From 69e1f21312883e991598adc042aff0359f660a5a Mon Sep 17 00:00:00 2001
From: Ilija Lazoroski <ilija.la@live.com>
Date: Wed, 17 Aug 2022 13:45:13 +0200
Subject: [PATCH] Agent: Use frozenset for zerologon event tags

---
 monkey/infection_monkey/exploit/zerologon.py | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/monkey/infection_monkey/exploit/zerologon.py b/monkey/infection_monkey/exploit/zerologon.py
index 3d6074230..f43a61069 100644
--- a/monkey/infection_monkey/exploit/zerologon.py
+++ b/monkey/infection_monkey/exploit/zerologon.py
@@ -36,11 +36,13 @@ T1003_ATTACK_TECHNIQUE_TAG = "attack-t1003"
 T1098_ATTACK_TECHNIQUE_TAG = "attack-t1098"
 
 
-ZEROLOGON_EVENT_TAGS = {
-    ZEROLOGON_EXPLOITER_TAG,
-    T1003_ATTACK_TECHNIQUE_TAG,
-    T1098_ATTACK_TECHNIQUE_TAG,
-}
+ZEROLOGON_EVENT_TAGS = frozenset(
+    {
+        ZEROLOGON_EXPLOITER_TAG,
+        T1003_ATTACK_TECHNIQUE_TAG,
+        T1098_ATTACK_TECHNIQUE_TAG,
+    }
+)
 
 
 class ZerologonExploiter(HostExploiter):
@@ -306,7 +308,7 @@ class ZerologonExploiter(HostExploiter):
 
     def _publish_credentials_stolen_event(self, extracted_credentials: Sequence[Credentials]):
         credentials_stolen_event = CredentialsStolenEvent(
-            tags=(ZEROLOGON_EVENT_TAGS),
+            tags=ZEROLOGON_EVENT_TAGS,
             stolen_credentials=extracted_credentials,
         )
         self.event_queue.publish(credentials_stolen_event)