rosetta-ce 1.7.1__tar.gz → 1.7.2__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of rosetta-ce might be problematic. Click here for more details.
- {rosetta_ce-1.7.1/rosetta_ce.egg-info → rosetta_ce-1.7.2}/PKG-INFO +1 -1
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/rosetta/constants/systems.py +2 -2
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/rosetta/rfaker.py +3 -3
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2/rosetta_ce.egg-info}/PKG-INFO +1 -1
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/setup.py +1 -1
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/LICENSE +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/README.md +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/rosetta/__init__.py +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/rosetta/constants/__init__.py +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/rosetta/constants/attributes.py +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/rosetta/constants/db.py +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/rosetta/constants/sensors.py +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/rosetta/constants/sources.py +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/rosetta/rconverter.py +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/rosetta/rsender.py +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/rosetta_ce.egg-info/SOURCES.txt +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/rosetta_ce.egg-info/dependency_links.txt +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/rosetta_ce.egg-info/requires.txt +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/rosetta_ce.egg-info/top_level.txt +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/setup.cfg +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/tests/test_rconverter.py +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/tests/test_rfaker.py +0 -0
- {rosetta_ce-1.7.1 → rosetta_ce-1.7.2}/tests/test_rsender.py +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: rosetta-ce
|
|
3
|
-
Version: 1.7.
|
|
3
|
+
Version: 1.7.2
|
|
4
4
|
Summary: Rosetta is a Python package that can be used to fake security logs and alerts for testing different detection and response use cases.
|
|
5
5
|
Home-page: https://github.com/ayman-m/rosetta
|
|
6
6
|
Author: Ayman Mahmoud
|
|
@@ -104,7 +104,7 @@ WIN_EVENTS = [
|
|
|
104
104
|
'<Data Name="SubjectDomainName">{src_domain}</Data><Data Name="SubjectLogonId">'
|
|
105
105
|
'{user}</Data>'
|
|
106
106
|
'<Data Name="NewProcessId">{new_process_id}</Data><Data Name="ProcessId">{process_id}</Data>'
|
|
107
|
-
'<Data Name="CommandLine">{
|
|
107
|
+
'<Data Name="CommandLine">{win_cmd}</Data><Data Name="TargetUserSid">{user}</Data>'
|
|
108
108
|
'<Data Name="TargetUserName">{user}</Data><Data Name="TargetDomainName">'
|
|
109
109
|
'{src_domain}</Data>'
|
|
110
110
|
'<Data Name="TargetLogonId">{user}</Data><Data Name="LogonType">3</Data></EventData></Event>',
|
|
@@ -142,5 +142,5 @@ WIN_EVENTS = [
|
|
|
142
142
|
'<Data Name="NewProcessId">{new_process_id}</Data>'
|
|
143
143
|
'<Data Name="CreatorProcessId">{process_id}</Data>'
|
|
144
144
|
'<Data Name="TokenElevationType">TokenElevationTypeLimited (3)</Data>'
|
|
145
|
-
'<Data Name="ProcessCommandLine">{
|
|
145
|
+
'<Data Name="ProcessCommandLine">{win_cmd}</Data>'
|
|
146
146
|
]
|
|
@@ -641,13 +641,13 @@ class Events:
|
|
|
641
641
|
"thread_id",
|
|
642
642
|
"target_pid",
|
|
643
643
|
"subject_login_id",
|
|
644
|
-
"
|
|
644
|
+
"win_user_id",
|
|
645
645
|
"destination_login_id",
|
|
646
646
|
"privilege_list",
|
|
647
647
|
"win_process",
|
|
648
648
|
"src_host",
|
|
649
|
-
"
|
|
650
|
-
"
|
|
649
|
+
"user",
|
|
650
|
+
"win_cmd",
|
|
651
651
|
"source_network_address",
|
|
652
652
|
"local_port",
|
|
653
653
|
"transmitted_services",
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: rosetta-ce
|
|
3
|
-
Version: 1.7.
|
|
3
|
+
Version: 1.7.2
|
|
4
4
|
Summary: Rosetta is a Python package that can be used to fake security logs and alerts for testing different detection and response use cases.
|
|
5
5
|
Home-page: https://github.com/ayman-m/rosetta
|
|
6
6
|
Author: Ayman Mahmoud
|
|
@@ -5,7 +5,7 @@ with open("README.md", "r") as fh:
|
|
|
5
5
|
|
|
6
6
|
setuptools.setup(
|
|
7
7
|
name="rosetta-ce",
|
|
8
|
-
version="1.7.
|
|
8
|
+
version="1.7.2",
|
|
9
9
|
author="Ayman Mahmoud",
|
|
10
10
|
author_email="content@ayman.online",
|
|
11
11
|
description="Rosetta is a Python package that can be used to fake security logs and alerts for testing different "
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|