************** Attack plugins ************** Attack features of PurpleDome can be extended using a plugin system. Those attack plugins can start Caldera attacks, run Kali command line tools or use Metasploit. An example plugin is in the file *hydra_plugin.py*. It contains a plugin class that **MUST** be based on the *AttackPlugin* class. :: Important: This projects goal is to improve defense. Adding any attack must be done with this goal. To guarantee that: * Only add attacks that are already in the wild * Link to blog posts describing this attack * Maybe already drop some ideas how to detect and block * Or even add code to detect and block it Usage ===== To create a new plugin, start a sub-folder in *plugins*. The python file in there must contain a class that inherits from *AttackPlugin*. There is an example plugin *hydra.py* that you can use as template. Boilerplate ----------- The boilerplate contains some basics: * name: a unique name, also used in the config yaml file to reference this plugin * description: A human readable description for this plugin. * ttp: The TTP number of this kali attack. See https://attack.mitre.org/ "???" if it is unknown "multiple" if it covers several TTPs * references. A list of urls to blog posts or similar describing the attack * required_files: A list. If you ship files with your plugin, listing them here will cause them to be installed on plugin init. Better than using required_files is to use: * required_files_attacker: required files to send to the attacker * required_files_target: required files to send to the target Method: run ----------- This will run the attack. * targets: a list of target machines. If you need the network address, use target[0].get_ip() The plugin class ================ .. autoclass:: plugins.base.attack.AttackPlugin :members: