Mike Salvatore
Mike Salvatore
These are the results from when we switch from on-prem to C2 instances on GCP. **Linux agent** On-Prem: 04min 34sec (274 seconds) GCP C2: 02min 13sec (133 seconds) **Windows Agent**...
I think that impacket is the thing that defender most often flags. We can use other projects, like [smbprotocol](https://pypi.org/project/smbprotocol/) in order to avoid tripping defender.
https://vanmieghem.io/blueprint-for-evading-edr-in-2022/
Fixed in Linux.
#1675, #1676, and the effort to refactor the agent may resolve a lot of this pain. I'd suggest we wait until after those efforts to complete before attempting to resolve...
This might be fixed if we resolve https://github.com/guardicore/monkey/issues/1852
The original intent was for the `ControlChannel` to be a [strangler](https://martinfowler.com/bliki/StranglerFigApplication.html) and replace `control.py`.
@DanielxBlack Sure! You can download [InfectionMonkey-v1.13.0.AppImage](https://github.com/guardicore/monkey/releases/download/v1.13.0/InfectionMonkey-v1.13.0.AppImage) and test it out and let us know if you run into any trouble. Be sure to attempt to reproduce any errors you find...
> I don't know if this is the best place to ask, or if it's something I should verify via documentation, but: Here is fine, but you'll get faster answers...
After some internal discussions, we concluded that the above proposal mitigates the most significant risk, which is an unauthorized user within the network or the public internet accessing the Island....