At GitLab, our Red Team conducts security exercises that emulate real-world threats. By emulating real-world threats, we help assess and improve the effectiveness of the people, processes, and technologies used to keep our organization secure.
This article outlines the process of using professional development practices to create a continuous testing system for the Mythic framework, a command and control (C2) tool. The system consists of three main parts: pytest tests for the Mythic C2 framework, the source of Mythic-compatible C2 agents, and a GitLab CI/CD pipeline configuration. The pytest tests are designed to be simple and atomic, and the GlMythic class wraps Mythic APIs for ease of use in testing. The project also includes the source of Mythic-compatible C2 agents as git submodules, which allows for updating to new agent versions when they are released. The GitLab CI/CD pipeline configuration is set up to run the tests on merge requests and tagged commits, and includes an install stage to install the C2 agent into Mythic and a test stage to run the set of pytest tests.
The article also discusses adapting the test suite for other agents, as Poseidon and Merlin require different parameters for their upload commands. It explains how to add agents for testing, validate that existing tests work with the agent, and how to use the Mythic UI to determine the correct parameters to pass for the upload command. It also highlights the importance of continuous testing, as it can help identify potential bugs before they become an issue during a Red Team exercise.
The article provides an example of how continuous testing can be beneficial. It explains how a bug was identified in Poseidon 2.0.2 that caused file uploads to fail, and how the issue was quickly addressed by one of the Poseidon developers, Cody Thomas. Finally, the article encourages readers to provide feedback on the work, and welcomes any contributions, big or small. It encourages readers to open an issue or propose improvements via a merge request.
Overall, this article provides a comprehensive overview of how to implement continuous testing for the Mythic framework using GitLab, and highlights the importance of continuous testing. It also provides an example of how continuous testing can be beneficial, and encourages readers to provide feedback and contribute to the project.
📓 How GitLab's Red Team automates C2 testing
👉🏽 At GitLab, our Red Team conducts security exercises that emulate real-world threats. By emulating real-world threats, we help assess and improve the effectiveness of the people, processes, and technologies used to keep our organization secure. 👉🏽 Outlines process of using professional development practices to create continuous testing for Mythic framework. 👉🏽 Describes three main parts of the system: pytest tests, Mythic-compatible C2 agents, GitLab CI/CD pipeline. 👉🏽 Details the simplicity and atomic nature of pytest tests and the convenience of GlMythic class. 👉🏽 Discusses the inclusion of Mythic-compatible C2 agents as git submodules for easy updates. 👉🏽 Explains the setup of GitLab CI/CD pipeline configuration for running tests. 👉🏽 Discusses adapting the test suite for other agents and customizing upload commands. 👉🏽 Highlights the importance of continuous testing in identifying potential bugs before Red Team exercises. 👉🏽 Provides an example of a bug in Poseidon 2.0.2 and how it was quickly resolved. 👉🏽 Encourages readers to provide feedback and contribute to the project. 👉🏽 Gives an overview of implementing continuous testing in the Mythic framework using GitLab.
#ContinuousTesting #MythicFramework #GitLab #C2Agents #BugIdentification