Merge branch 'development' of https://github.com/marcusbakker/DeTTECT-private into development

2020-07-10 11:34:00 +02:00 · 2020-07-10 11:34:00 +02:00 · 0a1de10d25
parent 753a84a722 8b65550af2
commit 0a1de10d25
11 changed files with 7205 additions and 3100 deletions
--- a/data_source_mapping.py
+++ b/data_source_mapping.py
@ -496,7 +496,7 @@ def update_technique_administration_file(file_data_sources, file_tech_admin):
                            print(' - Visibility comment: ' + _indent_comment(get_latest_comment(old_vis_obj[obj_idx]), 23))
                            print(' - Auto generated:     ' + str(get_latest_score_obj(old_vis_obj[obj_idx]).get('auto_generated', 'False')))
                            print('NEW score object:')
-                            print(' - Date:               ' + new_score_obj['date'])
+                            print(' - Date:               ' + str(new_score_obj['date']))
                            print(' - Score:              ' + str(new_score_obj['score']))
                            print(' - Visibility comment: ' + _indent_comment(new_score_obj['comment'], 23))
                            print(' - Auto generated:     True')
--- a/editor/dist/dettect-editor/index.html
+++ b/editor/dist/dettect-editor/index.html
@ -1 +1 @@
-<!DOCTYPE html><html lang=en><head><meta charset=utf-8><link rel=apple-touch-icon sizes=76x76 href=/dettect-editor/apple-icon.png><!--[if IE]><link rel="icon" type="image/png" sizes="96x96" href="/dettect-editor/favicon.png" /><![endif]--><meta http-equiv=X-UA-Compatible content="IE=edge,chrome=1"><title>DeTT&CT Editor</title><meta name=viewport content="width=device-width,initial-scale=1,maximum-scale=1.5"><link href="https://fonts.googleapis.com/css?family=Poppins:200,300,400,600,700,800" rel=stylesheet><link href=https://use.fontawesome.com/releases/v5.0.6/css/all.css rel=stylesheet><link href=https://cdnjs.cloudflare.com/ajax/libs/bootstrap-rtl/3.4.0/css/bootstrap-rtl.css rel=stylesheet><link href=/dettect-editor/custom.css rel=stylesheet><link href=/dettect-editor/css/app.1edb8aa1.css rel=preload as=style><link href=/dettect-editor/css/chunk-vendors.132c3c8c.css rel=preload as=style><link href=/dettect-editor/js/app.b59a624d.js rel=preload as=script><link href=/dettect-editor/js/chunk-vendors.aa42b3b0.js rel=preload as=script><link href=/dettect-editor/css/chunk-vendors.132c3c8c.css rel=stylesheet><link href=/dettect-editor/css/app.1edb8aa1.css rel=stylesheet><link rel=icon type=image/png sizes=32x32 href=/dettect-editor/img/icons/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/dettect-editor/img/icons/favicon-16x16.png><link rel=manifest href=/dettect-editor/manifest.json><meta name=theme-color content=#344675><meta name=apple-mobile-web-app-capable content=yes><meta name=apple-mobile-web-app-status-bar-style content=#344675><meta name=apple-mobile-web-app-title content="DeTT&CT Editor"><link rel=apple-touch-icon href=/dettect-editor/img/icons/apple-touch-icon-152x152.png><link rel=mask-icon href=/dettect-editor/img/icons/safari-pinned-tab.svg color=#344675><meta name=msapplication-TileImage content=/dettect-editor/img/icons/msapplication-icon-144x144.png><meta name=msapplication-TileColor content=#344675></head><body><div class=wrapper id=app></div><script src=/dettect-editor/js/chunk-vendors.aa42b3b0.js></script><script src=/dettect-editor/js/app.b59a624d.js></script></body></html>
+<!DOCTYPE html><html lang=en><head><meta charset=utf-8><link rel=apple-touch-icon sizes=76x76 href=/dettect-editor/apple-icon.png><!--[if IE]><link rel="icon" type="image/png" sizes="96x96" href="/dettect-editor/favicon.png" /><![endif]--><meta http-equiv=X-UA-Compatible content="IE=edge,chrome=1"><title>DeTT&CT Editor</title><meta name=viewport content="width=device-width,initial-scale=1,maximum-scale=1.5"><link href="https://fonts.googleapis.com/css?family=Poppins:200,300,400,600,700,800" rel=stylesheet><link href=https://use.fontawesome.com/releases/v5.0.6/css/all.css rel=stylesheet><link href=https://cdnjs.cloudflare.com/ajax/libs/bootstrap-rtl/3.4.0/css/bootstrap-rtl.css rel=stylesheet><link href=/dettect-editor/custom.css rel=stylesheet><link href=/dettect-editor/css/app.1edb8aa1.css rel=preload as=style><link href=/dettect-editor/css/chunk-vendors.132c3c8c.css rel=preload as=style><link href=/dettect-editor/js/app.60038141.js rel=preload as=script><link href=/dettect-editor/js/chunk-vendors.aa42b3b0.js rel=preload as=script><link href=/dettect-editor/css/chunk-vendors.132c3c8c.css rel=stylesheet><link href=/dettect-editor/css/app.1edb8aa1.css rel=stylesheet><link rel=icon type=image/png sizes=32x32 href=/dettect-editor/img/icons/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/dettect-editor/img/icons/favicon-16x16.png><link rel=manifest href=/dettect-editor/manifest.json><meta name=theme-color content=#344675><meta name=apple-mobile-web-app-capable content=yes><meta name=apple-mobile-web-app-status-bar-style content=#344675><meta name=apple-mobile-web-app-title content="DeTT&CT Editor"><link rel=apple-touch-icon href=/dettect-editor/img/icons/apple-touch-icon-152x152.png><link rel=mask-icon href=/dettect-editor/img/icons/safari-pinned-tab.svg color=#344675><meta name=msapplication-TileImage content=/dettect-editor/img/icons/msapplication-icon-144x144.png><meta name=msapplication-TileColor content=#344675></head><body><div class=wrapper id=app></div><script src=/dettect-editor/js/chunk-vendors.aa42b3b0.js></script><script src=/dettect-editor/js/app.60038141.js></script></body></html>
--- a/editor/dist/dettect-editor/js/app.60038141.js
+++ b/editor/dist/dettect-editor/js/app.60038141.js
--- a/editor/dist/dettect-editor/js/app.60038141.js.map
+++ b/editor/dist/dettect-editor/js/app.60038141.js.map
--- a/editor/dist/dettect-editor/precache-manifest.43addbd590f0f38288e3109b0198b316.js
+++ b/editor/dist/dettect-editor/precache-manifest.43addbd590f0f38288e3109b0198b316.js
@ -1,6 +1,6 @@
 self.__precacheManifest = (self.__precacheManifest || []).concat([
  {
-    "revision": "1ba167e3c77a713075e7",
+    "revision": "45a936c16107ed98e4c0",
    "url": "/dettect-editor/css/app.1edb8aa1.css"
  },
  {
@ -48,12 +48,12 @@ self.__precacheManifest = (self.__precacheManifest || []).concat([
    "url": "/dettect-editor/img/maximize-2.svg"
  },
  {
-    "revision": "c18b3662d96611b146c43a95358caa10",
+    "revision": "8eeee23b8ca58f751e47a5cdd46f1859",
    "url": "/dettect-editor/index.html"
  },
  {
-    "revision": "1ba167e3c77a713075e7",
-    "url": "/dettect-editor/js/app.b59a624d.js"
+    "revision": "45a936c16107ed98e4c0",
+    "url": "/dettect-editor/js/app.60038141.js"
  },
  {
    "revision": "719965ee0c633ef202b2",
--- a/editor/dist/dettect-editor/service-worker.js
+++ b/editor/dist/dettect-editor/service-worker.js
@ -14,7 +14,7 @@
 importScripts("https://storage.googleapis.com/workbox-cdn/releases/4.3.1/workbox-sw.js");

 importScripts(
-  "/dettect-editor/precache-manifest.e91fa558d551735c95b79c9166c24202.js"
+  "/dettect-editor/precache-manifest.43addbd590f0f38288e3109b0198b316.js"
 );

 workbox.core.setCacheNameDetails({prefix: "vue-black-dashboard"});
--- a/editor/src/data/refresh_attack_data.py
+++ b/editor/src/data/refresh_attack_data.py
@ -16,8 +16,21 @@ class ATTACKData():
        self.mitre = attack_client()
        self.attack_cti_techniques = self.mitre.get_enterprise_techniques()
        self.attack_cti_techniques = self.mitre.remove_revoked(self.attack_cti_techniques)
+        self.attack_cti_techniques = self.remove_deprecated(self.attack_cti_techniques)
        self.attack_cti_software = self.mitre.get_software()
-        self.attack_cti_software = self.mitre.remove_revoked(self.attack_cti_software)
+        self.attack_cti_software = self.remove_deprecated(self.attack_cti_software)
+
+    def remove_deprecated(self, stix_objects):
+        """
+        Remove deprecated STIX objects
+        :param stix_objects: list of STIX objects
+        :return: a list of STIX objects
+        """
+        handle_deprecated = list()
+        for obj in stix_objects:
+            if not('x_mitre_deprecated' in obj.keys() and obj['x_mitre_deprecated'] == True):
+                handle_deprecated.append(obj)
+        return handle_deprecated

    def dump_data(self, data, filename):
        """
--- a/editor/src/data/software.json
+++ b/editor/src/data/software.json
--- a/editor/src/data/techniques.json
+++ b/editor/src/data/techniques.json
--- a/generic.py
+++ b/generic.py
@ -27,6 +27,19 @@ def _save_attack_data(data, path):
        pickle.dump([data, dt.now()], f)


+def remove_deprecated(stix_objects):
+    """
+    Remove deprecated STIX objects
+    :param stix_objects: list of STIX objects
+    :return: a list of STIX objects
+    """
+    handle_deprecated = list()
+    for obj in stix_objects:
+        if not('x_mitre_deprecated' in obj.keys() and obj['x_mitre_deprecated'] == True):
+            handle_deprecated.append(obj)
+    return handle_deprecated
+
+
 def load_attack_data(data_type):
    """
    By default the ATT&CK data is loaded from the online TAXII server or from the local cache directory. The
@ -60,9 +73,11 @@ def load_attack_data(data_type):
    if data_type == DATA_TYPE_STIX_ALL_RELATIONSHIPS:
        attack_data = mitre.get_relationships()
        attack_data = mitre.remove_revoked(attack_data)
+        attack_data = remove_deprecated(attack_data)
    elif data_type == DATA_TYPE_STIX_ALL_TECH_ENTERPRISE:
        attack_data = mitre.get_enterprise_techniques()
        attack_data = mitre.remove_revoked(attack_data)
+        attack_data = remove_deprecated(attack_data)
    elif data_type == DATA_TYPE_CUSTOM_TECH_BY_GROUP:
        # First we need to know which technique references (STIX Object type 'attack-pattern') we have for all
        # groups. This results in a dict: {group_id: Gxxxx, technique_ref/attack-pattern_ref: ...}
@ -104,12 +119,15 @@ def load_attack_data(data_type):
    elif data_type == DATA_TYPE_STIX_ALL_TECH:
        attack_data = mitre.get_techniques()
        attack_data = mitre.remove_revoked(attack_data)
+        attack_data = remove_deprecated(attack_data)
    elif data_type == DATA_TYPE_STIX_ALL_GROUPS:
        attack_data = mitre.get_groups()
        attack_data = mitre.remove_revoked(attack_data)
+        attack_data = remove_deprecated(attack_data)
    elif data_type == DATA_TYPE_STIX_ALL_SOFTWARE:
        attack_data = mitre.get_software()
        attack_data = mitre.remove_revoked(attack_data)
+        attack_data = remove_deprecated(attack_data)
    elif data_type == DATA_TYPE_CUSTOM_TECH_BY_SOFTWARE:
        # First we need to know which technique references (STIX Object type 'attack-pattern') we have for all software
        # This results in a dict: {software_id: Sxxxx, technique_ref/attack-pattern_ref: ...}
@ -176,10 +194,12 @@ def load_attack_data(data_type):
    elif data_type == DATA_TYPE_STIX_ALL_ENTERPRISE_MITIGATIONS:
        attack_data = mitre.get_enterprise_mitigations()
        attack_data = mitre.remove_revoked(attack_data)
+        attack_data = remove_deprecated(attack_data)

    elif data_type == DATA_TYPE_STIX_ALL_MOBILE_MITIGATIONS:
        attack_data = mitre.get_mobile_mitigations()
        attack_data = mitre.remove_revoked(attack_data)
+        attack_data = remove_deprecated(attack_data)

    # Only use cache when using online TAXII server:
    if local_stix_path is None:
--- a/sample-data/techniques-administration-endpoints.yaml
+++ b/sample-data/techniques-administration-endpoints.yaml