Shreya Malviya
72caf5a80a
island: Simplify logic when creating reverse schema
...
Co-authored-by: Mike Salvatore <mike.s.salvatore@gmail.com>
2021-09-27 22:13:37 +05:30
Mike Salvatore
cd937802d7
Docs: Edits to monkey propagation FAQ section
2021-09-27 12:42:46 -04:00
Shreya Malviya
0804cecb64
island, tests: Make config_schema_per_attack_technique a class variable instead of generating it every time
2021-09-27 20:29:30 +05:30
Ilija Lazoroski
faef27a7d1
docs: Add faq for limiting monkey propagation
2021-09-27 16:58:25 +02:00
Shreya Malviya
afedde8c05
island, tests: Pass schema as arg to generate reverse schema instead of generating reverse schema at runtime
2021-09-27 20:20:04 +05:30
VakarisZ
8b9973238e
Add CHANGELOG.md entry about fixed plaintext credentials in mongodb
2021-09-27 16:59:11 +03:00
VakarisZ
46f263be5f
Separate the telemetry document from telemetry_dal, also extracted external interface into __init__.py files
2021-09-27 16:56:45 +03:00
VakarisZ
51f6fbe356
Adjust island conftest.py to also rename the encryptor to datastore_encryptor
2021-09-27 16:29:41 +03:00
Shreya Malviya
96c525d656
docs: Add upward right arrow icon to external links
...
Taken from
https://www.jayeless.net/2021/08/hugo-mark-external-links.html
2021-09-27 07:51:15 -04:00
VakarisZ
87809c46c1
Fix breaking PBA file upload unit tests on windows.
...
The tests broke because `get` endpoint opened up the file handle which was not closed anywhere. The delete endpoint couldn't delete the file, since a process was using it.
2021-09-27 07:47:51 -04:00
Ilija Lazoroski
689e6ac532
Zoo: Add os specific black box test.
...
Add new --os flag to the blackbox tests.
If not specified it will skip all os marked tests.
2021-09-27 13:08:52 +02:00
Ilija Lazoroski
b90e9ccf21
Zoo: Add second hop bb test
...
Added new powershell-3-48 machine for second hop test.
Explanation why cached are not working after the first hop.
Documentation for the zoo.
2021-09-24 15:29:11 +02:00
Shreya Malviya
c2c5710dfa
swimm: update exercise Add details about your new PBA JFXftJml8DpmuCPBA9rL
2021-09-24 17:41:08 +05:30
Shreya Malviya
1807bfcb3e
swimm: update exercise Add a new System Info Collector OwcKMnALpn7tuBaJY1US
2021-09-24 17:37:59 +05:30
Shreya Malviya
d6f91e45f7
swimm: update exercise Add details about your new PBA JFXftJml8DpmuCPBA9rL
2021-09-24 17:35:36 +05:30
Shreya Malviya
a857d291d8
CHANGELOG: Add entry for modifying ATT&CK report messages
2021-09-24 17:32:17 +05:30
Shreya Malviya
85e54419f3
tests: Extract mocking to an autouse, function-scoped fixture to reduce
...
code in test_technique_reports.py
2021-09-24 17:23:59 +05:30
Shreya Malviya
6f903bd8f1
tests: Use enums for expected msgs for better readibility in
...
test_technique_reports.py
2021-09-24 17:12:03 +05:30
Shreya Malviya
aff2bad777
tests: Move some code around in test_technique_reports.py so it's easier
...
to read
2021-09-24 16:42:04 +05:30
Shreya Malviya
90f3cff3cd
tests: Add unit tests for `get_message_by_status()` in
...
monkey_island\cc\services\attack\technique_reports\__init__.py
2021-09-24 16:33:57 +05:30
VakarisZ
ace60052da
Alter usages of telemetry collection in report to store/fetch system info telemetry using the Telemetry model
...
This is required to automatically encrypt/decrypt the telemetries and it's a good practice to have a DAL for telemetries
2021-09-24 13:31:26 +03:00
VakarisZ
e6ad125be9
Change the telemetry model to have a method for fetching the telemetries based on queries.
...
Telemetry code mainly uses queries and mongoengine has no good way of field encryption, that's why this method prefers to handle queries rather than Telemetry models
2021-09-24 13:31:26 +03:00
VakarisZ
3781095f25
Change the mock database name to "db", because all of the codebase is using this database.
...
This change enables us to write unit tests without the need to patch the the database name in all of the mongo queries that look like "mongo.db.collection"
2021-09-24 13:31:26 +03:00
VakarisZ
1ab0fe7b13
Add Telemetry model
2021-09-24 13:31:26 +03:00
VakarisZ
989d0ffd84
Add unit tests for telemetry model
2021-09-24 13:31:26 +03:00
VakarisZ
b2db5e77c4
Change test_string_list_encryptor.py to re-use fixture "uses_encryptor" rather than implementing the same fixture locally
2021-09-24 13:31:23 +03:00
VakarisZ
854ce4e1e1
Refactor DocumentEncryptor class into a series of methods.
...
DocumentEncryptor class serves no purpose because it holds no state, sensitive_fields can be passed as a parameter to methods
2021-09-24 13:30:28 +03:00
VakarisZ
f3865d022b
Change mongomock_fixtures.py to drop the whole database instead of specified collections.
...
This makes it easier to add new database related tests, because we no longer need to modify the mongomock_fixtures.py to also drop a particular collection we are testing.
2021-09-24 13:30:27 +03:00
VakarisZ
f1c7cf4047
Generalize report_encryptor.py into document_encryptor.py and extract the sensitive fields to report_encryptor.py
2021-09-24 13:30:27 +03:00
Shreya Malviya
f2470bb0e9
tests: Add unit test for `get_config_schema_per_attack_technique()` in
...
config_schema_per_attack_technique.py
2021-09-24 15:52:34 +05:30
Shreya Malviya
f3da34e969
island: Use dict's `setdefault()` to shorten
...
`_add_config_field_to_reverse_schema()` in
config_schema_per_attack_technique.py
2021-09-24 15:24:58 +05:30
Shreya Malviya
4a65ac37ef
island: Use dict's `get()` method to shorten
...
`get_config_schema_per_attack_technique()` in
config_schema_per_attack_technique.py
2021-09-24 12:30:11 +05:30
Mike Salvatore
089158a976
Agent: Remove editable pyspnego degendency
...
pyspnego v0.2.0 has been released, so we no longer need to specify a git
commit hash in order to get the correct version.
2021-09-23 14:14:32 -04:00
Mike Salvatore
1996387cc5
Remove unnecessary # noqa: E402 from __init__.py files
2021-09-23 13:39:48 -04:00
Mike Salvatore
f0a2a43d51
Remove unnecessary # noqa: F401 from __init__.py files
2021-09-23 13:38:47 -04:00
Mike Salvatore
8b7cb9c0b1
Merge pull request #1481 from guardicore/1471/merge-encryptions
...
Refactor encryptors
2021-09-23 13:38:00 -04:00
Ilija Lazoroski
e2ede28967
Island: Rename get_encryptor and initialize_encryptor
...
Renamed to get_datastore_encryptor and
initialize_datastore_encryptor
2021-09-23 19:04:22 +02:00
Ilija Lazoroski
e0779347b2
Island: Add all imports from encryption to __init__
...
Now the imports are shorter by one directory.
Check the __init__ in encryption.
2021-09-23 19:00:13 +02:00
Ilija Lazoroski
071a4eb1a7
Island: Add IEncryptor to __init__
...
Dnt abbrev in PassworBasedEncryptor and KeyBasedEncryptor
Add comment for review and evaluate the padding function
2021-09-23 17:52:15 +02:00
Shreya Malviya
2cc00205f1
island: Modify ATT&CK report messages to mention reasons
...
1. not run on relevant system
2. relevant config options were disabled
2021-09-23 16:39:05 +05:30
Ilija Lazoroski
1b91616778
Island: Add explanation for KBE and PBE
...
KeyBasedEncryptor and PasswordBasedEncryptor
2021-09-23 12:44:05 +02:00
Ilija Lazoroski
a661dc4fe6
Island: Refactor encryptors
...
All encryptors are moved to server_utils/encryption.
They were renamed according to the class name.
Everywhere that we had use the encryptors I have updated the names.
Unit tests are also moved to UTs server_utils/encryption.
2021-09-22 22:48:13 +02:00
Ilija Lazoroski
803d1c910f
Island: Separate password and key encryption
2021-09-22 18:10:16 +02:00
Shreya Malviya
f730e75cc8
island: Change `pass` to `...` for abstract properties in
...
cc/services/attack/technique_reports/
See https://stackoverflow.com/a/58321197/10629482 .
2021-09-22 19:21:20 +05:30
Shreya Malviya
b0b0f515d0
island: Add abstract property `relevant_systems` to AttackTechnique and declare it for all techniques left
2021-09-22 19:15:06 +05:30
Shreya Malviya
8e733a8440
island: Add `relevant_systems` property to attack techniques that run on
...
specific systems
And remove hardcoded "since it didn't run on any ... systems" from the unscanned
message for those techniques
2021-09-22 18:30:35 +05:30
Shreya Malviya
9564fb1aaa
island: Move T1216's details from T1216.py to attack_schema.py so that it's
...
shown in the config instead of the ATT&CK report
2021-09-22 18:23:17 +05:30
Mike Salvatore
380d0ee74f
Merge pull request #1479 from guardicore/1476/upgrade-python-deps
...
Update Python dependencies
2021-09-22 08:30:13 -04:00
Mike Salvatore
67b23c42bf
Tests: Simplify test names in test_string_list_encryptor.py
2021-09-22 07:44:54 -04:00
Shreya Malviya
ba2207b21d
island: Remove unneeded function to get reverse schema
2021-09-22 16:16:46 +05:30