As a red team member, I want a ransomware simulation that propagates via Powershell Remoting (WinRM), so that I can evaluate my segmentation policies against propagation techniques that are commonly used by ransomware.
Acceptance Criteria
Infection Monkey is able to propagate itself via Powershell.
A new blackbox test is added to verify the Powershell exploiter.
Unit tests are written and provide comprehensive coverage.
Documentation is written that describes how the new exploiter behaves.
Tasks
[x] Create a blackbox test that tests the existing exploiter on the powershell_exploiter branch. (0d) @ilija-lazoroski
[x] Add and configure 3 machines to allow powershell remoting (one with no creds, one with username only, one with username + password).
[x] Add a config template and blackbox test.
See this and this for information about powershell remoting configuration.
[x] Get the powershell exploiter prototype ready for production.
Description
As a red team member, I want a ransomware simulation that propagates via Powershell Remoting (WinRM), so that I can evaluate my segmentation policies against propagation techniques that are commonly used by ransomware.
Acceptance Criteria
Tasks
powershell_exploiter
branch. (0d) @ilija-lazoroski