Mike Salvatore
ded9c03430
Update changelog with BB test performance improvements
2021-08-04 15:20:53 -04:00
Mike Salvatore
f6b52d9031
BB: Don't wait so long for monkeys to die
...
With the propagation depth set to 1 for most tests and the number of
scanned ports limited, we don't need such a large delay when waiting for
monkeys to die.
2021-08-04 15:06:11 -04:00
Mike Salvatore
ee77869357
BB: Limit propagation depth to 1 for most tests
2021-08-04 15:06:03 -04:00
Mike Salvatore
c34a303628
BB: Limit scanned ports for SMB PTH test
2021-08-04 13:54:17 -04:00
Mike Salvatore
8d992f41d3
BB: Update config_values with smb_pth settings
2021-08-04 13:54:17 -04:00
Mike Salvatore
e946b547c7
BB: Limit scanned ports for WMI PTH test
2021-08-04 13:54:13 -04:00
Mike Salvatore
0c23568756
BB: Limit scanned ports for zerologon test
2021-08-04 13:31:39 -04:00
Mike Salvatore
4d9162d168
BB: Limit scanned ports for weblogic test
2021-08-04 13:28:46 -04:00
Mike Salvatore
5143d03915
BB: Fix "Strtuts2" typo
2021-08-04 13:15:49 -04:00
Mike Salvatore
472c54814a
BB: Limit scanned ports for struts exploiter
2021-08-04 13:15:24 -04:00
Mike Salvatore
efd512cbad
BB: Limit scanned ports for wmi and mimikatz
2021-08-04 12:57:08 -04:00
Mike Salvatore
833ebf9fd0
BB: Limit scanned ports for smb and mimikatz
2021-08-04 12:56:42 -04:00
Mike Salvatore
3136921beb
BB: Limit scanned ports for hadoop test
2021-08-04 12:36:23 -04:00
Ilija Lazoroski
862a64b303
BB: Improve Drupal performance
2021-08-04 15:45:02 +02:00
Mike Salvatore
f58c9354fc
BB: Limit scanned ports for mssql test
2021-08-04 09:59:23 -04:00
Mike Salvatore
e36cd72a70
BB: Limit scanned ports for elastic test
2021-08-04 09:30:54 -04:00
Shreya Malviya
2188783fc4
cc: Redirect to landing page after registration instead of getting started page
2021-08-04 08:04:55 -04:00
Ilija Lazoroski
7ccec16d69
BB: Improve shellshock and ssh.
2021-08-04 13:49:22 +02:00
Mike Salvatore
fa9fae1d69
Merge pull request #1395 from guardicore/1354/check-if-mongodb-has-started
...
Island: Check if mongodb is running in wait_for_mongodb.
2021-08-03 11:33:41 -04:00
Shreya Malviya
0d02581df3
Merge pull request #1396 from guardicore/docs-contribute-exploits
...
Add 'Adding Exploits' page to docs
2021-08-03 20:22:12 +05:30
Ilija Lazoroski
374b1a7063
UT: Add test for mongo timeout and mongo version
2021-08-03 16:26:50 +02:00
Mike Salvatore
c368fd6a99
Island: Rename MongoDB*Exception -> MongoDB*Error
2021-08-03 10:12:17 -04:00
Mike Salvatore
dbf1ad86bc
Island: Extract start and connect mongodb functions
2021-08-03 10:06:26 -04:00
Shreya Malviya
7252ff97b6
docs: Reword sub-headings in pages in contribution section
2021-08-03 19:28:43 +05:30
Shreya Malviya
f55b348291
docs: Minor rewording in 'Adding Exploits' page based on review
2021-08-03 19:22:54 +05:30
Mike Salvatore
ba1e9be8f8
Island: Change .format() to format string in mongo_setup.py
2021-08-03 09:44:59 -04:00
Mike Salvatore
109a992201
Island: Add error messages to Mongo exceptions
2021-08-03 09:40:51 -04:00
Ilija Lazoroski
8dc2905c71
Island: Add Timeout and Version exceptions to mongo setup.
2021-08-03 14:37:12 +02:00
Shreya Malviya
94ddd7c760
docs: Update link to contributing exploits' documentation on 'Contribute' page
2021-08-03 15:37:54 +05:30
Shreya Malviya
b5db42d829
docs: Mark 'Adding Exploits' as not draft
2021-08-03 15:37:54 +05:30
Shreya Malviya
e7375c0d94
docs: Add 'Adding Exploits' page
2021-08-03 15:37:54 +05:30
Shreya Malviya
170999e9ed
docs: Fix heading in 'Adding System Info Collectors'
2021-08-03 15:37:38 +05:30
Ilija Lazoroski
f0e3d76501
Island: Check if mongodb is running.
2021-08-03 10:14:24 +02:00
Mike Salvatore
62b2217821
UI: Add ransomware blog link to lateral movement section
2021-08-02 12:00:00 -04:00
Shreya Malviya
fdba9f54ca
UI: Fix ATT&CK report bug which wasn't showing IP addresses in PBAs
...
Fixes #1370
PR #1393
2021-08-02 10:35:03 -04:00
Mike Salvatore
8ae0d5720b
BB: Add utility scripts to start and stop all GCP machines
2021-08-02 07:10:50 -04:00
Mike Salvatore
275dbeccdd
BB: Move GCP_TEST_MACHINE_LIST to its own file
...
Allows the GCP_TEST_MACHINE_LIST to be reused by other utility scripts
2021-08-02 07:09:37 -04:00
VakarisZ
568a97e5a5
BB performance tests: update the outdated README.md and other small improvements
2021-07-31 19:40:19 -04:00
Mike Salvatore
294ec0d546
Merge branch '1374/bug-fix' into develop
...
Pull request #1387
2021-07-31 19:38:40 -04:00
Mike Salvatore
9e449bb90f
Update AppImage changelog entries
2021-07-31 19:22:42 -04:00
Mike Salvatore
1194834fea
Merge branch 'package-appimage-with-linuxdeploy' into develop
...
Pull Request #1381
2021-07-31 19:22:00 -04:00
Mike Salvatore
11488365e8
Build: Package the AppImage with linuxdeploy
...
Fixes #1355
Fixes #1362
2021-07-31 19:20:36 -04:00
Ilija Lazoroski
cf0da5dc7d
BB: Change internet services default config.
2021-07-30 06:17:46 -04:00
Mike Salvatore
b11277a340
Update changelog for #1374
2021-07-30 05:49:24 -04:00
Mike Salvatore
e97943a905
Agent: Always join threads in main loop before exit
2021-07-30 05:44:43 -04:00
Mike Salvatore
e7d694380d
Agent: Skip propagation if max depth is reached
...
Fixes #1374
When monkey starts, it launches a thread for executing post breach
actions. It then executes its propagation loop on the main thread. If
the maximum propagation depth has been reached, a
PlannedShutdownException is raised on the main thread. This results in
InfectionMonkey.cleanup() being called, which then calls
InfectionMonkey.self_delete(). self_delete() deletes the monkey binary,
but the post breach actions thread hasn't been stopped, resulting in
a trace when the thread attempts an import.
We don't need to shutdown if the maximum propagation depth is reached.
We only need to skip the propagation phase so that monkey does not
propagate further. PBAs and payloads can still be allowed to run.
2021-07-30 05:44:34 -04:00
Mike Salvatore
017e37deb0
Agent: Extract propagation loop into a function
2021-07-30 05:40:31 -04:00
Mike Salvatore
2543e5b2a5
Agent: Only run ransomware payload once
2021-07-30 05:30:09 -04:00
Mike Salvatore
ce492d25f4
Agent: Return boolean from "should_monkey_run()"
...
A function named "should_monkey_run()" should let you know whether or
not monkey should run. Before this commit, the function was responsible
for flow control, as it raised a PlannedShutdownException, resulting in
the shutdown of the monkey agent.
2021-07-30 05:30:09 -04:00
Mike Salvatore
8e41634854
Merge pull request #1385 from guardicore/0910/brief-alert-register
...
Fix brief red alert on register.
2021-07-29 11:54:38 -04:00