Skip to content

[docs] SentinelOne executor #232

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
damgouj wants to merge 4 commits into
base: main
Choose a base branch
from
Open

[docs] SentinelOne executor #232

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
71fb40c
[docs] SentinelOne executor
damgouj Nov 26, 2025
3cef259
[docs] SentinelOne executor
damgouj Dec 2, 2025
afdc597
[docs] Tanium doc
damgouj Dec 2, 2025
38431b3
[docs] addition
damgouj Dec 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions docs/administration/enterprise.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,11 @@ according to the [OpenAEV architecture](../deployment/platform/overview.md#archi
The Tanium Agent can be leveraged to execute implants as detached processes that will then execute payloads
according to the [OpenAEV architecture](../deployment/platform/overview.md#architecture)

### SentinelOne Agent

The SentinelOne Agent can be leveraged to execute implants as detached processes that will then execute payloads
according to the [OpenAEV architecture](../deployment/platform/overview.md#architecture)

## Remediations in CVES

More detail: [CVES](taxonomies.md) and [Findings view](../usage/findings.md)
Expand Down
3 changes: 3 additions & 0 deletions docs/deployment/assets/openaev_subprocessor_unix.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
#!/bin/sh

echo $1 | base64 -d | sh
2 changes: 2 additions & 0 deletions docs/deployment/assets/openaev_subprocessor_windows.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
$command = $args[0];
cmd.exe /d /c powershell.exe -ExecutionPolicy Bypass -WindowStyle Hidden -NonInteractive -NoProfile -encodedCommand $command
Binary file added docs/deployment/assets/sentinelone-agents.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/deployment/assets/sentinelone-endpoints.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/deployment/assets/sentinelone-scripts.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/deployment/assets/sentinelone-unix-script1.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/deployment/assets/sentinelone-unix-script2.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/deployment/assets/sentinelone-windows-script1.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/deployment/assets/sentinelone-windows-script2.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
20 changes: 10 additions & 10 deletions docs/deployment/configuration.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,16 +43,16 @@ Here are the configuration keys, for both containers (environment variables) and

#### Network and security

| Parameter | Environment variable | Default value | Description |
|:--------------------------------|:--------------------------------|:------------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| server.ssl.enabled | SERVER_SSL_ENABLED | `false` | Turn on to enable SSL on the local server |
| server.ssl.key-store-type | SERVER_SSL_KEY-STORE-TYPE | PKCS12 | Type of SSL keystore |
| server.ssl.key-store | SERVER_SSL_KEY-STORE | classpath:localhost.p12 | SSL keystore path |
| server.ssl.key-store-password | SERVER_SSL_KEY-STORE-PASSWORD | admin | SSL keystore password |
| server.ssl.key-alias | SERVER_SSL_KEY-ALIAS | localhost | SSL key alias |
| openaev.unsecured-certificate | OPENAEV_UNSECURED-CERTIFICATE | `false` | Turn on to authorize self-signed or unsecure ssl certificate |
| openaev.with-proxy | OPENAEV_WITH-PROXY | `false` | Turn on to authorize environment with proxy |
| openaev.extra-trusted-certs-dir | OPENAEV_EXTRA-TRUSTED-CERTS-DIR | | If you want to set extra trusted self-signed TLS certificates to communicate with external applications (Crowdstrike, Tanium,...),<br/>fill this attribute with you local folder containing your public .PEM certs. If you install OpenAEV with Docker,<br/>uncomment the volume and set the attribute in the [docker compose file](https://github.com/OpenAEV-Platform/docker/blob/master/docker-compose.yml) |
| Parameter | Environment variable | Default value | Description |
|:--------------------------------|:--------------------------------|:------------------------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| server.ssl.enabled | SERVER_SSL_ENABLED | `false` | Turn on to enable SSL on the local server |
| server.ssl.key-store-type | SERVER_SSL_KEY-STORE-TYPE | PKCS12 | Type of SSL keystore |
| server.ssl.key-store | SERVER_SSL_KEY-STORE | classpath:localhost.p12 | SSL keystore path |
| server.ssl.key-store-password | SERVER_SSL_KEY-STORE-PASSWORD | admin | SSL keystore password |
| server.ssl.key-alias | SERVER_SSL_KEY-ALIAS | localhost | SSL key alias |
| openaev.unsecured-certificate | OPENAEV_UNSECURED-CERTIFICATE | `false` | Turn on to authorize self-signed or unsecure ssl certificate |
| openaev.with-proxy | OPENAEV_WITH-PROXY | `false` | Turn on to authorize environment with proxy |
| openaev.extra-trusted-certs-dir | OPENAEV_EXTRA-TRUSTED-CERTS-DIR | | If you want to set extra trusted self-signed TLS certificates to communicate with external applications (Crowdstrike, Tanium, SentinelOne,...),<br/>fill this attribute with you local folder containing your public .PEM certs. If you install OpenAEV with Docker,<br/>uncomment the volume and set the attribute in the [docker compose file](https://github.com/OpenAEV-Platform/docker/blob/master/docker-compose.yml) |

⚠️ **Important**: If you are using the parameter `openaev.extra-trusted-certs-dir`, the file format needed for the
certificates in the folder are public PEM-armoured (*.pem), DER-encoded X509 certs.
Expand Down
Loading