monkey

Commit Graph

Author	SHA1	Message	Date
Ilija Lazoroski	ff0469690f	UT: Add type checking tests for EventSerializer Registry	2022-08-18 15:54:11 +02:00
Ilija Lazoroski	b541dc465d	Common: Type checking in EventSerializerRegistry	2022-08-18 15:54:04 +02:00
Shreya Malviya	4be262657e	Project: Remove Vulture entries no longer relevant Issue #2176	2022-08-18 07:13:30 -04:00
Mike Salvatore	c55098e186	Merge pull request #2197 from guardicore/2176-remove-credentials-intercepting-telemetry-messenger 2176 remove credentials intercepting telemetry messenger	2022-08-18 06:39:42 -04:00
Mike Salvatore	bc0c46bfb9	Merge pull request #2201 from guardicore/2176-publish-credentials-stolen-in-mimikatz CredentialsStolenEvent in MimikatzCredentialCollector	2022-08-18 06:37:40 -04:00
Ilija Lazoroski	4b1ad70f84	Common: Set event to registry only by class	2022-08-18 10:33:10 +02:00
Ilija Lazoroski	aeaabbccc4	UT: Test EventSerializerRegistry	2022-08-18 10:31:10 +02:00
Ilija Lazoroski	e83503e65a	Common: Export EventSerializerRegistry from __init__	2022-08-18 10:30:38 +02:00
Ilija Lazoroski	a32d9359b0	Common: Accept Union[str, Type[AbstractEvent]] in EventSerializerRegistry	2022-08-18 09:44:45 +02:00
Ilija Lazoroski	23604009a0	Common: Fix hint in IEventSerializer	2022-08-18 09:32:02 +02:00
Ilija Lazoroski	20f529d6a2	UT: Separate mimikatz credentials stolen event test	2022-08-18 09:22:59 +02:00
Kekoa Kaaikala	4f776f0102	UI: Add field for ransomed file extension	2022-08-17 20:10:23 +00:00
Shreya Malviya	132f3a3473	Project: Add event serializer entries to Vulture allowlist	2022-08-17 21:31:35 +05:30
Shreya Malviya	141c766b51	Common: Add EventSerializerRegistry	2022-08-17 21:29:06 +05:30
Shreya Malviya	0b9191ca43	Common: Add IEventSerializer to common/event_serializers/__init__.py	2022-08-17 21:28:33 +05:30
Kekoa Kaaikala	639fb26445	Agent: Improve the speed of bit flipping code - Remove a function call - Use a generator - Use a more efficient flip calculation (subtraction instead of xor) Issue #2123	2022-08-17 10:52:57 -04:00
Mike Salvatore	8b32e6d7a5	Merge pull request #2203 from guardicore/build-downgrade-pipenv Build: Downgrade pipenv to use 2022.7.4	2022-08-17 09:01:07 -04:00
Ilija Lazoroski	8355d9e68a	Buid: Export CI to get rid of nasty characters	2022-08-17 09:00:44 -04:00
Ilija Lazoroski	a96efcdc7d	Build: Downgrade pipenv to use 2022.7.4 It seems that every time a new version of pipenv is released, it breaks our build. See also `01e886f866`.	2022-08-17 08:59:51 -04:00
Shreya Malviya	6722057491	Agent: Use existing patch function in test_pypykatz_result_parsing_no_secrets	2022-08-17 18:03:07 +05:30
Shreya Malviya	c09adfb01b	Common: Add IEventSerializer	2022-08-17 17:57:28 +05:30
Mike Salvatore	85875e3323	Merge pull request #2198 from guardicore/2176-modify-zerologon-to-publish-events 2176 modify zerologon to publish events	2022-08-17 08:08:45 -04:00
Shreya Malviya	4334740002	UT: Simplify test_mimikatz_credentials_stolen_event_published	2022-08-17 17:31:06 +05:30
Shreya Malviya	2c3b29493f	Agent: Define SSH_COLLECTOR_EVENT_TAGS as a frozenset	2022-08-17 17:29:48 +05:30
Shreya Malviya	5747c2e8b4	UT: Update MimikatzCredentialCollector test now that MIMIKATZ_EVENT_TAGS is a frozenset	2022-08-17 17:28:44 +05:30
Shreya Malviya	3dca01d5d5	Agent: Define MIMIKATZ_EVENT_TAGS as a frozenset	2022-08-17 17:28:18 +05:30
Shreya Malviya	a3ddd6fb42	Common: Create directory and files for event serializer	2022-08-17 17:25:44 +05:30
Ilija Lazoroski	69e1f21312	Agent: Use frozenset for zerologon event tags	2022-08-17 13:45:13 +02:00
Ilija Lazoroski	74b9dd58fc	Agent: Add _ATTACK_TECHNIQUE to zerologon technique tags	2022-08-17 12:11:23 +02:00
Shreya Malviya	f9f3daffa7	UT: Add missing type hint to event_queue_subscriber fixture	2022-08-17 14:48:16 +05:30
Shreya Malviya	f510b89c08	UT: Move event_queue_subscriber fixture back to test_pypubsub_event_queue.py	2022-08-17 14:46:54 +05:30
Shreya Malviya	11901b1835	UT: Simplify variable logic in MimikatzCredentialCollector's event publishing test	2022-08-17 14:44:43 +05:30
Shreya Malviya	eb17b20625	UT: Simplify MimikatzCredentialCollector's event publishing test	2022-08-17 14:41:26 +05:30
Shreya Malviya	8f789b9d60	Agent: Remove unneeded argument passed to CredentialsStolenEvent in MimikatzCredentialCollector	2022-08-17 11:52:02 +05:30
Shreya Malviya	7faf6d3ecf	Agent: Modify Mimikatz credential collector's attack technique tags' strings	2022-08-17 11:50:38 +05:30
Shreya Malviya	457cc6be27	Agent: Modify Mimikatz credential collector tag string	2022-08-17 11:49:43 +05:30
Shreya Malviya	a0cf3d65f4	Agent: Rename variable in SSH handler	2022-08-17 11:48:35 +05:30
Shreya Malviya	140967b05f	UT: Use event_queue_subscriber fixture in MimikatzCredentialCollector tests	2022-08-17 11:47:52 +05:30
Shreya Malviya	b6c7001294	UT: Use event_queue_subscriber fixture in PyPubSubEventQueue tests	2022-08-17 11:47:52 +05:30
Shreya Malviya	2fbe9f3a4a	UT: Create event_queue_subscriber fixture	2022-08-17 11:47:52 +05:30
Shreya Malviya	b7ada959fa	UT: Simplify MimikatzCredentialCollector's event publishing test	2022-08-17 11:47:52 +05:30
Shreya Malviya	95a3be0273	UT: Add test to check CredentialStolenEvent is published in MimikatzCredentialCollector	2022-08-17 11:47:52 +05:30
Shreya Malviya	f453ff21fd	UT: Pass event queue to MimikatzCredentialCollector's constructor in tests	2022-08-17 11:47:52 +05:30
Shreya Malviya	c8a2c2156b	Agent: Fix variable name in MimikatzCredentialCollector	2022-08-17 11:47:51 +05:30
Shreya Malviya	56770d25c6	Agent: Publish credentials stolen event in MimikatzCredentialCollector	2022-08-17 11:47:51 +05:30
Shreya Malviya	e03f140749	Agent: Add function to publish credentials stolen event in Mimikatz credential collector	2022-08-17 11:47:51 +05:30
Shreya Malviya	b5058ce611	Agent: Add event tag constants for Mimikatz credential collector	2022-08-17 11:47:51 +05:30
Shreya Malviya	d745e10bf1	Agent: Accept event queue in Mimikatz collector's constructor	2022-08-17 11:47:51 +05:30
Ilija Lazoroski	3a9830415c	Agent: Use default target for ZerologonExploiter event	2022-08-17 00:58:45 +02:00
Ilija Lazoroski	f8b56dd171	Agent: Add T1098 (Account Manipulation) to ZerologonExploiter	2022-08-17 00:58:45 +02:00

... 2 3 4 5 6 ...

9980 Commits All Branches Search

9980 Commits

All Branches