infosecn1nja
/
DeTTECT
mirror of https://github.com/infosecn1nja/DeTTECT.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fixed a typo

master
Marcus Bakker 2019-05-20 14:54:16 +02:00
parent 621ac3a367
commit 2f480b0c4e
3 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
dettact.py
View File

@ -57,7 +57,7 @@ def init_menu():
action='store_true')
parser_visibility.add_argument('-e', '--excel', help='generate an Excel sheet with all administrated techniques',
action='store_true')
parser_visibility.add_argument('-o', '--overlay', help='generate a visibility layer overlayed with detections for '
parser_visibility.add_argument('-o', '--overlay', help='generate a visibility layer overlaid with detections for '
'the ATT&CK navigator', action='store_true')
parser_visibility.add_argument('--health', help='check the technique YAML file for errors', action='store_true')
@ -80,7 +80,7 @@ def init_menu():
action='store_true')
parser_detection.add_argument('-e', '--excel', help='generate an Excel sheet with all administrated techniques',
action='store_true')
parser_detection.add_argument('-o', '--overlay', help='generate a detection layer overlayed with visibility for '
parser_detection.add_argument('-o', '--overlay', help='generate a detection layer overlaid with visibility for '
'the ATT&CK navigator', action='store_true')
parser_detection.add_argument('-g', '--graph', help='generate a graph with detections added through time',
action='store_true')

6
interactive_menu.py
View File

@ -264,7 +264,7 @@ def menu_detection(filename_t):
print('')
print('Select what you want to do:')
print('2. Generate a layer for detection coverage for the ATT&CK Navigator.')
print('3. Generate a layer for detection coverage overlayed with visibility for the ATT&CK Navigator.')
print('3. Generate a layer for detection coverage overlaid with visibility for the ATT&CK Navigator.')
print('4. Generate a graph with detections added through time.')
print('5. Generate an Excel sheet with all administrated techniques.')
print('6. Check the technique YAML file for errors.')
@ -323,7 +323,7 @@ def menu_visibility(filename_t, filename_ds):
print('')
print('Select what you want to do:')
print('2. Generate a layer for visibility for the ATT&CK Navigator.')
print('3. Generate a layer for visibility overlayed with detection coverage for the ATT&CK Navigator.')
print('3. Generate a layer for visibility overlaid with detection coverage for the ATT&CK Navigator.')
print('4. Generate an Excel sheet with all administrated techniques.')
print('5. Check the technique YAML file for errors.')
print('9. Back to main menu.')
@ -336,7 +336,7 @@ def menu_visibility(filename_t, filename_ds):
generate_visibility_layer(filename_t, filename_ds, False, filter_applicable_to)
wait()
elif choice == '3':
print('Writing visibility coverage layer overlayed with detections...')
print('Writing visibility coverage layer overlaid with detections...')
generate_visibility_layer(filename_t, filename_ds, True, filter_applicable_to)
wait()
elif choice == '4':

10
technique_mapping.py
View File

@ -6,7 +6,7 @@ import xlsxwriter
def generate_detection_layer(filename_techniques, filename_data_sources, overlay, filter_applicable_to):
"""
Generates layer for detection coverage and optionally an overlayed version with visibility coverage.
Generates layer for detection coverage and optionally an overlaid version with visibility coverage.
:param filename_techniques: the filename of the yaml file containing the techniques administration
:param filename_data_sources: the filename of the yaml file containing the data sources administration
:param overlay: boolean value to specify if an overlay between detection and visibility should be generated
@ -21,14 +21,14 @@ def generate_detection_layer(filename_techniques, filename_data_sources, overlay
else:
my_techniques, name, platform = load_techniques(filename_techniques, 'all', filter_applicable_to)
my_data_sources = _load_data_sources(filename_data_sources)
mapped_techniques_both = _map_and_colorize_techniques_for_overlayed(my_techniques, my_data_sources, filter_applicable_to)
mapped_techniques_both = _map_and_colorize_techniques_for_overlaid(my_techniques, my_data_sources, filter_applicable_to)
layer_both = get_layer_template_layered('Visibility and Detection ' + name + ' ' + filter_applicable_to, 'description', 'attack', platform)
_write_layer(layer_both, mapped_techniques_both, 'visibility_and_detection', filter_applicable_to, name)
def generate_visibility_layer(filename_techniques, filename_data_sources, overlay, filter_applicable_to):
"""
Generates layer for visibility coverage and optionally an overlayed version with detection coverage.
Generates layer for visibility coverage and optionally an overlaid version with detection coverage.
:param filename_techniques: the filename of the yaml file containing the techniques administration
:param filename_data_sources: the filename of the yaml file containing the data sources administration
:param overlay: boolean value to specify if an overlay between detection and visibility should be generated
@ -44,7 +44,7 @@ def generate_visibility_layer(filename_techniques, filename_data_sources, overla
_write_layer(layer_visibility, mapped_techniques_visibility, 'visibility', filter_applicable_to, name)
else:
my_techniques, name, platform = load_techniques(filename_techniques, 'all', filter_applicable_to)
mapped_techniques_both = _map_and_colorize_techniques_for_overlayed(my_techniques, my_data_sources, filter_applicable_to)
mapped_techniques_both = _map_and_colorize_techniques_for_overlaid(my_techniques, my_data_sources, filter_applicable_to)
layer_both = get_layer_template_layered('Visibility and Detection ' + name + ' ' + filter_applicable_to, 'description', 'attack', platform)
_write_layer(layer_both, mapped_techniques_both, 'visibility_and_detection', filter_applicable_to, name)
@ -233,7 +233,7 @@ def _map_and_colorize_techniques_for_visibility(my_techniques, my_data_sources):
return mapped_techniques
def _map_and_colorize_techniques_for_overlayed(my_techniques, my_data_sources, filter_applicable_to):
def _map_and_colorize_techniques_for_overlaid(my_techniques, my_data_sources, filter_applicable_to):
"""
Determine the color of the techniques based on both detection and visibility.
:param my_techniques: the configured techniques