Merge brute force and vulnerability exploiters in the configuration #2787
Comments
mssalvatore
added a commit
that referenced
this issue
Jan 5, 2023
The separation between brute force and vulnerability exploiters was based on the use case of "vulnerability scanning", which is no longer Infection Monkey's main goal. Ultimately, users should be able to configure the order that exploiters run in. While the UI doesn't allow this at the moment, the configuration can be manipulated manually to achieve this. However, vulnerability exploiters always run before brute force exploiters. In other words, this separation reduces the configurability of the system. By merging these into a single list of exploiters, we allow the user to have total control over the order in which exploiters are run. Issue #2787
8 tasks
mssalvatore
added a commit
that referenced
this issue
Jan 5, 2023
The separation between brute force and vulnerability exploiters was based on the use case of "vulnerability scanning", which is no longer Infection Monkey's main goal. Ultimately, users should be able to configure the order that exploiters run in. While the UI doesn't allow this at the moment, the configuration can be manipulated manually to achieve this. However, vulnerability exploiters always run before brute force exploiters. In other words, this separation reduces the configurability of the system. By merging these into a single list of exploiters, we allow the user to have total control over the order in which exploiters are run. Issue #2787 PR #2789
8 tasks
cakekoa
pushed a commit
that referenced
this issue
Jan 5, 2023
The separation between brute force and vulnerability exploiters was based on the use case of "vulnerability scanning", which is no longer Infection Monkey's main goal. Ultimately, users should be able to configure the order that exploiters run in. While the UI doesn't allow this at the moment, the configuration can be manipulated manually to achieve this. However, vulnerability exploiters always run before brute force exploiters. In other words, this separation reduces the configurability of the system. By merging these into a single list of exploiters, we allow the user to have total control over the order in which exploiters are run. Issue #2787 PR #2789
This was referenced Jan 6, 2023
ilija-lazoroski
added a commit
that referenced
this issue
Jan 6, 2023
ilija-lazoroski
added a commit
that referenced
this issue
Jan 6, 2023
VakarisZ
pushed a commit
that referenced
this issue
Jan 6, 2023
8 tasks
ilija-lazoroski
pushed a commit
that referenced
this issue
Jan 6, 2023
The separation between brute force and vulnerability exploiters was based on the use case of "vulnerability scanning", which is no longer Infection Monkey's main goal. Ultimately, users should be able to configure the order that exploiters run in. While the UI doesn't allow this at the moment, the configuration can be manipulated manually to achieve this. However, vulnerability exploiters always run before brute force exploiters. In other words, this separation reduces the configurability of the system. By merging these into a single list of exploiters, we allow the user to have total control over the order in which exploiters are run. Issue #2787 PR #2789
ilija-lazoroski
added a commit
that referenced
this issue
Jan 6, 2023
ilija-lazoroski
added a commit
that referenced
this issue
Jan 6, 2023
8 tasks
ilija-lazoroski
added a commit
that referenced
this issue
Jan 6, 2023
mssalvatore
pushed a commit
that referenced
this issue
Jan 6, 2023
mssalvatore
added a commit
that referenced
this issue
Jan 6, 2023
The separation between brute force and vulnerability exploiters was based on the use case of "vulnerability scanning", which is no longer Infection Monkey's main goal. Ultimately, users should be able to configure the order that exploiters run in. While the UI doesn't allow this at the moment, the configuration can be manipulated manually to achieve this. However, vulnerability exploiters always run before brute force exploiters. In other words, this separation reduces the configurability of the system. By merging these into a single list of exploiters, we allow the user to have total control over the order in which exploiters are run. Issue #2787 PR #2789
mssalvatore
pushed a commit
that referenced
this issue
Jan 6, 2023
mssalvatore
pushed a commit
that referenced
this issue
Jan 6, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
The separation between brute force and vulnerability exploiters was based on the use case of "vulnerability scanning", which is no longer Infection Monkey's main goal. Ultimately, users should be able to configure the order that exploiters run in. While the UI doesn't allow this at the moment, the configuration can be manipulated manually to achieve this. However, vulnerability exploiters always run before brute force exploiters. In other words, this separation reduces the configurability of the system.
Note
To avoid breaking
develop, base all work off of 2787-merge-vulnerability-and-brute-force-exploiter-config.Tasks
AgentConfigurationobject to contain only "Exploiters` (0d) @mssalvatoreinfection_monkey.master.exploiterto use the new configuration (0d) @mssalvatoremonkey_island.cc.services.reporting.reportto use the new configuration (0d) @ilija-lazoroskipath_in_schemain theAgentConfigurationSchemaService(0d) @ilija-lazoroskiThe text was updated successfully, but these errors were encountered: