Thorsten Sick
|
1cb76d8cf9
|
Added stand alone metasploit attacks
|
3 years ago |
Thorsten Sick
|
1e8ad1331b
|
Merge pull request #8 from avast/compile_tools
Compile tools
|
3 years ago |
Thorsten Sick
|
ba79493eae
|
Added compilation of FIN7 tools. Not all tools are tested yet. But they compile. Compilation is currently switched off until the infrastructure for testing is operational.
|
3 years ago |
Thorsten Sick
|
d765456f39
|
Adding tool to patch a shellcode into a C code file
|
3 years ago |
Thorsten Sick
|
85628336be
|
Merge pull request #7 from avast/fin7_improvements
Fin7 improvements
|
3 years ago |
Thorsten Sick
|
f7b0c5d098
|
pep8
|
3 years ago |
Thorsten Sick
|
b1a6593908
|
Adds the compilation steps to step 10. Rest of step 10 is still todo
|
3 years ago |
Thorsten Sick
|
ab8b4f04aa
|
Adding install function to attack plugins
|
3 years ago |
Thorsten Sick
|
1f9a0d444f
|
waiting for session to be established
|
3 years ago |
Thorsten Sick
|
058126f3ad
|
Merge pull request #6 from avast/fin7_step5
Fin7 step5
|
3 years ago |
Thorsten Sick
|
9a25537e99
|
Added Metasploit exception.
|
3 years ago |
Thorsten Sick
|
d36cd2896d
|
supporting nicknames for target machines. Those can be used to identify machines in complex attack simulations
|
3 years ago |
Thorsten Sick
|
9186556d3c
|
typo fix
|
3 years ago |
Thorsten Sick
|
c190bcf090
|
Adjusted retries in metasploit
|
3 years ago |
Thorsten Sick
|
a9226eab1f
|
Added experiment yaml for FIN7 experiments
|
3 years ago |
Thorsten Sick
|
3a87df3aed
|
Updated shipit to als add resources in plugin sub folders
|
3 years ago |
Thorsten Sick
|
485d47402d
|
Merge pull request #5 from avast/fin7_step5
FIN7 step 5 works. mimikatz plus uac bypass is very likely flaky. Dep…
|
4 years ago |
Thorsten Sick
|
a1df98c0c0
|
FIN7 step 5 works. mimikatz plus uac bypass is very likely flaky. Depending on target os version
|
4 years ago |
Thorsten Sick
|
52cb7ec829
|
Merge pull request #4 from avast/sensors_define_loot
Sensors can now defined which files are part of the loot
|
4 years ago |
Thorsten Sick
|
fda1ecd372
|
Sensors can now defined which files are part of the loot
|
4 years ago |
Thorsten Sick
|
6efe57e30e
|
Merge pull request #3 from avast/metasploit_basics
First metasploit command called successfully
|
4 years ago |
Thorsten Sick
|
afa63af469
|
First metasploit command called successfully
|
4 years ago |
Thorsten Sick
|
819754490e
|
Merge pull request #2 from avast/documentation_update_2
Documentation update 2
|
4 years ago |
Thorsten Sick
|
39be15b150
|
Extended code documentation
|
4 years ago |
Thorsten Sick
|
5436768e03
|
Updated core documentation rst files
|
4 years ago |
Thorsten Sick
|
39286a82f9
|
Documentation upgrade improved contributing.txt
|
4 years ago |
Thorsten Sick
|
c5e944a17e
|
Merge pull request #1 from avast/documentation_update_1
Documentation update 1
|
4 years ago |
Thorsten Sick
|
883194b728
|
Documentation upgrade
|
4 years ago |
Thorsten Sick
|
e1df094fd5
|
Documentation upgrade
|
4 years ago |
Thorsten Sick
|
0295fd8802
|
using log level for output
|
4 years ago |
Thorsten Sick
|
de5fc486d1
|
code simplification
|
4 years ago |
Thorsten Sick
|
fbd2ab99e0
|
improved documentation
|
4 years ago |
Thorsten Sick
|
2d69e87142
|
basic functionality for metasploit working as POC
|
4 years ago |
Thorsten Sick
|
4f62301b6e
|
Full unit test coverage for config.py
|
4 years ago |
Thorsten Sick
|
3bac1d862d
|
PEP8 fixes
|
4 years ago |
Thorsten Sick
|
102077f147
|
Adjusted unit tests to current code
|
4 years ago |
Thorsten Sick
|
0ee814c2eb
|
Adding first metasploit steps for FIN7
|
4 years ago |
Thorsten Sick
|
a4bda7a46c
|
Bugfix
|
4 years ago |
Thorsten Sick
|
1564f3a42b
|
Simpler access to machine data 2
|
4 years ago |
Thorsten Sick
|
96a5770a63
|
Simpler access to machine data
|
4 years ago |
Thorsten Sick
|
e1e6617a5e
|
Streamlining
|
4 years ago |
Thorsten Sick
|
725db17cf6
|
First caldera based attack in FIN7 playbook
|
4 years ago |
Thorsten Sick
|
ebd9854413
|
Adding Caldera parameter handling
|
4 years ago |
Thorsten Sick
|
04440bb1ab
|
Attack plugins will now get the full machine object for targets
|
4 years ago |
Thorsten Sick
|
c0598c577b
|
Single central Caldera object
|
4 years ago |
Thorsten Sick
|
66f304eb86
|
Concepts for adversary emulation: FIN7
|
4 years ago |
Thorsten Sick
|
49711ee4c9
|
Next move from kali plugin to attack plugin. Step2
|
4 years ago |
Thorsten Sick
|
95e9efb966
|
Improving kali plugins towards being more flexible and handling any kind of attacks. Step 1
|
4 years ago |
Thorsten Sick
|
090cd7c16a
|
Caldera experiments can be independently controlled by files. Those will overwrite the caldera attacks in the experiment files. Good for batch processing
|
4 years ago |
Thorsten Sick
|
12c92939c0
|
Caldera now supports jitter and obfuscator from configuration file. Keep in mind: Not all implants support all obfuscators.
|
4 years ago |