From 3f725c1639d45ecde1e54c9ad239c327fac25bae Mon Sep 17 00:00:00 2001 From: VakarisZ Date: Thu, 3 Sep 2020 12:07:04 +0300 Subject: [PATCH] Added scoutsuite_api to monkey --- .../system_info/collectors/aws_collector.py | 3 +++ .../scoutsuite_collector/scoutsuite_api.py | 20 ++++++++++++++++ .../scoutsuite_collector.py | 23 +++++++++++++++++++ .../telemetry/scoutsuite_telem.py | 20 ++++++++++++++++ 4 files changed, 66 insertions(+) create mode 100644 monkey/infection_monkey/system_info/collectors/scoutsuite_collector/scoutsuite_api.py create mode 100644 monkey/infection_monkey/system_info/collectors/scoutsuite_collector/scoutsuite_collector.py create mode 100644 monkey/infection_monkey/telemetry/scoutsuite_telem.py diff --git a/monkey/infection_monkey/system_info/collectors/aws_collector.py b/monkey/infection_monkey/system_info/collectors/aws_collector.py index d31dc1ba6..80fbd4f29 100644 --- a/monkey/infection_monkey/system_info/collectors/aws_collector.py +++ b/monkey/infection_monkey/system_info/collectors/aws_collector.py @@ -4,6 +4,7 @@ from common.cloud.aws.aws_instance import AwsInstance from common.common_consts.system_info_collectors_names import AWS_COLLECTOR from infection_monkey.system_info.system_info_collector import \ SystemInfoCollector +from infection_monkey.system_info.collectors.scoutsuite_collector.scoutsuite_collector import CLOUD_TYPES, scan_cloud_security logger = logging.getLogger(__name__) @@ -25,6 +26,8 @@ class AwsCollector(SystemInfoCollector): { 'instance_id': aws.get_instance_id() } + # TODO add IF ON ISLAND check + scan_cloud_security(cloud_type=CLOUD_TYPES.AWS) else: logger.info("Machine is NOT an AWS instance") diff --git a/monkey/infection_monkey/system_info/collectors/scoutsuite_collector/scoutsuite_api.py b/monkey/infection_monkey/system_info/collectors/scoutsuite_collector/scoutsuite_api.py new file mode 100644 index 000000000..9feec3c3d --- /dev/null +++ b/monkey/infection_monkey/system_info/collectors/scoutsuite_collector/scoutsuite_api.py @@ -0,0 +1,20 @@ +import pkgutil +import sys +from pathlib import PurePath + +_scoutsuite_api_package = pkgutil.get_loader('infection_monkey.system_info.collectors.' + 'scoutsuite_collector.scoutsuite.ScoutSuite.__main__') + + +def _add_scoutsuite_to_python_path(): + scoutsuite_path = PurePath(_scoutsuite_api_package.path).parent.parent.__str__() + sys.path.append(scoutsuite_path) + + +_add_scoutsuite_to_python_path() + +import infection_monkey.system_info.collectors.scoutsuite_collector.scoutsuite.ScoutSuite.api_run as scoutsuite_api + + +def run(*args, **kwargs): + return scoutsuite_api.run(*args, **kwargs) diff --git a/monkey/infection_monkey/system_info/collectors/scoutsuite_collector/scoutsuite_collector.py b/monkey/infection_monkey/system_info/collectors/scoutsuite_collector/scoutsuite_collector.py new file mode 100644 index 000000000..fb33cce4b --- /dev/null +++ b/monkey/infection_monkey/system_info/collectors/scoutsuite_collector/scoutsuite_collector.py @@ -0,0 +1,23 @@ +import infection_monkey.system_info.collectors.scoutsuite_collector.scoutsuite_api as scoutsuite_api +from infection_monkey.telemetry.scoutsuite_telem import ScoutSuiteTelem + + +class CLOUD_TYPES: + AWS = 'aws' + AZURE = 'azure' + GCP = 'gcp' + ALIBABA = 'aliyun' + ORACLE = 'oci' + + +def scan_cloud_security(cloud_type: CLOUD_TYPES): + results = run_scoutsuite(cloud_type) + send_results(results) + + +def run_scoutsuite(cloud_type): + return scoutsuite_api.run(provider=cloud_type) + + +def send_results(results): + ScoutSuiteTelem.send(results) diff --git a/monkey/infection_monkey/telemetry/scoutsuite_telem.py b/monkey/infection_monkey/telemetry/scoutsuite_telem.py new file mode 100644 index 000000000..d606ea3c3 --- /dev/null +++ b/monkey/infection_monkey/telemetry/scoutsuite_telem.py @@ -0,0 +1,20 @@ +from common.common_consts.telem_categories import TelemCategoryEnum +from infection_monkey.telemetry.base_telem import BaseTelem + + +class ScoutSuiteTelem(BaseTelem): + + def __init__(self, data): + """ + Default ScoutSuite telemetry constructor + :param data: Data gathered via ScoutSuite ( + """ + super().__init__() + self.data = data + + telem_category = TelemCategoryEnum.SCOUTSUITE + + def get_data(self): + return { + 'data': self.data + }