Added a group YAML file and layer for ASCS's report.

master
Marcus Bakker 2020-06-02 10:13:35 +02:00
parent 8f304b3740
commit be23ab09c6
2 changed files with 70 additions and 0 deletions

View File

@ -0,0 +1,14 @@
%YAML 1.2
---
# Source: https://www.cyber.gov.au/threats/summary-of-tradecraft-trends-for-2019-20-tactics-techniques-and-procedures-used-to-target-australian-networks
version: 1.0
file_type: group-administration
platform:
- all
groups:
-
group_name: 'Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks'
campaign:
technique_id: [T1002, T1003, T1005, T1007, T1016, T1018, T1021, T1022, T1033, T1039, T1041, T1045, T1046, T1048, T1049, T1056, T1059, T1060, T1064, T1068, T1070, T1071, T1074, T1077, T1078, T1080, T1081, T1082, T1083, T1086, T1087, T1099, T1100, T1106, T1107, T1108, T1110, T1114, T1134, T1135, T1158, T1189, T1190, T1193, T1204, T1213, T1482, T1486, T1504]
software_id: []
enabled: True

View File

@ -0,0 +1,56 @@
{"name": "Attack - all", "version": "2.2", "domain": "mitre-enterprise", "description": "stage: attack | platform(s): all | group(s): Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks | overlay group(s): ", "filters": {"stages": ["act"], "platforms": ["Windows", "Linux", "macOS", "AWS", "GCP", "Azure", "Azure AD", "Office 365", "SaaS"]},
"sorting": 3, "viewMode": 0, "hideDisable": false, "techniques": [{"techniqueID": "T1007", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1060", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1482", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1134", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1158", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1003", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1099", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1189", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1504", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1033", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1046", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1049", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1071", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1080", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1114", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1064", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1002", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1059", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1077", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1078", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1021", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1082", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1087", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1018", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1100", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1056", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1070", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1074", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1068", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1045", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1108", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1022", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1135", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1213", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1083", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1193", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1486", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1048", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1016", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1204", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1041", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1107", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1005", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1081", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1039", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1110", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1086", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1190", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]},
{"techniqueID": "T1106", "score": 1, "metadata": [{"name": "-Groups", "value": "Summary of Tradecraft Trends for 2019-2020: TTPs Used to Target Australian Networks"}]}], "showTacticRowBackground": false, "tacticRowBackground": "#dddddd", "selectTechniquesAcrossTactics": true, "gradient": {"colors": ["#ffcece", "#ff0000"], "minValue": 0, "maxValue": 1},
"legendItems": [{"label": "Tech. not often used", "color": "#ffcece"},
{"label": "Tech. used frequently", "color": "#ff0000"},
{"label": "Groups overlay: tech. in group + overlay", "color": "#f9a825"},
{"label": "Groups overlay: tech. in overlay", "color": "#ffee58"},
{"label": "Src. of tech. is only software", "color": "#0d47a1 "},
{"label": "Src. of tech. is group(s)/overlay + software", "color": "#64b5f6 "}]}