infosecn1nja
/
DeTTECT
mirror of https://github.com/infosecn1nja/DeTTECT.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'development' of https://github.com/marcusbakker/DeTTECT-private into development

master
Ruben Bouman 2020-01-06 12:06:44 +01:00
parent 6c5729dd01 c93bb12216
commit 134f2064d0
2 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Dockerfile
View File

@ -5,7 +5,9 @@ LABEL version="1.2.6"
# update repository and install Linux packages # update repository and install Linux packages
RUN apk update && \ RUN apk update && \
apk upgrade && \ apk upgrade && \
apk add --no-cache bash libc-dev build-base apk add --no-cache bash libc-dev build-base && \
pip3 install --upgrade --no-cache-dir cython && \
pip3 install --no-cache-dir numpy==1.17.4
# clone the newest version of DeTT&CT and install requirements # clone the newest version of DeTT&CT and install requirements
COPY . /opt/DeTTECT COPY . /opt/DeTTECT

7
data_source_mapping.py
View File

@ -119,6 +119,7 @@ def export_data_source_list_to_excel(filename, eql_search=False):
ds_miss_text = 'ATT&CK data source is missing from the YAML file or was excluded by an EQL search' ds_miss_text = 'ATT&CK data source is missing from the YAML file or was excluded by an EQL search'
else: else:
ds_miss_text = 'ATT&CK data source is missing from the YAML file' ds_miss_text = 'ATT&CK data source is missing from the YAML file'
# pylint: disable=consider-iterating-dictionary
my_ds_list = [ds.lower() for ds in my_data_sources.keys()] my_ds_list = [ds.lower() for ds in my_data_sources.keys()]
for ds in get_all_mitre_data_sources(): for ds in get_all_mitre_data_sources():
if ds.lower() not in my_ds_list: if ds.lower() not in my_ds_list:
@ -199,7 +200,9 @@ def _load_data_sources(file, filter_empty_scores=True):
platform = get_platform_from_yaml(yaml_content) platform = get_platform_from_yaml(yaml_content)
exceptions = [t['technique_id'] for t in yaml_content['exceptions'] if t['technique_id'] is not None] exceptions = []
if 'exceptions' in yaml_content:
exceptions = [t['technique_id'] for t in yaml_content['exceptions'] if t['technique_id'] is not None]
return my_data_sources, name, platform, exceptions return my_data_sources, name, platform, exceptions
@ -527,9 +530,7 @@ def generate_technique_administration_file(filename, write_file=True, all_techni
tech = deepcopy(YAML_OBJ_TECHNIQUE) tech = deepcopy(YAML_OBJ_TECHNIQUE)
tech['technique_id'] = tech_id tech['technique_id'] = tech_id
tech['technique_name'] = t['name'] tech['technique_name'] = t['name']
# noinspection PyUnresolvedReferences
tech['visibility']['score_logbook'][0]['score'] = score tech['visibility']['score_logbook'][0]['score'] = score
# noinspection PyUnresolvedReferences
tech['visibility']['score_logbook'][0]['date'] = today tech['visibility']['score_logbook'][0]['date'] = today
yaml_file['techniques'].append(tech) yaml_file['techniques'].append(tech)