Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added Tactic TA0043 Reconnaissance with procedure T1595.001 Active Scanning: Scan IP Blocks #52

Merged
merged 5 commits into from
Sep 6, 2023
Merged

Added Tactic TA0043 Reconnaissance with procedure T1595.001 Active Scanning: Scan IP Blocks #52

merged 5 commits into from
Sep 6, 2023

Conversation

sw8y
Copy link
Contributor

@sw8y sw8y commented Sep 1, 2023
edited
Loading

Proposed Changes

Created a TTP for scanning IP blocks using the Nmap utility. This TTP will check the OS of the computer, then confirm that the appropriate package manager is also installed. If confirmed, the system will be checked to see if nmap is installed and install it if not.

Related Issue(s)

No issues identified.

Testing

  1. Verified the results of "uname" on the local system.
  2. Run TTP with nmap installed to verify functionality.
  3. Run TTP without nmap insatlled to verify install.
  4. Run TTP without port list to verify default ports are scanned.
  5. Run TTP with port list to verify that the provided list of ports are scanned.
  6. Run TTP with cleanup option set to false to verify that nmap is not uninstalled.
  7. Run TTP with cleanup option set to true to verify that nmap is uninstalled.

Documentation

README.md has been updated to reflect what this TTP does and how it operates.

Screenshots/GIFs (optional)

Checklist

  • Ran mage runprecommit locally and fixed any issues that arose.
  • Curated your commit(s) so they are legible and easy to read and understand.
  • 🚀

@d3sch41n
Copy link
Contributor

d3sch41n commented Sep 1, 2023

Thanks so much for the contribution! I'm hopping out on vacation until Tuesday so unfortunately I'll need to wait till then for a detailed review, at which point I can help with the pre-commit hook (though of course @l50 may hop in beforehand) - but before I leave just wanted to say that we really appreciate the addition and look forward to collaborating in the near future!

@l50
Copy link
Contributor

l50 commented Sep 1, 2023
edited
Loading

Hey @sw8y! Did you run mage runPreCommit before submitting the PR?

Additionally, what are the empty placeholder files for?

@l50
Copy link
Contributor

l50 commented Sep 4, 2023
edited
Loading

I'm going to create a proposal for directory layout next week and will post an RFC for feedback from the community.

For now, if you can remove the directories with solely placeholders, and make any adjustments required to get pre-commit to pass (mage runprecommit), we can land this bad boy :)

@sw8y
Copy link
Contributor Author

sw8y commented Sep 6, 2023

My bad for the late reply! Working on this now :)

@TTPForge-bot TTPForge-bot added the area/pre-commit Changes made to pre-commit hooks label Sep 6, 2023
@sw8y
Copy link
Contributor Author

sw8y commented Sep 6, 2023
edited
Loading

For those of you, like me, who read other people's pull requests to see what they did, let this be a message to you:

Please run "mage runprecommit" first before a push LOL. It will save you time.

@l50
Copy link
Contributor

l50 commented Sep 6, 2023

For those of you, like me, who read other people's pull requests to see what they did, let this be a message to you:

Please run "mage runprecommit" first before a push LOL. It will save you time.

What he said!

@l50 l50 enabled auto-merge (squash) September 6, 2023 22:12
l50
l50 approved these changes Sep 6, 2023
View reviewed changes
Copy link
Contributor

@l50 l50 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you so much for creating this TTP, we're very excited to add it to the ForgeArmory!

@l50 l50 merged commit 4b31b3a into facebookincubator:main Sep 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@l50 l50 l50 approved these changes

@CrimsonK1ng CrimsonK1ng Awaiting requested review from CrimsonK1ng CrimsonK1ng is a code owner

@d3sch41n d3sch41n Awaiting requested review from d3sch41n d3sch41n is a code owner

Assignees
No one assigned
Labels
area/pre-commit Changes made to pre-commit hooks cla signed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@sw8y @d3sch41n @l50 @facebook-github-bot @TTPForge-bot