Skip to content

Ransomware quickstart #1241

New issue
New issue
Closed
#1320
#1318
Closed
Ransomware quickstart#1241
#1320
#1318
Labels
Complexity: MediumFeatureIssue that describes a new feature to be implemented.Impact: Highsp/8
@mssalvatore

Description

@mssalvatore
mssalvatore
opened on Jun 16, 2021

Description

As a red team member, I want a quick and easy way to configure a ransomware simulation, so that I can easily test my network under a variety of ransomware scenarios.

Acceptance Criteria

  • A "Ransomware" button is added to the monkey island welcome screen.
  • Upon clicking the ransomware button, the user is provided with a series of screens that allow them to:
    • enable/disable encryption
    • configure networking
    • configure exploits
  • All post-breach actions are disabled
  • All system info collectors are enabled
  • Sidebar menu has a "Ransomware Simulation Configuration" item
  • Testing plan is updated to include testing this UI.

Tasks

  • Add API endpoint that allows the UI to set the mode (0d) - @VakarisZ
    • A field is set in mongodb to store which mode the user chose
  • Add API endpoint that allows the UI to get the mode (0d) - @ilija-lazoroski
  • Add a new welcome screen that is displayed when monkey first starts (0d) - @VakarisZ
    • No list items are displayed in sidebar
    • A description of monkey is displayed (see current home page)
    • 2 buttons allow the user to chose between Ransomware Simulation and Advanced Configuration
    • When button is clicked
      • Call API endpoint to set the mode
      • User is brought to current home page
  • When the user clicks "start over", they are brought back to the ransomware/advanced configuration selection page (0d) @ilija-lazoroski @VakarisZ
    • API endpoint is called that unsets the mode
  • Set default configuration values when mode is set (potentially use config templates from blackbox tests) (0d) - @shreyamalviya
    • No change to behavior if mode is set to "Advanced"
    • Disable post-breach actions if mode is set to "Ransomware"
  • Show mode at the top of the sidebar (0d) @VakarisZ
  • Hide scoutsuite run option in ransomware mode (0d) @ilija-lazoroski
  • Fix Default report tab is security report tab in ransomware mode #1329 (0d)
  • Only display Exploits, Network, and Ransomware configuration tabs in Ransomware mode (0d) - @shreyamalviya
  • Remove "Congratulations" message from island home page, change header to "Get started" (0d) @ilija-lazoroski

Metadata

Metadata

Assignees

No one assigned

    Labels

    Complexity: MediumFeatureIssue that describes a new feature to be implemented.Impact: Highsp/8

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions