forked from p15670423/monkey
Moved and renamed some services to improve directory structure of zero trust services
This commit is contained in:
VakarisZ
parent
85f4c4f250
commit
02a45c7449
|
|
@ -1,6 +1,6 @@
|
|||
from mongoengine import DynamicField, EmbeddedDocument, IntField, ListField, StringField
|
||||
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts import rule_consts
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.consts import rule_consts
|
||||
|
||||
|
||||
class ScoutSuiteRule(EmbeddedDocument):
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ from packaging import version
|
|||
import common.common_consts.zero_trust_consts as zero_trust_consts
|
||||
from monkey_island.cc.models.zero_trust.event import Event
|
||||
from monkey_island.cc.models.zero_trust.finding import Finding
|
||||
from monkey_island.cc.services.zero_trust.monkey_finding_service import MonkeyFindingService
|
||||
from monkey_island.cc.services.zero_trust.monkey_findings.monkey_zt_finding_service import MonkeyZTFindingService
|
||||
from monkey_island.cc.testing.IslandTestCase import IslandTestCase
|
||||
|
||||
|
||||
|
|
@ -23,12 +23,12 @@ class TestAggregateFinding(IslandTestCase):
|
|||
events = [Event.create_event("t", "t", zero_trust_consts.EVENT_TYPE_MONKEY_NETWORK)]
|
||||
self.assertEqual(len(Finding.objects(test=test, status=status)), 0)
|
||||
|
||||
MonkeyFindingService.create_or_add_to_existing(test, status, events)
|
||||
MonkeyZTFindingService.create_or_add_to_existing(test, status, events)
|
||||
|
||||
self.assertEqual(len(Finding.objects(test=test, status=status)), 1)
|
||||
self.assertEqual(len(Finding.objects(test=test, status=status)[0].events), 1)
|
||||
|
||||
MonkeyFindingService.create_or_add_to_existing(test, status, events)
|
||||
MonkeyZTFindingService.create_or_add_to_existing(test, status, events)
|
||||
|
||||
self.assertEqual(len(Finding.objects(test=test, status=status)), 1)
|
||||
self.assertEqual(len(Finding.objects(test=test, status=status)[0].events), 2)
|
||||
|
|
@ -50,7 +50,7 @@ class TestAggregateFinding(IslandTestCase):
|
|||
self.assertEqual(len(Finding.objects(test=test, status=status)), 1)
|
||||
self.assertEqual(len(Finding.objects(test=test, status=status)[0].events), 1)
|
||||
|
||||
MonkeyFindingService.create_or_add_to_existing(test, status, events)
|
||||
MonkeyZTFindingService.create_or_add_to_existing(test, status, events)
|
||||
|
||||
self.assertEqual(len(Finding.objects(test=test, status=status)), 1)
|
||||
self.assertEqual(len(Finding.objects(test=test, status=status)[0].events), 2)
|
||||
|
|
@ -60,4 +60,4 @@ class TestAggregateFinding(IslandTestCase):
|
|||
self.assertEqual(len(Finding.objects(test=test, status=status)), 2)
|
||||
|
||||
with self.assertRaises(AssertionError):
|
||||
MonkeyFindingService.create_or_add_to_existing(test, status, events)
|
||||
MonkeyZTFindingService.create_or_add_to_existing(test, status, events)
|
||||
|
|
|
|||
|
|
@ -3,11 +3,11 @@ import json
|
|||
import flask_restful
|
||||
|
||||
from monkey_island.cc.resources.auth.auth import jwt_required
|
||||
from monkey_island.cc.services.zero_trust.monkey_finding_service import MonkeyFindingService
|
||||
from monkey_island.cc.services.zero_trust.monkey_findings.monkey_zt_finding_service import MonkeyZTFindingService
|
||||
|
||||
|
||||
class ZeroTrustFindingEvent(flask_restful.Resource):
|
||||
|
||||
@jwt_required
|
||||
def get(self, finding_id: str):
|
||||
return {'events_json': json.dumps(MonkeyFindingService.get_events_by_finding(finding_id), default=str)}
|
||||
return {'events_json': json.dumps(MonkeyZTFindingService.get_events_by_finding(finding_id), default=str)}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import flask_restful
|
||||
|
||||
from monkey_island.cc.resources.auth.auth import jwt_required
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.scoutsuite_auth_service import get_aws_keys
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.scoutsuite_auth_service import get_aws_keys
|
||||
|
||||
|
||||
class AWSKeys(flask_restful.Resource):
|
||||
|
|
|
|||
|
|
@ -6,8 +6,8 @@ from flask import request
|
|||
from common.cloud.scoutsuite_consts import CloudProviders
|
||||
from common.utils.exceptions import InvalidAWSKeys
|
||||
from monkey_island.cc.resources.auth.auth import jwt_required
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.scoutsuite_auth_service import (is_cloud_authentication_setup,
|
||||
set_aws_keys)
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.scoutsuite_auth_service import (is_cloud_authentication_setup,
|
||||
set_aws_keys)
|
||||
|
||||
|
||||
class ScoutSuiteAuth(flask_restful.Resource):
|
||||
|
|
|
|||
|
|
@ -2,10 +2,10 @@ import json
|
|||
|
||||
from monkey_island.cc.database import mongo
|
||||
from monkey_island.cc.models.zero_trust.scoutsuite_data_json import ScoutSuiteDataJson
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.findings_list import SCOUTSUITE_FINDINGS
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_parser import RuleParser
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.scoutsuite_finding_service import ScoutSuiteFindingService
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.scoutsuite_rule_service import ScoutSuiteRuleService
|
||||
from ...zero_trust.scoutsuite_findings.consts.findings_list import SCOUTSUITE_FINDINGS
|
||||
from ...zero_trust.scoutsuite_findings.data_parsing.rule_parser import RuleParser
|
||||
from ...zero_trust.scoutsuite_findings.scoutsuite_zt_finding_service import ScoutSuiteZTFindingService
|
||||
from ...zero_trust.scoutsuite_findings.scoutsuite_rule_service import ScoutSuiteRuleService
|
||||
|
||||
|
||||
def process_scoutsuite_telemetry(telemetry_json):
|
||||
|
|
@ -22,7 +22,7 @@ def create_scoutsuite_findings(scoutsuite_data):
|
|||
for rule in finding.rules:
|
||||
rule_data = RuleParser.get_rule_data(scoutsuite_data, rule)
|
||||
rule = ScoutSuiteRuleService.get_rule_from_rule_data(rule_data)
|
||||
ScoutSuiteFindingService.process_rule(finding, rule)
|
||||
ScoutSuiteZTFindingService.process_rule(finding, rule)
|
||||
|
||||
|
||||
def update_data(telemetry_json):
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ import common.common_consts.zero_trust_consts as zero_trust_consts
|
|||
from monkey_island.cc.models import Monkey
|
||||
from monkey_island.cc.models.zero_trust.event import Event
|
||||
from monkey_island.cc.services.telemetry.zero_trust_checks.known_anti_viruses import ANTI_VIRUS_KNOWN_PROCESS_NAMES
|
||||
from monkey_island.cc.services.zero_trust.monkey_finding_service import MonkeyFindingService
|
||||
from monkey_island.cc.services.zero_trust.monkey_findings.monkey_zt_finding_service import MonkeyZTFindingService
|
||||
|
||||
|
||||
def check_antivirus_existence(process_list_json, monkey_guid):
|
||||
|
|
@ -30,8 +30,8 @@ def check_antivirus_existence(process_list_json, monkey_guid):
|
|||
test_status = zero_trust_consts.STATUS_PASSED
|
||||
else:
|
||||
test_status = zero_trust_consts.STATUS_FAILED
|
||||
MonkeyFindingService.create_or_add_to_existing(test=zero_trust_consts.TEST_ENDPOINT_SECURITY_EXISTS,
|
||||
status=test_status, events=events)
|
||||
MonkeyZTFindingService.create_or_add_to_existing(test=zero_trust_consts.TEST_ENDPOINT_SECURITY_EXISTS,
|
||||
status=test_status, events=events)
|
||||
|
||||
|
||||
def filter_av_processes(process_list):
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
import common.common_consts.zero_trust_consts as zero_trust_consts
|
||||
from monkey_island.cc.models.zero_trust.event import Event
|
||||
from monkey_island.cc.services.zero_trust.monkey_finding_service import MonkeyFindingService
|
||||
from monkey_island.cc.services.zero_trust.monkey_findings.monkey_zt_finding_service import MonkeyZTFindingService
|
||||
|
||||
COMM_AS_NEW_USER_FAILED_FORMAT = "Monkey on {} couldn't communicate as new user. Details: {}"
|
||||
COMM_AS_NEW_USER_SUCCEEDED_FORMAT = \
|
||||
|
|
@ -8,9 +8,10 @@ COMM_AS_NEW_USER_SUCCEEDED_FORMAT = \
|
|||
|
||||
|
||||
def check_new_user_communication(current_monkey, success, message):
|
||||
MonkeyFindingService.create_or_add_to_existing(test=zero_trust_consts.TEST_COMMUNICATE_AS_NEW_USER,
|
||||
status=zero_trust_consts.STATUS_FAILED if success else zero_trust_consts.STATUS_PASSED,
|
||||
events=[
|
||||
status = zero_trust_consts.STATUS_FAILED if success else zero_trust_consts.STATUS_PASSED
|
||||
MonkeyZTFindingService.create_or_add_to_existing(test=zero_trust_consts.TEST_COMMUNICATE_AS_NEW_USER,
|
||||
status=status,
|
||||
events=[
|
||||
get_attempt_event(current_monkey),
|
||||
get_result_event(current_monkey, message, success)
|
||||
])
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ import common.common_consts.zero_trust_consts as zero_trust_consts
|
|||
from common.common_consts.network_consts import ES_SERVICE
|
||||
from monkey_island.cc.models import Monkey
|
||||
from monkey_island.cc.models.zero_trust.event import Event
|
||||
from monkey_island.cc.services.zero_trust.monkey_finding_service import MonkeyFindingService
|
||||
from monkey_island.cc.services.zero_trust.monkey_findings.monkey_zt_finding_service import MonkeyZTFindingService
|
||||
|
||||
HTTP_SERVERS_SERVICES_NAMES = ['tcp-80']
|
||||
|
||||
|
|
@ -55,10 +55,10 @@ def check_open_data_endpoints(telemetry_json):
|
|||
event_type=zero_trust_consts.EVENT_TYPE_MONKEY_NETWORK
|
||||
))
|
||||
|
||||
MonkeyFindingService.create_or_add_to_existing(test=zero_trust_consts.TEST_DATA_ENDPOINT_HTTP,
|
||||
status=found_http_server_status, events=events)
|
||||
MonkeyZTFindingService.create_or_add_to_existing(test=zero_trust_consts.TEST_DATA_ENDPOINT_HTTP,
|
||||
status=found_http_server_status, events=events)
|
||||
|
||||
MonkeyFindingService.create_or_add_to_existing(test=zero_trust_consts.TEST_DATA_ENDPOINT_ELASTIC,
|
||||
status=found_elastic_search_server, events=events)
|
||||
MonkeyZTFindingService.create_or_add_to_existing(test=zero_trust_consts.TEST_DATA_ENDPOINT_ELASTIC,
|
||||
status=found_elastic_search_server, events=events)
|
||||
|
||||
MonkeyFindingService.add_malicious_activity_to_timeline(events)
|
||||
MonkeyZTFindingService.add_malicious_activity_to_timeline(events)
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
import common.common_consts.zero_trust_consts as zero_trust_consts
|
||||
from monkey_island.cc.models.zero_trust.event import Event
|
||||
from monkey_island.cc.services.zero_trust.monkey_finding_service import MonkeyFindingService
|
||||
from monkey_island.cc.services.zero_trust.monkey_findings.monkey_zt_finding_service import MonkeyZTFindingService
|
||||
|
||||
|
||||
def check_machine_exploited(current_monkey, exploit_successful, exploiter, target_ip, timestamp):
|
||||
|
|
@ -29,7 +29,7 @@ def check_machine_exploited(current_monkey, exploit_successful, exploiter, targe
|
|||
)
|
||||
status = zero_trust_consts.STATUS_FAILED
|
||||
|
||||
MonkeyFindingService.create_or_add_to_existing(test=zero_trust_consts.TEST_MACHINE_EXPLOITED, status=status,
|
||||
events=events)
|
||||
MonkeyZTFindingService.create_or_add_to_existing(test=zero_trust_consts.TEST_MACHINE_EXPLOITED, status=status,
|
||||
events=events)
|
||||
|
||||
MonkeyFindingService.add_malicious_activity_to_timeline(events)
|
||||
MonkeyZTFindingService.add_malicious_activity_to_timeline(events)
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ from common.network.segmentation_utils import get_ip_if_in_subnet, get_ip_in_src
|
|||
from monkey_island.cc.models import Monkey
|
||||
from monkey_island.cc.models.zero_trust.event import Event
|
||||
from monkey_island.cc.services.configuration.utils import get_config_network_segments_as_subnet_groups
|
||||
from monkey_island.cc.services.zero_trust.monkey_finding_service import MonkeyFindingService
|
||||
from monkey_island.cc.services.zero_trust.monkey_findings.monkey_zt_finding_service import MonkeyZTFindingService
|
||||
|
||||
SEGMENTATION_DONE_EVENT_TEXT = "Monkey on {hostname} is done attempting cross-segment communications " \
|
||||
"from `{src_seg}` segments to `{dst_seg}` segments."
|
||||
|
|
@ -26,7 +26,7 @@ def check_segmentation_violation(current_monkey, target_ip):
|
|||
target_subnet = subnet_pair[1]
|
||||
if is_segmentation_violation(current_monkey, target_ip, source_subnet, target_subnet):
|
||||
event = get_segmentation_violation_event(current_monkey, source_subnet, target_ip, target_subnet)
|
||||
MonkeyFindingService.create_or_add_to_existing(
|
||||
MonkeyZTFindingService.create_or_add_to_existing(
|
||||
test=zero_trust_consts.TEST_SEGMENTATION,
|
||||
status=zero_trust_consts.STATUS_FAILED,
|
||||
events=[event]
|
||||
|
|
@ -90,7 +90,7 @@ def create_or_add_findings_for_all_pairs(all_subnets, current_monkey):
|
|||
all_subnets_pairs_for_this_monkey = itertools.product(this_monkey_subnets, other_subnets)
|
||||
|
||||
for subnet_pair in all_subnets_pairs_for_this_monkey:
|
||||
MonkeyFindingService.create_or_add_to_existing(
|
||||
MonkeyZTFindingService.create_or_add_to_existing(
|
||||
status=zero_trust_consts.STATUS_PASSED,
|
||||
events=[get_segmentation_done_event(current_monkey, subnet_pair)],
|
||||
test=zero_trust_consts.TEST_SEGMENTATION
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ from monkey_island.cc.models import Monkey
|
|||
from monkey_island.cc.models.zero_trust.event import Event
|
||||
from monkey_island.cc.models.zero_trust.finding import Finding
|
||||
from monkey_island.cc.services.telemetry.zero_trust_checks.segmentation import create_or_add_findings_for_all_pairs
|
||||
from monkey_island.cc.services.zero_trust.monkey_finding_service import MonkeyFindingService
|
||||
from monkey_island.cc.services.zero_trust.monkey_findings.monkey_zt_finding_service import MonkeyZTFindingService
|
||||
from monkey_island.cc.testing.IslandTestCase import IslandTestCase
|
||||
|
||||
FIRST_SUBNET = "1.1.1.1"
|
||||
|
|
@ -37,7 +37,7 @@ class TestSegmentationChecks(IslandTestCase):
|
|||
2)
|
||||
|
||||
# This is a monkey from 2nd subnet communicated with 1st subnet.
|
||||
MonkeyFindingService.create_or_add_to_existing(
|
||||
MonkeyZTFindingService.create_or_add_to_existing(
|
||||
status=zero_trust_consts.STATUS_FAILED,
|
||||
test=zero_trust_consts.TEST_SEGMENTATION,
|
||||
events=[Event.create_event(title="sdf",
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ import common.common_consts.zero_trust_consts as zero_trust_consts
|
|||
from monkey_island.cc.models import Monkey
|
||||
from monkey_island.cc.models.zero_trust.event import Event
|
||||
from monkey_island.cc.services.telemetry.processing.utils import get_tunnel_host_ip_from_proxy_field
|
||||
from monkey_island.cc.services.zero_trust.monkey_finding_service import MonkeyFindingService
|
||||
from monkey_island.cc.services.zero_trust.monkey_findings.monkey_zt_finding_service import MonkeyZTFindingService
|
||||
|
||||
|
||||
def check_tunneling_violation(tunnel_telemetry_json):
|
||||
|
|
@ -18,7 +18,7 @@ def check_tunneling_violation(tunnel_telemetry_json):
|
|||
timestamp=tunnel_telemetry_json['timestamp']
|
||||
)]
|
||||
|
||||
MonkeyFindingService.create_or_add_to_existing(test=zero_trust_consts.TEST_TUNNELING,
|
||||
status=zero_trust_consts.STATUS_FAILED, events=tunneling_events)
|
||||
MonkeyZTFindingService.create_or_add_to_existing(test=zero_trust_consts.TEST_TUNNELING,
|
||||
status=zero_trust_consts.STATUS_FAILED, events=tunneling_events)
|
||||
|
||||
MonkeyFindingService.add_malicious_activity_to_timeline(tunneling_events)
|
||||
MonkeyZTFindingService.add_malicious_activity_to_timeline(tunneling_events)
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ from monkey_island.cc.models.zero_trust.monkey_finding_details import MonkeyFind
|
|||
EVENT_FETCH_CNT = 50
|
||||
|
||||
|
||||
class MonkeyDetailsService:
|
||||
class MonkeyZTDetailsService:
|
||||
|
||||
@staticmethod
|
||||
def fetch_details_for_display(finding_id: ObjectId) -> dict:
|
||||
|
|
@ -21,8 +21,8 @@ class MonkeyDetailsService:
|
|||
details = list(MonkeyFindingDetails.objects.aggregate(*pipeline))
|
||||
if details:
|
||||
details = details[0]
|
||||
details['latest_events'] = MonkeyDetailsService._get_events_without_overlap(details['event_count'],
|
||||
details['latest_events'])
|
||||
details['latest_events'] = MonkeyZTDetailsService._get_events_without_overlap(details['event_count'],
|
||||
details['latest_events'])
|
||||
return details
|
||||
|
||||
@staticmethod
|
||||
|
|
@ -8,7 +8,7 @@ from monkey_island.cc.models.zero_trust.finding import Finding
|
|||
from monkey_island.cc.models.zero_trust.monkey_finding_details import MonkeyFindingDetails
|
||||
|
||||
|
||||
class MonkeyFindingService:
|
||||
class MonkeyZTFindingService:
|
||||
|
||||
@staticmethod
|
||||
def create_or_add_to_existing(test, status, events):
|
||||
|
|
@ -23,10 +23,10 @@ class MonkeyFindingService:
|
|||
assert (len(existing_findings) < 2), "More than one finding exists for {}:{}".format(test, status)
|
||||
|
||||
if len(existing_findings) == 0:
|
||||
MonkeyFindingService.create_new_finding(test, status, events)
|
||||
MonkeyZTFindingService.create_new_finding(test, status, events)
|
||||
else:
|
||||
# Now we know for sure this is the only one
|
||||
MonkeyFindingService.add_events(existing_findings[0], events)
|
||||
MonkeyZTFindingService.add_events(existing_findings[0], events)
|
||||
|
||||
@staticmethod
|
||||
def create_new_finding(test: str, status: str, events: List[Event]):
|
||||
|
|
@ -50,5 +50,5 @@ class MonkeyFindingService:
|
|||
|
||||
@staticmethod
|
||||
def add_malicious_activity_to_timeline(events):
|
||||
MonkeyFindingService.create_or_add_to_existing(test=zero_trust_consts.TEST_MALICIOUS_ACTIVITY_TIMELINE,
|
||||
status=zero_trust_consts.STATUS_VERIFY, events=events)
|
||||
MonkeyZTFindingService.create_or_add_to_existing(test=zero_trust_consts.TEST_MALICIOUS_ACTIVITY_TIMELINE,
|
||||
status=zero_trust_consts.STATUS_VERIFY, events=events)
|
||||
|
|
@ -1,8 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.findings import (DataLossPrevention, Logging,
|
||||
PermissiveFirewallRules,
|
||||
RestrictivePolicies,
|
||||
SecureAuthentication, ServiceSecurity,
|
||||
UnencryptedData)
|
||||
|
||||
SCOUTSUITE_FINDINGS = [PermissiveFirewallRules, UnencryptedData, DataLossPrevention, SecureAuthentication,
|
||||
RestrictivePolicies, Logging, ServiceSecurity]
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.cloudformation_rules import CloudformationRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||
AbstractRulePathCreator
|
||||
|
||||
|
||||
class CloudformationRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.CLOUDFORMATION
|
||||
supported_rules = CloudformationRules
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.cloudtrail_rules import CloudTrailRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||
AbstractRulePathCreator
|
||||
|
||||
|
||||
class CloudTrailRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.CLOUDTRAIL
|
||||
supported_rules = CloudTrailRules
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.cloudwatch_rules import CloudWatchRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||
AbstractRulePathCreator
|
||||
|
||||
|
||||
class CloudWatchRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.CLOUDWATCH
|
||||
supported_rules = CloudWatchRules
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.config_rules import ConfigRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||
AbstractRulePathCreator
|
||||
|
||||
|
||||
class ConfigRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.CONFIG
|
||||
supported_rules = ConfigRules
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.ec2_rules import EC2Rules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||
AbstractRulePathCreator
|
||||
|
||||
|
||||
class EC2RulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.EC2
|
||||
supported_rules = EC2Rules
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.elb_rules import ELBRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||
AbstractRulePathCreator
|
||||
|
||||
|
||||
class ELBRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.ELB
|
||||
supported_rules = ELBRules
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.elbv2_rules import ELBv2Rules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||
AbstractRulePathCreator
|
||||
|
||||
|
||||
class ELBv2RulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.ELB_V2
|
||||
supported_rules = ELBv2Rules
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.iam_rules import IAMRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||
AbstractRulePathCreator
|
||||
|
||||
|
||||
class IAMRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.IAM
|
||||
supported_rules = IAMRules
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.rds_rules import RDSRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||
AbstractRulePathCreator
|
||||
|
||||
|
||||
class RDSRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.RDS
|
||||
supported_rules = RDSRules
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.redshift_rules import RedshiftRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||
AbstractRulePathCreator
|
||||
|
||||
|
||||
class RedshiftRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.REDSHIFT
|
||||
supported_rules = RedshiftRules
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.s3_rules import S3Rules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||
AbstractRulePathCreator
|
||||
|
||||
|
||||
class S3RulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.S3
|
||||
supported_rules = S3Rules
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.ses_rules import SESRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||
AbstractRulePathCreator
|
||||
|
||||
|
||||
class SESRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.SES
|
||||
supported_rules = SESRules
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.sns_rules import SNSRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||
AbstractRulePathCreator
|
||||
|
||||
|
||||
class SNSRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.SNS
|
||||
supported_rules = SNSRules
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.sqs_rules import SQSRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||
AbstractRulePathCreator
|
||||
|
||||
|
||||
class SQSRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.SQS
|
||||
supported_rules = SQSRules
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.vpc_rules import VPCRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICE_TYPES
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.abstract_rule_path_creator import \
|
||||
AbstractRulePathCreator
|
||||
|
||||
|
||||
class VPCRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.VPC
|
||||
supported_rules = VPCRules
|
||||
|
|
@ -1,35 +0,0 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators.\
|
||||
cloudformation_rule_path_creator import CloudformationRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators.\
|
||||
cloudtrail_rule_path_creator import CloudTrailRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators.\
|
||||
cloudwatch_rule_path_creator import CloudWatchRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators.\
|
||||
config_rule_path_creator import ConfigRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators.\
|
||||
ec2_rule_path_creator import EC2RulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators.\
|
||||
elb_rule_path_creator import ELBRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators.\
|
||||
elbv2_rule_path_creator import ELBv2RulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators.\
|
||||
iam_rule_path_creator import IAMRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators.\
|
||||
rds_rule_path_creator import RDSRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators.\
|
||||
redshift_rule_path_creator import RedshiftRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators.\
|
||||
s3_rule_path_creator import S3RulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators.\
|
||||
ses_rule_path_creator import SESRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators.\
|
||||
sns_rule_path_creator import SNSRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators. \
|
||||
sqs_rule_path_creator import SQSRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators. \
|
||||
vpc_rule_path_creator import VPCRulePathCreator
|
||||
|
||||
RULE_PATH_CREATORS_LIST = [EC2RulePathCreator, ELBv2RulePathCreator, RDSRulePathCreator, RedshiftRulePathCreator,
|
||||
S3RulePathCreator, IAMRulePathCreator, CloudTrailRulePathCreator, ELBRulePathCreator,
|
||||
VPCRulePathCreator, CloudWatchRulePathCreator, SQSRulePathCreator, SNSRulePathCreator,
|
||||
SESRulePathCreator, ConfigRulePathCreator, CloudformationRulePathCreator]
|
||||
|
|
@ -1,21 +1,21 @@
|
|||
from abc import ABC, abstractmethod
|
||||
|
||||
from common.common_consts import zero_trust_consts
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.cloudformation_rules import CloudformationRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.cloudtrail_rules import CloudTrailRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.cloudwatch_rules import CloudWatchRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.config_rules import ConfigRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.ec2_rules import EC2Rules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.elb_rules import ELBRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.elbv2_rules import ELBv2Rules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.iam_rules import IAMRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.rds_rules import RDSRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.redshift_rules import RedshiftRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.s3_rules import S3Rules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.ses_rules import SESRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.sns_rules import SNSRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.sqs_rules import SQSRules
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.rule_names.vpc_rules import VPCRules
|
||||
from .rule_names.cloudformation_rules import CloudformationRules
|
||||
from .rule_names.cloudtrail_rules import CloudTrailRules
|
||||
from .rule_names.cloudwatch_rules import CloudWatchRules
|
||||
from .rule_names.config_rules import ConfigRules
|
||||
from .rule_names.ec2_rules import EC2Rules
|
||||
from .rule_names.elb_rules import ELBRules
|
||||
from .rule_names.elbv2_rules import ELBv2Rules
|
||||
from .rule_names.iam_rules import IAMRules
|
||||
from .rule_names.rds_rules import RDSRules
|
||||
from .rule_names.redshift_rules import RedshiftRules
|
||||
from .rule_names.s3_rules import S3Rules
|
||||
from .rule_names.ses_rules import SESRules
|
||||
from .rule_names.sns_rules import SNSRules
|
||||
from .rule_names.sqs_rules import SQSRules
|
||||
from .rule_names.vpc_rules import VPCRules
|
||||
|
||||
|
||||
class ScoutSuiteFinding(ABC):
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
from .findings import (DataLossPrevention, Logging,
|
||||
PermissiveFirewallRules,
|
||||
RestrictivePolicies,
|
||||
SecureAuthentication, ServiceSecurity,
|
||||
UnencryptedData)
|
||||
|
||||
SCOUTSUITE_FINDINGS = [PermissiveFirewallRules, UnencryptedData, DataLossPrevention, SecureAuthentication,
|
||||
RestrictivePolicies, Logging, ServiceSecurity]
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
from common.utils.code_utils import get_dict_value_by_path
|
||||
from common.utils.exceptions import RulePathCreatorNotFound
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_building.rule_path_creators_list import \
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators_list import \
|
||||
RULE_PATH_CREATORS_LIST
|
||||
|
||||
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
from abc import ABC, abstractmethod
|
||||
from typing import List
|
||||
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import FINDINGS, SERVICE_TYPES, SERVICES
|
||||
from ...consts.service_consts import FINDINGS, SERVICE_TYPES, SERVICES
|
||||
|
||||
|
||||
class AbstractRulePathCreator(ABC):
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
||||
from ....consts.rule_names.cloudformation_rules import CloudformationRules
|
||||
from ....consts.service_consts import SERVICE_TYPES
|
||||
|
||||
|
||||
class CloudformationRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.CLOUDFORMATION
|
||||
supported_rules = CloudformationRules
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
||||
from ....consts.rule_names.cloudtrail_rules import CloudTrailRules
|
||||
from ....consts.service_consts import SERVICE_TYPES
|
||||
|
||||
|
||||
class CloudTrailRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.CLOUDTRAIL
|
||||
supported_rules = CloudTrailRules
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
||||
from ....consts.rule_names.cloudwatch_rules import CloudWatchRules
|
||||
from ....consts.service_consts import SERVICE_TYPES
|
||||
|
||||
|
||||
class CloudWatchRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.CLOUDWATCH
|
||||
supported_rules = CloudWatchRules
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
||||
from ....consts.rule_names.config_rules import ConfigRules
|
||||
from ....consts.service_consts import SERVICE_TYPES
|
||||
|
||||
|
||||
class ConfigRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.CONFIG
|
||||
supported_rules = ConfigRules
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
||||
from ....consts.rule_names.ec2_rules import EC2Rules
|
||||
from ....consts.service_consts import SERVICE_TYPES
|
||||
|
||||
|
||||
class EC2RulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.EC2
|
||||
supported_rules = EC2Rules
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
||||
from ....consts.rule_names.elb_rules import ELBRules
|
||||
from ....consts.service_consts import SERVICE_TYPES
|
||||
|
||||
|
||||
class ELBRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.ELB
|
||||
supported_rules = ELBRules
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
||||
from ....consts.rule_names.elbv2_rules import ELBv2Rules
|
||||
from ....consts.service_consts import SERVICE_TYPES
|
||||
|
||||
|
||||
class ELBv2RulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.ELB_V2
|
||||
supported_rules = ELBv2Rules
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
||||
from ....consts.rule_names.iam_rules import IAMRules
|
||||
from ....consts.service_consts import SERVICE_TYPES
|
||||
|
||||
|
||||
class IAMRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.IAM
|
||||
supported_rules = IAMRules
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
||||
from ....consts.rule_names.rds_rules import RDSRules
|
||||
from ....consts.service_consts import SERVICE_TYPES
|
||||
|
||||
|
||||
class RDSRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.RDS
|
||||
supported_rules = RDSRules
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
||||
from ....consts.rule_names.redshift_rules import RedshiftRules
|
||||
from ....consts.service_consts import SERVICE_TYPES
|
||||
|
||||
|
||||
class RedshiftRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.REDSHIFT
|
||||
supported_rules = RedshiftRules
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
||||
from ....consts.rule_names.s3_rules import S3Rules
|
||||
from ....consts.service_consts import SERVICE_TYPES
|
||||
|
||||
|
||||
class S3RulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.S3
|
||||
supported_rules = S3Rules
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
||||
from ....consts.rule_names.ses_rules import SESRules
|
||||
from ....consts.service_consts import SERVICE_TYPES
|
||||
|
||||
|
||||
class SESRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.SES
|
||||
supported_rules = SESRules
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
||||
from ....consts.rule_names.sns_rules import SNSRules
|
||||
from ....consts.service_consts import SERVICE_TYPES
|
||||
|
||||
|
||||
class SNSRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.SNS
|
||||
supported_rules = SNSRules
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
||||
from ....consts.rule_names.sqs_rules import SQSRules
|
||||
from ....consts.service_consts import SERVICE_TYPES
|
||||
|
||||
|
||||
class SQSRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.SQS
|
||||
supported_rules = SQSRules
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
from ..abstract_rule_path_creator import AbstractRulePathCreator
|
||||
from ....consts.rule_names.vpc_rules import VPCRules
|
||||
from ....consts.service_consts import SERVICE_TYPES
|
||||
|
||||
|
||||
class VPCRulePathCreator(AbstractRulePathCreator):
|
||||
|
||||
service_type = SERVICE_TYPES.VPC
|
||||
supported_rules = VPCRules
|
||||
|
|
@ -0,0 +1,35 @@
|
|||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators.\
|
||||
cloudformation_rule_path_creator import CloudformationRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators.\
|
||||
cloudtrail_rule_path_creator import CloudTrailRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators.\
|
||||
cloudwatch_rule_path_creator import CloudWatchRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators.\
|
||||
config_rule_path_creator import ConfigRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators.\
|
||||
ec2_rule_path_creator import EC2RulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators.\
|
||||
elb_rule_path_creator import ELBRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators.\
|
||||
elbv2_rule_path_creator import ELBv2RulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators.\
|
||||
iam_rule_path_creator import IAMRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators.\
|
||||
rds_rule_path_creator import RDSRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators.\
|
||||
redshift_rule_path_creator import RedshiftRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators.\
|
||||
s3_rule_path_creator import S3RulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators.\
|
||||
ses_rule_path_creator import SESRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators.\
|
||||
sns_rule_path_creator import SNSRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators. \
|
||||
sqs_rule_path_creator import SQSRulePathCreator
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.data_parsing.rule_path_building.rule_path_creators. \
|
||||
vpc_rule_path_creator import VPCRulePathCreator
|
||||
|
||||
RULE_PATH_CREATORS_LIST = [EC2RulePathCreator, ELBv2RulePathCreator, RDSRulePathCreator, RedshiftRulePathCreator,
|
||||
S3RulePathCreator, IAMRulePathCreator, CloudTrailRulePathCreator, ELBRulePathCreator,
|
||||
VPCRulePathCreator, CloudWatchRulePathCreator, SQSRulePathCreator, SNSRulePathCreator,
|
||||
SESRulePathCreator, ConfigRulePathCreator, CloudformationRulePathCreator]
|
||||
|
|
@ -1,5 +1,5 @@
|
|||
from monkey_island.cc.models.zero_trust.scoutsuite_rule import ScoutSuiteRule
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts import rule_consts
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.consts import rule_consts
|
||||
|
||||
|
||||
class ScoutSuiteRuleService:
|
||||
|
|
@ -4,11 +4,11 @@ from common.common_consts import zero_trust_consts
|
|||
from monkey_island.cc.models.zero_trust.finding import Finding
|
||||
from monkey_island.cc.models.zero_trust.scoutsuite_finding_details import ScoutSuiteFindingDetails
|
||||
from monkey_island.cc.models.zero_trust.scoutsuite_rule import ScoutSuiteRule
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.consts.findings import ScoutSuiteFinding
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite.scoutsuite_rule_service import ScoutSuiteRuleService
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.consts.findings import ScoutSuiteFinding
|
||||
from monkey_island.cc.services.zero_trust.scoutsuite_findings.scoutsuite_rule_service import ScoutSuiteRuleService
|
||||
|
||||
|
||||
class ScoutSuiteFindingService:
|
||||
class ScoutSuiteZTFindingService:
|
||||
|
||||
@staticmethod
|
||||
def process_rule(finding: ScoutSuiteFinding, rule: ScoutSuiteRule):
|
||||
|
|
@ -16,16 +16,16 @@ class ScoutSuiteFindingService:
|
|||
assert (len(existing_findings) < 2), "More than one finding exists for {}".format(finding.test)
|
||||
|
||||
if len(existing_findings) == 0:
|
||||
ScoutSuiteFindingService.create_new_finding_from_rule(finding, rule)
|
||||
ScoutSuiteZTFindingService.create_new_finding_from_rule(finding, rule)
|
||||
else:
|
||||
ScoutSuiteFindingService.add_rule(existing_findings[0], rule)
|
||||
ScoutSuiteZTFindingService.add_rule(existing_findings[0], rule)
|
||||
|
||||
@staticmethod
|
||||
def create_new_finding_from_rule(finding: ScoutSuiteFinding, rule: ScoutSuiteRule):
|
||||
details = ScoutSuiteFindingDetails()
|
||||
details.scoutsuite_rules = [rule]
|
||||
details.save()
|
||||
status = ScoutSuiteFindingService.get_finding_status_from_rules(details.scoutsuite_rules)
|
||||
status = ScoutSuiteZTFindingService.get_finding_status_from_rules(details.scoutsuite_rules)
|
||||
Finding.save_finding(finding.test, status, details)
|
||||
|
||||
@staticmethod
|
||||
|
|
@ -41,15 +41,15 @@ class ScoutSuiteFindingService:
|
|||
|
||||
@staticmethod
|
||||
def add_rule(finding: Finding, rule: ScoutSuiteRule):
|
||||
ScoutSuiteFindingService.change_finding_status_by_rule(finding, rule)
|
||||
ScoutSuiteZTFindingService.change_finding_status_by_rule(finding, rule)
|
||||
finding.save()
|
||||
finding.details.fetch().add_rule(rule)
|
||||
|
||||
@staticmethod
|
||||
def change_finding_status_by_rule(finding: Finding, rule: ScoutSuiteRule):
|
||||
rule_status = ScoutSuiteFindingService.get_finding_status_from_rules([rule])
|
||||
rule_status = ScoutSuiteZTFindingService.get_finding_status_from_rules([rule])
|
||||
finding_status = finding.status
|
||||
new_finding_status = ScoutSuiteFindingService.get_finding_status_from_rule_status(finding_status, rule_status)
|
||||
new_finding_status = ScoutSuiteZTFindingService.get_finding_status_from_rule_status(finding_status, rule_status)
|
||||
if finding_status != new_finding_status:
|
||||
finding.status = new_finding_status
|
||||
|
||||
|
|
@ -3,28 +3,28 @@ from typing import List
|
|||
from common.common_consts import zero_trust_consts
|
||||
from common.utils.exceptions import UnknownFindingError
|
||||
from monkey_island.cc.models.zero_trust.finding import Finding
|
||||
from monkey_island.cc.services.zero_trust.monkey_details_service import MonkeyDetailsService
|
||||
from monkey_island.cc.services.zero_trust.monkey_findings.monkey_zt_details_service import MonkeyZTDetailsService
|
||||
|
||||
|
||||
class FindingService:
|
||||
class ZeroTrustFindingService:
|
||||
|
||||
@staticmethod
|
||||
def get_all_findings() -> List[Finding]:
|
||||
findings = list(Finding.objects)
|
||||
for i in range(len(findings)):
|
||||
if findings[i].finding_type == zero_trust_consts.MONKEY_FINDING:
|
||||
details = MonkeyDetailsService.fetch_details_for_display(findings[i].details.id)
|
||||
details = MonkeyZTDetailsService.fetch_details_for_display(findings[i].details.id)
|
||||
elif findings[i].finding_type == zero_trust_consts.SCOUTSUITE_FINDING:
|
||||
details = findings[i].details.fetch().to_mongo()
|
||||
else:
|
||||
raise UnknownFindingError(f"Unknown finding type {findings[i].finding_type}")
|
||||
findings[i] = findings[i].to_mongo()
|
||||
findings[i] = FindingService._get_enriched_finding(findings[i])
|
||||
findings[i] = ZeroTrustFindingService._get_enriched_finding(findings[i])
|
||||
findings[i]['details'] = details
|
||||
return findings
|
||||
|
||||
@staticmethod
|
||||
def _get_enriched_finding(finding):
|
||||
def _get_enriched_finding(finding: Finding) -> dict:
|
||||
test_info = zero_trust_consts.TESTS_MAP[finding['test']]
|
||||
enriched_finding = {
|
||||
'finding_id': str(finding['_id']),
|
||||
Loading…
Reference in New Issue