Closed shreyamalviya closed 3 years ago
Would love this (working with @shreyamalviya on the same project, Infection Monkey). If there's any way we can push this forward and help let us know!!!
Howdy, folks! At present, there's no one actively developing the Python framework. If building in reporting is something that you'd like to contribute, we can do our best to help with testing and review. In general, there are two issues with reporting, and I think you've touched on them both at a high level:
calc.exe
process). The detection pieces have not. Again, if you have questions, we're happy to do our best to help!
I just came to suggest the same thing! First step could be to have just a message like "you should see a notepad/calc opened". I think this step seems reasonable to implement by adding an attribute to each test (lot of work though) and a message print in execution frameworks. Then, for automation purposes, a coded check would be really helpful I think. But it means coding a command to check for successful execution!
@keithmccammon The Infection Monkey developers who opened this issue have decided to continue using their existing architecture and not depend on this issue.
But the issue has been gathering likes and getting comments. It would be a nice feature to add to atomic-red-team. So I would like to implement this. I have a rough idea about which parts of code to change and develop.
If atomic-red-team wants to move ahead with this issue, I would like to discuss my approach here.
Python Execution Framework no longer maintained in this repo.
Hi @clr2of8, in which repo is the Python Execution Framework now being maintained?
Please reach on to @MSAdministrator who will be releasing that soon. You can reach him most easily on the Slack Atomic Red Team workspace or twitter.
I'm working on the development of a pen-testing tool and we're planning on integrating ART atomic tests. However, we've run into an issue since after using the python execution framework, the output that is shown after running a technique is not very descriptive.
For example, running this:
Just gives the output:
There's no certain way for me to know whether the attack was successful or not since it just returns the output/error (relevant code below). https://github.com/redcanaryco/atomic-red-team/blob/14905c7a1618fe52bc0973ac575949ab4f9c2d67/execution-frameworks/contrib/python/runner.py#L491
It would be extremely useful if there were some sort of reporting mechanism that returned more information about the execution of the technique along with its output/error.