app.objects namespace

Submodules

app.objects.c_ability module

class app.objects.c_ability.Ability(ability_id, tactic=None, technique_id=None, technique=None, name=None, test=None, description=None, cleanup=None, executor=None, platform=None, payloads=None, parsers=None, requirements=None, privilege=None, timeout=60, repeatable=False, access=None, variations=None, language=None, code=None, build_target=None)

Bases: app.utility.base_object.BaseObject

HOOKS = {}
RESERVED = {'payload': '#{payload}'}
display
classmethod from_json(json)
replace_cleanup(encoded_cmd, payload)
store(ram)
test
unique
which_plugin()

app.objects.c_adversary module

class app.objects.c_adversary.Adversary(adversary_id, name, description, atomic_ordering)

Bases: app.utility.base_object.BaseObject

display
has_ability(ability)
store(ram)
unique
which_plugin()

app.objects.c_agent module

class app.objects.c_agent.Agent(sleep_min, sleep_max, watchdog, platform='unknown', server='unknown', host='unknown', username='unknown', architecture='unknown', group='red', location='unknown', pid=0, ppid=0, trusted=True, executors=(), privilege='User', exe_name='unknown', contact='unknown', paw=None)

Bases: app.utility.base_object.BaseObject

class AgentSchema(*, only: Union[Sequence[str], Set[str]] = None, exclude: Union[Sequence[str], Set[str]] = (), many: bool = False, context: Dict[KT, VT] = None, load_only: Union[Sequence[str], Set[str]] = (), dump_only: Union[Sequence[str], Set[str]] = (), partial: Union[bool, Sequence[str], Set[str]] = False, unknown: str = None)

Bases: marshmallow.schema.Schema

opts = <marshmallow.schema.SchemaOpts object>
remove_nulls(in_data, **_)
RESERVED = {'agent_paw': '#{paw}', 'exe_name': '#{exe_name}', 'group': '#{group}', 'location': '#{location}', 'payload': re.compile('#{payload:(.*?)}', re.DOTALL), 'server': '#{server}'}
all_facts()
bootstrap(data_svc)
calculate_sleep()
capabilities(ability_set)
display
display_name
classmethod from_dict(dict_obj)

Creates an Agent object from parameters stored in a dict. AgentSchema is used to validate inputs.

gui_modification(**kwargs)
heartbeat_modification(**kwargs)
kill()
privileged_to_run(ability)
replace(encoded_cmd, file_svc)
store(ram)
task(abilities, facts=())
unique

app.objects.c_obfuscator module

class app.objects.c_obfuscator.Obfuscator(name, description, module)

Bases: app.utility.base_object.BaseObject

display
load(agent)
store(ram)
unique

app.objects.c_operation module

class app.objects.c_operation.Operation(name, agents, adversary, id=None, jitter='2/8', source=None, planner=None, state='running', autonomous=True, atomic_enabled=False, obfuscator='plain-text', group=None, auto_close=True, visibility=50, access=None)

Bases: app.utility.base_object.BaseObject

class Reason

Bases: enum.Enum

An enumeration.

EXECUTOR = 1
FACT_DEPENDENCY = 2
OP_RUNNING = 4
PLATFORM = 0
PRIVILEGE = 3
UNTRUSTED = 5
active_agents()
all_facts()
all_relationships()
apply(link)
close()
display
get_active_agent_by_paw(paw)
has_fact(trait, value)
is_closeable()
is_finished()
report(file_svc, output=False, redacted=False)
run(services)
set_start_details()
states
store(ram)
unique
update_operation(services)
wait_for_completion()

Wait for started links to be completed :param link_ids: :return: None

app.objects.c_planner module

class app.objects.c_planner.Planner(planner_id, name, module, params, stopping_conditions=None, description=None, ignore_enforcement_modules=())

Bases: app.utility.base_object.BaseObject

display
store(ram)
unique
which_plugin()

app.objects.c_plugin module

class app.objects.c_plugin.Plugin(name='virtual', description=None, address=None, enabled=False, data_dir=None, access=None)

Bases: app.utility.base_object.BaseObject

destroy(services)
display
enable(services)
expand(services)
load()
store(ram)
unique

app.objects.c_schedule module

class app.objects.c_schedule.Schedule(name, schedule, task)

Bases: app.utility.base_object.BaseObject

display
store(ram)
unique

app.objects.c_source module

class app.objects.c_source.Source(identifier, name, facts, rules=(), adjustments=())

Bases: app.utility.base_object.BaseObject

display
store(ram)
unique