Windows Host
ExtensionWindows Host
A Steadybit extension to discover Windows hosts and attack them.ExtensionWindows Host
ExtensionWindows Host
A Steadybit extension to discover Windows hosts and attack them.Extension
Go back to listYouTube content is not loaded by default for privacy reasons.
Introduction
With this extension you are able to discover and attack your Windows hosts in different ways, like modifying network traffic or shutting down processes.
The extension's networking attacks are based on the network driver provided alongside the extension. The driver is not persistent and is only active during the duration of the attack. The driver passed all of the HLK tests, assuring safety.
Beta Release
Microsoft is in the process of signing the driver; until then, test signing must be enabled on the machine. Check the installation guide for more information.
Windows host losing network connection is detected by Datadog
When a host suddenly loses connection to the network and your system, Datadog should alert about this. Eventually, everything should recover once the network is back again.
Motivation
When you're working in a less volatile system environment, a loss of network can be crucial as there is likely no backup host that will enable faster recovery. Thus, you should check your observability tools to catch this.
Structure
Before blocking a host from the network, we verify that the Datadog monitor is in an ok state Afterward, we block all traffic to and from a host and expect Datadog to alert about the isolated host. Eventually, when the host is online again, we expect Datadog to turn into an OK state again. While experimenting, we create a downtime for the Monitor so that it will not escalate due to the ongoing alert.
Windows host reboot is alerted by Datadog
When a windows host is suddenly missing from your system, Datadog should alert you to this. Eventually, everything should recover when only rebooting the host.
Motivation
When you're working in a less volatile system environment, where you expect hosts always to run, you should validate whether you notice whenever a host is rebooting.
Structure
Before restarting a host, we verify that the Datadog monitor is in an ok state Afterward, we trigger the shutdown of a host and expect Datadog to alert about the missing host. Eventually, the host should come back and Datadog turn into an OK state again. While experimenting, we create a downtime for the Monitor so that it will not escalate due to the ongoing alert.
