Commit Graph

2260 Commits

Author SHA1 Message Date
Shay Nehmad 223adb0f33 Added state function, WIP 2019-08-25 18:14:15 +03:00
Shay Nehmad 05eab34d45 Merge branch '400-zero-trust-mvp-venn-diagram' of https://github.com/guardicore/monkey into 400-zero-trust-mvp-venn-diagram 2019-08-25 18:08:43 +03:00
Shay Nehmad 470806f3bc Added segmentation violation test 2019-08-25 18:08:21 +03:00
Shay Nehmad 9dfb250d59 Added a custom segmentation finding type 2019-08-25 18:07:49 +03:00
vkuchinov b9cb655114 Fixes
Fixes for issues posted by Shay at VennDiagram component #412

[x] ResponsiveVennDiagram.js, VennDiagram.js
[x] VennDiagram.css (rename)
[x] ArcNode, CicularNode, Tooltip as .js
and other minor issues
2019-08-25 17:32:21 +03:00
VakarisZ 51b689366a Current section not changed on import 2019-08-25 15:47:24 +03:00
vkuchinov 5c4797108e Rules update
The rules are now set at this.rules array.
While some of them have two conditions, i.e. Rule #2 shoud check if Conclusive is 0 and Inconclusive > 0, all rules has its own function (formula), which returns true or false.

Eventually, I could shorten variable naming, for example, d_['Conclusive'] to something more prompt, but keeping this helps understand formulas even without referencing to upper comments.
2019-08-25 13:05:56 +03:00
Shay Nehmad 6ec4e613cf Extracted segmentation utils function 2019-08-25 11:31:31 +03:00
Shay Nehmad fb01bface6 Extracted config utility function to new package - in future all config should move here 2019-08-25 10:30:17 +03:00
Daniel Goldberg bd37995054
Merge pull request #414 from VakarisZ/private_key_query_fix
Attack: private key query fix, mimikatz: log message.
2019-08-25 08:46:03 +02:00
VakarisZ 97b0568c35 Added success log message in mimikatz and fixed private keys attack query 2019-08-23 16:08:53 +03:00
vkuchinov 244be146bb Update VennDiagram/index.js
[x] Scrolling issue. Since only window/document have 'scroll' event, the only option to fix tooltip issue on scrolling is just simply hide it.

That works well if after scrolling the mouse pointer doesn't stay on any venn nodes. Otherwise, you have to move mouse for the tooltip.

Theoretically, I could store hovered node coordinates and use them in _onScroll function to check if mouse is still on top one Venn nodes find window.pageYOffset difference.
2019-08-23 02:41:00 +03:00
Daniel Goldberg 489a6e8ebb
Merge pull request #409 from guardicore/feature/remove_rdp_grinder
Feature/remove rdp grinder
2019-08-22 16:11:21 +02:00
Shay Nehmad af8c7dc29f Added elasticsearch test 2019-08-22 16:18:37 +03:00
Shay Nehmad 3fef55eefa Now periodically updating the report. 2019-08-22 15:00:50 +03:00
vkuchinov 20e282f5fb Update index.js
[x] Z-Indices sorting on hover
[x] Resize (viewBox solution]
[x] Rule correction, have excluded 'Unexecuted' parameter from the sum for Rule #1

Still on my today's TODO list:

[-] Still looking for an elegant solution to scrolling glitch.
     Yes, the easiest way is to hide tooltip on scrolling, but that's not cool

[-] Need some coding refining
2019-08-22 14:50:07 +03:00
Shay Nehmad bf417ab01d Added machine exploited ZT test 2019-08-22 14:40:05 +03:00
Shay Nehmad bd97c965f1 Fixed another state bug in ZT report using deep copy 2019-08-22 14:39:40 +03:00
Itay Mizeretz d4c337dc42
Merge pull request #390 from VakarisZ/attack_scripting
T1064 Scripting
2019-08-22 14:24:33 +03:00
Itay Mizeretz 9bd4238d9c
Merge pull request #385 from VakarisZ/attack_remote_services
T1021 Remote services
2019-08-22 14:11:56 +03:00
VakarisZ b9a5ac1fe4 Refactored: scripting telemetry is send as a string, without using UsageEnum 2019-08-22 14:04:45 +03:00
Shay Nehmad 2174f43a84 Added d3 to package.json and now using the ResponsiveVennDiagram in Pillaroverview 2019-08-22 13:33:40 +03:00
Shay Nehmad 4455700c2a Merge branch '400/zero-trust-mvp' into 400-zero-trust-mvp-venn-diagram 2019-08-22 11:46:12 +03:00
Shay Nehmad 7f98f55e64 Fixed error +warning in UI
Error - didn't use deep copy and caused error
Warning - 2 events might have the same timestamp
2019-08-22 11:21:52 +03:00
Shay Nehmad 4581376d8d Added the open http endpoint test 2019-08-22 10:52:33 +03:00
vkuchinov 83ed12249e VennDiagram component 2019-08-22 10:13:10 +03:00
VakarisZ 9b23be44ed Added hash parsing to the T1021 remote services attack technique. 2019-08-22 09:28:53 +03:00
Shay Nehmad d6104bbcf9 Started implementing the open_data_endpoints test, still not creating findings 2019-08-21 21:28:15 +03:00
Shay Nehmad 6843606a4f Merge commit leftovers 2019-08-21 19:03:51 +03:00
Shay Nehmad 293a6639f2 Merge branch 'develop' into 400/zero-trust-mvp 2019-08-21 19:03:33 +03:00
Shay Nehmad bfaa05aa51 Minor CR fixes - changed downlaod filename, refactored some names 2019-08-21 18:48:02 +03:00
Shay Nehmad 3f85c336b9 Moved init of mappings to init file 2019-08-21 18:32:39 +03:00
Daniel Goldberg ef4113d31b
Merge pull request #410 from VakarisZ/default_server_bugfix
Bugfix for monkey without -s flag
2019-08-21 16:47:02 +02:00
Itay Mizeretz fc23faed3e
Merge pull request #384 from VakarisZ/attack_sys_network_config
T1016 System network configuration discovery
2019-08-21 17:41:46 +03:00
Itay Mizeretz 145488edd4
Merge pull request #383 from VakarisZ/attack_system_discovery
T1018 Remote System Discovery
2019-08-21 17:39:05 +03:00
Itay Mizeretz 3202deaf51
Merge pull request #382 from VakarisZ/attack_data_from_system
T1005 Data from local system
2019-08-21 17:37:41 +03:00
Itay Mizeretz d4c18eb07a
Merge pull request #381 from VakarisZ/attack_file_perm_mod
T1222 File permissions modification
2019-08-21 17:30:29 +03:00
Itay Mizeretz 22a5f87ebb
Merge pull request #379 from VakarisZ/attack_exfiltration_c2_channel
T1041 Exfiltration Over Command and Control Channel
2019-08-21 17:27:55 +03:00
VakarisZ 4b356c2cf4 Fixes bug where monkey crashes if default server flag is not passed 2019-08-21 11:54:38 +03:00
Daniel Goldberg 3f83e26c5b
Merge pull request #408 from guardicore/bugfix/missing_dpath_requirement_in_island
Add missing requirement
2019-08-21 10:18:53 +02:00
Daniel Goldberg 3ca2df85e2 Remove all mention of RDP grinder 2019-08-21 10:02:44 +02:00
Daniel Goldberg 2d82a18501 Add missing requirement 2019-08-21 10:02:08 +02:00
VakarisZ baccf3cc0b Merge branch 'attack_remote_services' into attack_scripting 2019-08-21 09:19:33 +03:00
VakarisZ 6a1bc4ba96 Merge branch 'attack_sys_network_config' into attack_remote_services 2019-08-21 09:19:04 +03:00
VakarisZ f014d3b035 Merge branch 'attack_system_discovery' into attack_sys_network_config 2019-08-21 09:18:32 +03:00
VakarisZ 3852bb80f3 Merge branch 'attack_data_from_system' into attack_system_discovery 2019-08-21 09:08:54 +03:00
VakarisZ b80040c547 Merge branch 'attack_file_perm_mod' into attack_data_from_system 2019-08-21 09:07:48 +03:00
VakarisZ ba40f1a5c4 Merge branch 'attack_exfiltration_c2_channel' into attack_file_perm_mod 2019-08-21 09:06:33 +03:00
VakarisZ 1dfdb9b0a1 Merge remote-tracking branch 'upstream/develop' into attack_exfiltration_c2_channel
# Conflicts:
#	monkey/monkey_island/cc/models/monkey.py
#	monkey/monkey_island/cc/ui/src/components/attack/techniques/T1090.js
2019-08-21 09:05:34 +03:00
Itay Mizeretz 10b2c2e6cb
Merge pull request #377 from VakarisZ/attack_proxy
T1188 Multi-hop proxy and T1090 Connection proxy
2019-08-20 19:17:47 +03:00