From b5058ce61124e3f87f343ad3bc61808137f97eba Mon Sep 17 00:00:00 2001
From: Shreya Malviya <shreya.malviya@gmail.com>
Date: Tue, 16 Aug 2022 13:13:00 +0530
Subject: [PATCH] Agent: Add event tag constants for Mimikatz credential
 collector

---
 .../mimikatz_credential_collector.py                  | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/monkey/infection_monkey/credential_collectors/mimikatz_collector/mimikatz_credential_collector.py b/monkey/infection_monkey/credential_collectors/mimikatz_collector/mimikatz_credential_collector.py
index e723b723c..fd6a05218 100644
--- a/monkey/infection_monkey/credential_collectors/mimikatz_collector/mimikatz_credential_collector.py
+++ b/monkey/infection_monkey/credential_collectors/mimikatz_collector/mimikatz_credential_collector.py
@@ -12,6 +12,17 @@ from .windows_credentials import WindowsCredentials
 logger = logging.getLogger(__name__)
 
 
+MIMIKATZ_CREDENTIAL_COLLECTOR_TAG = "MimikatzCredentialsStolen"
+T1003_ATTACK_TECHNIQUE_TAG = "T1003"
+T1005_ATTACK_TECHNIQUE_TAG = "T1005"
+
+MIMIKATZ_EVENT_TAGS = {
+    MIMIKATZ_CREDENTIAL_COLLECTOR_TAG,
+    T1003_ATTACK_TECHNIQUE_TAG,
+    T1005_ATTACK_TECHNIQUE_TAG,
+}
+
+
 class MimikatzCredentialCollector(ICredentialCollector):
     def __init__(self, event_queue: IEventQueue):
         self._event_queue = event_queue