As a red team member, I want to be able to configure the file extension that the ransomware simulation uses to rename encrypted files, so that I can more accurately mimic specific ransomware threats.
Acceptance Criteria
Encrypted files are renamed with a user-provided extension. (Default: ".m0nk3y")
Example: my_picture.jpg -> my_picture.jpg.m0nk3y
None/empty is a valid extension. The ransomware payload will not rename files if no extension is provided.
Any files that already have the user-provided extension are skipped.
Ransomware configuration screen includes a field that allows the user to specify a file extension.
Unit tests are written and provide comprehensive coverage.
Documentation is written that describes how the file extensions are used.
mssalvatore
commented
1 year ago
Description
As a red team member, I want to be able to configure the file extension that the ransomware simulation uses to rename encrypted files, so that I can more accurately mimic specific ransomware threats.
Acceptance Criteria
None/emptyis a valid extension. The ransomware payload will not rename files if no extension is provided.