with registration in future.
 2020-06-25 10:29:37 +03:00
VakarisZ e58cdee246 Small typo in register page, submit on enter fixed in auth pages 2020-06-25 10:26:59 +03:00
VakarisZ 7462c1c701 Merge remote-tracking branch 'upstream/develop' into password_setup 
# Conflicts:
#	.travis.yml
 2020-06-25 10:04:04 +03:00
VakarisZ 468bd7db2c UI fixes for registration and login pages and zero trust report 2020-06-25 10:00:43 +03:00
Shreya a11852ce3c Pass build 
Pass build
 2020-06-24 16:47:46 +05:30
Shreya 971a102eb6 Change order of techniques in ATT&CK matrix 
T1158: Hidden files before T1504: Powershell profile
 2020-06-24 15:22:34 +05:30
Shreya 6b75092823 Small fixes after rebasing 2020-06-24 15:15:45 +05:30
Shreya a91e65e49a Use mongo search for report data 2020-06-24 14:37:42 +05:30
Shreya 37d37b6f9f Fix status being sent in report data 2020-06-24 14:37:42 +05:30
Shreya 3819041632 PBA command modifications 2020-06-24 14:37:42 +05:30
Shreya 2dbf798c4a Linux: fix hidden file/folder deletion issue 2020-06-24 14:37:42 +05:30
Shreya d0dc305a33 Remove detection time for AV software 2020-06-24 14:37:42 +05:30
Shreya a98f321ed0 Windows: change location of hidden file/folder + add system attribute 2020-06-24 14:37:42 +05:30
Shreya 87bfe41c50 Linux: change location of hidden file/folder 2020-06-24 14:37:42 +05:30
Shreya eea5352084 Little changes based on review 2020-06-24 14:36:03 +05:30
Shreya 6b4e90e6d0 PBA tweaks: Windows 2020-06-24 14:36:03 +05:30
Shreya 80c8a42bd0 Mentioning 'type' doesn't seem necessary 2020-06-24 14:36:03 +05:30
Shreya 0f6fcc799c Add report components, link to matrix 2020-06-24 14:36:03 +05:30
Shreya 49350aa303 PBA changes: Windows 2020-06-24 14:33:08 +05:30
Shreya 15ac77056a PBA changes: Linux 2020-06-24 14:33:08 +05:30
Shreya 2b9d54408a Tweak PBA logic 
Don't need to use winAPI to delete file
 2020-06-24 14:33:08 +05:30
Shreya 1d952a4781 PBA stuff 2020-06-24 14:33:08 +05:30
Shreya 45c5546f17 Add "Hidden files" PBA feature 
TODO: winAPI
 2020-06-24 14:33:08 +05:30
Shreya Malviya 08727305d8
Merge pull request #687 from shreyamalviya/T1156 
Add T1156 and T1504 attack techniques (shell startup file modifications)
 2020-06-24 14:13:09 +05:30
Shreya 53e6f893c6 Disabled prop-types warning in eslint 
(Accidentally force-pushed over the previous commit changing this)
 2020-06-24 13:58:52 +05:30
Shreya f21dbde27d Extend windows PBA for all users on system 2020-06-24 13:37:08 +05:30
Shreya 7efeff3ff0 Modify linux PBA so it doesn't give errors when running on windows 2020-06-24 13:25:54 +05:30
Shreya 6f6bfca9f9 Use mongo search for report data 
(For linux, shows only bash startup files in ATT&CK report)
 2020-06-24 13:25:54 +05:30
Shreya 7459105bbc Extend linux PBA for all users on system 
TODO: ATT&CK report stuff (mongo search + show only bash file modification info)
TODO: Windows
 2020-06-24 13:25:54 +05:30
Shreya 8d2aaac65f Fix + make linux PBA commands cleaner 2020-06-24 13:25:54 +05:30
Shreya e5f92d29b5 Add startup files for fish, zsh, dash, ksh, sh, csh, tcsh 2020-06-24 13:25:54 +05:30
Shreya 0c60ad16ae Code design changes 2020-06-24 13:25:54 +05:30