Fortinet black logo

Administration Guide

Home FortiTester 7.2.0 Administration Guide
7.2.0
7.4.1
7.4.0
7.3.2
7.3.0
7.2.3
7.2.2
7.2.1
7.2.0
7.1.0
7.0.0

Installing FortiAgent for ATT&CK v10+

Installing FortiAgent for ATT&CK v10+

FortiAgent is FortiTester's default agent for MITRE ATT&CKv10+. The agent will periodically beacon to FortiTester to receive instructions, execute instructions on the target host, then send results back to FortiTester. The agent also supports payload downloads and file uploads.

Installing for Windows Platform

MITRE ATT&CK v10 requires administrator permission of the Windows system in order to install FortiAgent.

To install FortiAgent on target hosts:

  1. Install Visual C++ Redistributable for Visual Studio 2015.

    Visual C++ Redistributable may fail to install if Windows is not fully updated. If you encounter problems, try fully updating Windows.

  2. Download the latest release of FortiAgent from FortiTester.

    1. Go to ATT&CKv10+ > ATT&CK Cases > Maintenance > Resources.

    2. In the Available Clients table, click the Download icon to download FortiAgent and conf.yml for windows platform.

  3. Place fortiagent-windows.exe in the desired installation location. The recommended location is c:\Program Files\FortiAgent\ fortiagent-windows.exe and put conf.yml at "C:\Users\Public".

  4. In an Administrator command prompt, run the following command to install (Installing fortiagent via local admin is recommend.) FortiAgent:

    fortiagent-windows.exe --startup auto --username xxxxx --password xxxxx install

  5. Run the following command to start FortiAgent:

    fortiagent-windows.exe start

Installing for Linux Platform

  1. Download the latest release of FortiAgent from FortiTester.

    1. Go to ATT&CKv10+ > ATT&CK Cases > Maintenance > Resources.

    2. In the Available Clients table, click the Download icon to download FortiAgent and conf.yml for linux platform.

  2. Extract files from fortiagent-linux.tar, run the following command to install PIP requirements.

    pip3 install -r requirements.txt

  3. Put conf.yml into “fortiagent” directory.

  4. Run the following command to start FortiAgent:

    python3 activate.py

Installing for Mac Platform

  1. Download the latest release of FortiAgent from FortiTester.

    1. Go to ATT&CKv10+ > ATT&CK Cases > Maintenance > Resources.

    2. In the Available Clients table, click the Download icon to download FortiAgent and conf.yml for Mac platform.

  2. Extract files from fortiagent-mac.tar, double click the FortiAgentInstaller.pkg to install. (Do not change the default install location)

  3. Put conf.yml into "/Users/Shared/FortiAgent/" directory.

  4. Go to "/Users/Shared/FortiAgent/" directory, run the following command to install PIP requirements.

    pip3 install -r requirements.txt

  5. Run the following command to start FortiAgent:

    python3 activate.py

After FortiAgents is successfully started on the target hosts, it is listed on the Agent Monitor page on FortiTester (ATT&CKv10+ > ATT&CK Cases > Monitor).

Previous
Next

Installing FortiAgent for ATT&CK v10+

FortiAgent is FortiTester's default agent for MITRE ATT&CKv10+. The agent will periodically beacon to FortiTester to receive instructions, execute instructions on the target host, then send results back to FortiTester. The agent also supports payload downloads and file uploads.

Installing for Windows Platform

MITRE ATT&CK v10 requires administrator permission of the Windows system in order to install FortiAgent.

To install FortiAgent on target hosts:

  1. Install Visual C++ Redistributable for Visual Studio 2015.

    Visual C++ Redistributable may fail to install if Windows is not fully updated. If you encounter problems, try fully updating Windows.

  2. Download the latest release of FortiAgent from FortiTester.

    1. Go to ATT&CKv10+ > ATT&CK Cases > Maintenance > Resources.

    2. In the Available Clients table, click the Download icon to download FortiAgent and conf.yml for windows platform.

  3. Place fortiagent-windows.exe in the desired installation location. The recommended location is c:\Program Files\FortiAgent\ fortiagent-windows.exe and put conf.yml at "C:\Users\Public".

  4. In an Administrator command prompt, run the following command to install (Installing fortiagent via local admin is recommend.) FortiAgent:

    fortiagent-windows.exe --startup auto --username xxxxx --password xxxxx install

  5. Run the following command to start FortiAgent:

    fortiagent-windows.exe start

Installing for Linux Platform

  1. Download the latest release of FortiAgent from FortiTester.

    1. Go to ATT&CKv10+ > ATT&CK Cases > Maintenance > Resources.

    2. In the Available Clients table, click the Download icon to download FortiAgent and conf.yml for linux platform.

  2. Extract files from fortiagent-linux.tar, run the following command to install PIP requirements.

    pip3 install -r requirements.txt

  3. Put conf.yml into “fortiagent” directory.

  4. Run the following command to start FortiAgent:

    python3 activate.py

Installing for Mac Platform

  1. Download the latest release of FortiAgent from FortiTester.

    1. Go to ATT&CKv10+ > ATT&CK Cases > Maintenance > Resources.

    2. In the Available Clients table, click the Download icon to download FortiAgent and conf.yml for Mac platform.

  2. Extract files from fortiagent-mac.tar, double click the FortiAgentInstaller.pkg to install. (Do not change the default install location)

  3. Put conf.yml into "/Users/Shared/FortiAgent/" directory.

  4. Go to "/Users/Shared/FortiAgent/" directory, run the following command to install PIP requirements.

    pip3 install -r requirements.txt

  5. Run the following command to start FortiAgent:

    python3 activate.py

After FortiAgents is successfully started on the target hosts, it is listed on the Agent Monitor page on FortiTester (ATT&CKv10+ > ATT&CK Cases > Monitor).

Previous
Next