infosecn1nja
/
DeTTECT
mirror of https://github.com/infosecn1nja/DeTTECT.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
432 Commits
1 Branch
17 Tags
12 MiB
Commit Graph

35 Commits (master)

Author SHA1 Message Date
Marcus Bakker de357bf156 bugfix for issue #40 2020-12-21 15:23:21 +01:00
ruben 46f43d9a4a Bugfix for https://github.com/rabobank-cdc/DeTTECT/issues/40 2020-12-17 12:50:56 +01:00
Marcus Bakker 94e8b5e4b5 Removed support for PRE-ATT&CK from the Group mode 2020-10-31 21:01:09 +01:00
Marcus Bakker 752186c5f6 Added support for specifying the ATT&CK platform 2020-10-15 11:03:36 +02:00
Marcus Bakker 121854c0e8 Removed several unnecessary statements 2020-06-19 09:22:54 +02:00
Ruben Bouman 217980bbd3 Introduced new option to set the name of the Navigator layer 2020-06-08 16:56:56 +02:00
Ruben Bouman 1ac6a4ce78 - Added output_filename as option for datasource, visbility, detection and group modes. 
- Fixed bug when having both dates and datetimes in techniques YAML file.
 2020-05-25 11:44:13 +02:00
Marcus Bakker 26af7a4e26 Several small changes in some text. 2019-12-11 10:43:08 +01:00
Marcus Bakker afea99cfee Added new functionality to include all ATT&CK techniques when generating a YAML file based on a data source YAML file. 2019-12-09 15:26:48 +01:00
Marcus Bakker 93dea65bbf Added a health check for when the data source YAML file is missing an ATT&CK data source 2019-12-05 10:43:07 +01:00
Marcus Bakker 734aceebe3 Removed unnecessary code from the function "data_source_search" 2019-11-19 11:28:01 +01:00
Marcus Bakker 7aacb7feb1 A fix for a bug that broke EQL searches on Data Source Administration YAML files 2019-11-19 10:10:15 +01:00
Ruben Bouman b5f970b8c2 Added support for new platforms of ATT&CK October update: AWS, GCP, Azure, Azure AD, Office 365, SaaS. 
Added support for using multiple values in platform attribute in data sources administration and techniques administration files.

Added health check on platform attribute in techniques administration file.

Updated support for ATT&CK Navigator layer version 2.2.
 2019-11-04 14:48:58 +01:00
Ruben Bouman 24c19fcca6 small changes to interactive menu: makes choices like booleans must faster 2019-08-21 15:12:12 +02:00
Marcus Bakker 98067447c6 Implemented a health check for data source administration YAML files. 2019-08-20 11:14:07 +02:00
Ruben Bouman 7ad8fe16c7 added same kind of graph for visibility as for detection 2019-08-15 16:00:06 +02:00
Ruben Bouman e4eca01168 small improvements 2019-08-15 15:34:31 +02:00
Marcus Bakker 5c700690c6 Added the possibility to use EQL queries. 2019-08-13 14:30:43 +02:00
Marcus Bakker cf4a55081c Added new functionality for Mitigations statistics 2019-08-01 15:02:06 +02:00
Marcus Bakker b2fdb25647 - Multiple functions made "private". 
- Added new menu options.
 2019-07-31 10:20:21 +02:00
Marcus Bakker 055724abca Typos 2019-07-13 14:42:29 +02:00
Marcus Bakker 2f480b0c4e fixed a typo 2019-05-20 14:54:16 +02:00
Marcus Bakker f10e4ea9ab - The health function now checks for very similar values within the key-value pair 'applicable_to'. E.g. 'server' and 'servers'. 
- The health function is now always called for technique admin files. Showing a generic error message if possible errors are found.
- Created new function 'check_file' to separate the functionality from 'check_file_type'.
 2019-05-19 14:10:25 +02:00
Marcus Bakker 3de186c96e added the health check to the menu 2019-05-17 14:08:17 +02:00
Ruben Bouman 16ab713db1 Small bugfix when using interactive menu: default overlay type should be 'group'. And when giving empty group, value is set to 'all'. 2019-05-07 15:40:15 +02:00
Ruben Bouman e043a9ed7e Small bugfix for using applicable to in interactive menu for detections. 2019-05-07 15:29:19 +02:00
Marcus Bakker 149362f9d8 Created 3 constants for overlay_type 2019-05-02 20:15:43 +02:00
Ruben Bouman 43d8b130a0 Added support for filtering applicable_to in groups overlayed with detection/visibility. Added docstrings. Fixed bug in arg parsing. 2019-04-24 16:15:04 +02:00
Ruben 6da47fe9fb Support for filtering on applicable_to field for visibility mode and detection graph. 2019-04-23 15:43:28 +02:00
Ruben 0ddc765c60 Merge branch 'development' of https://github.com/rabobank-cdc/DeTTACT into development 2019-04-23 14:00:09 +02:00
Marcus Bakker 55010f8dbb Added functionality to migrate technique administration YAML files with version 1.0 to version 1.1 2019-04-23 13:19:29 +02:00
Ruben e2d35bf5ba Remember the selected path for YAML administration files in the interactive menu. 2019-04-23 13:13:50 +02:00
Ruben 58497e41ce Added applicable_to parameter in command line arguments and interactive menu, to filter on this field while generating a layer file. 2019-04-18 15:32:35 +02:00
Ruben Bouman f13ca49fff Added functionality for exporting administrated techniques to Excel. 2019-04-10 10:08:30 +02:00
Marcus Bakker 8b5b397ebc initial commit 2019-03-29 15:26:25 +01:00