p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
6,275 Commits 30 Branches 0 Tags 47 MiB
Commit Graph

6275 Commits

Author SHA1 Message Date
Ilija Lazoroski 36b13d0db9 Island: Remove attack-data submodule 
Removed submodule with its fork.
Remove usage of the submodule.
Fixed monkey_island.spec
Added attack_mitigations dump.
Added hook for above file.
 2021-09-30 10:52:41 -04:00
Mike Salvatore 6de33bfd57 Deployment: Import ATT&CK data into mongo 2021-09-30 10:50:52 -04:00
Mike Salvatore 82c8385863 Deployment: Reorder functions in dump_attack_mitigations.py 2021-09-30 10:50:52 -04:00
Mike Salvatore 38f50641a5 Deployment: Wrap argument parsing in function 2021-09-30 10:50:52 -04:00
Mike Salvatore 7bcfc6d27a Deployment: Make dump_attack_mitigations.py executable 2021-09-30 10:50:52 -04:00
Ilija Lazoroski 29f9384b6a Deployment: Initial commit for mongo export utility 2021-09-30 10:50:52 -04:00
VakarisZ f387595104
Merge pull request #1495 from guardicore/delay-mongo-init 
Delay mongo init to after registration
 2021-09-29 17:03:12 +03:00
VakarisZ 7939ed4739 Alter the log message talking about storing the mitigations: remove the part saying that it will take a while 2021-09-29 17:02:34 +03:00
VakarisZ 579ebf4a0f Alter registration page to show loading icon while registration request is being processed 2021-09-29 16:45:28 +03:00
VakarisZ c211d51d8c Move database reset to happen during the registration 2021-09-29 16:45:28 +03:00
VakarisZ b73958dd55 Rename the CHANGELOG.md entry about resetting login credentials to "Resetting login credentials also cleans the contents of the database. #1495" 2021-09-29 16:45:26 +03:00
Shreya Malviya ab7872d103 CHANGELOG: Add entry for delaying mongo init 2021-09-29 16:44:42 +03:00
Shreya Malviya 2cbaf954e1 docs: Fix spelling mistake 2021-09-29 16:44:16 +03:00
Shreya Malviya 1e02ab6d2b docs: Add warning that DB will be cleared if creds are reset 2021-09-29 16:44:16 +03:00
Shreya Malviya 6fe4d6cb31 island: Drop mongo db when registartion requirement is realised instead 
of when registration request is sent

The issue with this whole change is that there's a long gap where
nothing happens after you click on the log in or register button on the
UI.

But we don't need to worry about this because we plan on shipping
Island's mongodb with attack mitigations already present.
 2021-09-29 16:44:16 +03:00
Shreya Malviya 340dd1f94b island: Drop mongo db if registration is required 2021-09-29 16:44:16 +03:00
Shreya Malviya 194e244080 island: On login, check if collection 'attack_mitigations' is present in DB, 
add if not
 2021-09-29 16:44:16 +03:00
Shreya Malviya 3cbeb3dbf7 island: Add attack mitigations to mongo upon registration 2021-09-29 16:44:15 +03:00
Mike Salvatore 51f179c145
Merge pull request #1494 from guardicore/1415/add-ransomware-report-links 
1415/add ransomware report links
 2021-09-29 08:51:08 -04:00
VakarisZ b791ee16e1
Merge pull request #1501 from guardicore/tunneling-revert-schema 
Changed proxy schema for the agent
 2021-09-29 10:54:03 +03:00
ilija-lazoroski a5587cd4ad
Merge pull request #1489 from guardicore/1462/powershell-re-use 
PowerShell re-use credentials and second hop
 2021-09-28 17:57:52 +02:00
Ilija Lazoroski a438f3afb0 Zoo: Replace --os with --skip-powershell-reuse 
With this logic the powershell cached will run
if we don't provide the cli param --skip-powershell-reuse.
 2021-09-28 17:31:20 +02:00
Ilija Lazoroski 449fe7517e Agent: Changed proxy schema 2021-09-28 16:21:19 +02:00
Mike Salvatore 0839f04b1d
Merge pull request #1483 from guardicore/incorrect-attack-report-msgs 
Fix incorrect ATT&CK report messages
 2021-09-28 07:24:17 -04:00
VakarisZ beafc0bf9e
Merge pull request #1493 from guardicore/credential_duplication_fix 
Duplicate credentials in system info telem
 2021-09-28 13:49:21 +03:00
VakarisZ d240427ce2 Remove mimikatz field from sensitive fields in telemetries since telemetries no longer contain such key 2021-09-28 13:09:06 +03:00
VakarisZ 27e2969e79 Remove the unnecessary "mimikatz" info from telemetry data since the exact same data is stored under "credentials" key 2021-09-28 13:03:10 +03:00
VakarisZ e40c83c2ff
Merge pull request #1485 from guardicore/telemetry_encryption 
Telemetry encryption in database
 2021-09-28 12:18:12 +03:00
VakarisZ 8b9ddb0c4b Removed unnecessary vulture ignores from whitelist 2021-09-28 11:04:42 +03:00
VakarisZ d79892427b Moved credential encryption in mongo CHANGELOG.md entry from Fixes to Security 2021-09-28 11:04:42 +03:00
VakarisZ a24eb841c1 Extract DAL interface for report model into a separate report_dal.py file 2021-09-28 11:04:42 +03:00
VakarisZ 1160ac6af0 Refactor dictionary and sensitive mongo field encryption by moving it to server_utils/encryption 2021-09-28 11:04:42 +03:00
Shreya Malviya cb4b845eaf tests: Fix unit test (remove 'The'; see previous commit) 2021-09-28 12:08:11 +05:30
Shreya Malviya e5b9f96447 island: Remove 'The' from text to be shown in report, for consistency 2021-09-28 12:08:10 +05:30
Shreya Malviya 6def66cfaf island: Move class variable `config_schema_per_attack_technique` to the 
top of its class `AttackTechnique`
 2021-09-28 12:08:10 +05:30
Mike Salvatore 67262e19d1
Merge pull request #1492 from guardicore/1484/faq-network-limitations 
docs: Add faq for limiting monkey propagation
 2021-09-27 14:30:57 -04:00
MarketingYeti 4b0bed8267 Docs: Edits to monkey propagation FAQ section 2021-09-27 14:29:10 -04:00
Mike Salvatore e67066dd0d UI: Add external link icon to Ransomware report 2021-09-27 14:20:04 -04:00
Mike Salvatore 7d9386c266 UI: Add ExternalLink React element 2021-09-27 14:19:55 -04:00
Mike Salvatore cc531a98ae UI: Add link to Guardicore blog in ransomware Attack section 2021-09-27 13:42:52 -04:00
Mike Salvatore ce8fad53cd UI: Add link to Guardicore blog in ransomware Breach section 2021-09-27 13:42:18 -04:00
Mike Salvatore f79e218160 UI: Fix minor formatting issues in LateralMovement.tsx 2021-09-27 13:41:45 -04:00
Ilija Lazoroski 07c08ac0b6 Zoo: Reformat powershell cached credentials test 2021-09-27 19:02:13 +02:00
Mike Salvatore c16cff7b32 Docs: Wrap lines in monkey propagation section of FAQ 2021-09-27 12:43:46 -04:00
Shreya Malviya 72caf5a80a
island: Simplify logic when creating reverse schema 
Co-authored-by: Mike Salvatore <mike.s.salvatore@gmail.com>
 2021-09-27 22:13:37 +05:30
Mike Salvatore cd937802d7 Docs: Edits to monkey propagation FAQ section 2021-09-27 12:42:46 -04:00
Shreya Malviya 0804cecb64 island, tests: Make config_schema_per_attack_technique a class variable instead of generating it every time 2021-09-27 20:29:30 +05:30
Ilija Lazoroski faef27a7d1 docs: Add faq for limiting monkey propagation 2021-09-27 16:58:25 +02:00
Shreya Malviya afedde8c05 island, tests: Pass schema as arg to generate reverse schema instead of generating reverse schema at runtime 2021-09-27 20:20:04 +05:30
VakarisZ 8b9973238e Add CHANGELOG.md entry about fixed plaintext credentials in mongodb 2021-09-27 16:59:11 +03:00