Is your feature request related to a problem? Please describe.
Improve the coverage of ZT tests.
Describe the solution you'd like
Monkeys should access a random subset of domains which are known to be malicious, such as PhishTank. If it manages to access the domains, fail the test.
We should store a list of 100 domains or so (not plaintext!) and choose 3 at random so the test isn't 100% predictable (like real malware :) )
This can be a simple PBA with a relevant PBA processor in post_breach.py.
ZT info:
Pillars: Networks, Visibility
Principle: Analyze network traffic for malicious activity
Test: Monkey tried to communicate with known malicious domains
Is your feature request related to a problem? Please describe. Improve the coverage of ZT tests.
Describe the solution you'd like Monkeys should access a random subset of domains which are known to be malicious, such as PhishTank. If it manages to access the domains, fail the test.
We should store a list of 100 domains or so (not plaintext!) and choose 3 at random so the test isn't 100% predictable (like real malware :) )
This can be a simple PBA with a relevant PBA processor in
post_breach.py
.ZT info: