infosecn1nja
/
DeTTECT
mirror of https://github.com/infosecn1nja/DeTTECT.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
427 Commits
1 Branch
17 Tags
12 MiB
Commit Graph

48 Commits (0c0ef9d8d515745ac6ad0a0d28ff028cd1de1d3a)

Author SHA1 Message Date
Marcus Bakker 5d211341c6 Added support for Navigator 4.1 and the metada divider 2020-12-21 16:52:56 +01:00
Marcus Bakker 9f8630f727 Merge branch 'development' 2020-11-04 11:10:36 +01:00
Marcus Bakker 94e8b5e4b5 Removed support for PRE-ATT&CK from the Group mode 2020-10-31 21:01:09 +01:00
Marcus Bakker 7b7db35a32 Bug fix for issue #38 2020-10-30 22:08:56 +01:00
Ruben Bouman 4128afa55a Merge branch 'master' of https://github.com/rabobank-cdc/DeTTECT 2020-10-21 10:58:53 +02:00
Ruben 6a9ed46288 fix for generating the graph where scores of -1 were included which shouldn't 2020-10-21 10:56:15 +02:00
Marcus Bakker 73a06de207 Fixed a bug that resulted in a wrong detection colour within a detection/visibility overlay 2020-10-16 09:46:36 +02:00
Marcus Bakker 752186c5f6 Added support for specifying the ATT&CK platform 2020-10-15 11:03:36 +02:00
Ruben Bouman d3c1c3dac3 Removed tactic level (not necessary), fixed bug for showing data sources in metadata of visibility layer, fixed bug for setting showSubtechniques 2020-07-13 12:21:23 +02:00
Ruben Bouman 753a84a722 Only enable showSubtechniques is it's necessary 2020-07-10 11:33:56 +02:00
Ruben Bouman 9777e97829 Adjustments to the metadata to make it ready for Navigator 3.1 2020-07-02 16:30:36 +02:00
Ruben Bouman 3a1f5f4cea Added support for the new Navgiator v3.0 format. 2020-06-29 16:53:45 +02:00
Ruben Bouman f77aed3ef0 Functionality to update to sub-techniques, including an option to provide a local stix path. Also updated sample YAML file. 2020-06-29 15:52:26 +02:00
Ruben Bouman 931dd8ff25 Merge branch 'development' of https://github.com/marcusbakker/DeTTECT-private into development 2020-06-18 17:01:22 +02:00
Ruben Bouman 4c7ff2f095 Color shading for overlay files. 2020-06-18 17:01:16 +02:00
Marcus Bakker 5be48b9f1b Improved the metadata displayed in the overlays 2020-06-12 10:53:13 +02:00
Ruben Bouman 217980bbd3 Introduced new option to set the name of the Navigator layer 2020-06-08 16:56:56 +02:00
Ruben Bouman 1ac6a4ce78 - Added output_filename as option for datasource, visbility, detection and group modes. 
- Fixed bug when having both dates and datetimes in techniques YAML file.
 2020-05-25 11:44:13 +02:00
Marcus Bakker 363beab8a5 Mapped data sources to platforms 2020-02-10 12:17:00 +01:00
Marcus Bakker 567951174a The cumulative count was broken due to upgrade of Pandas to version 0.25.3 2019-12-05 10:37:11 +01:00
Marcus Bakker 28b26fb92c Small fixes 2019-12-05 08:43:42 +01:00
Marcus Bakker a952c34cac Added new checks to make sure the metadata in a Navigator layer file is compliant with the expected data structure. Reported by @Sreeman. 2019-12-04 14:51:56 +01:00
Marcus Bakker a72add80c1 Fixed a bug that resulted (within specific circumstance) in a wrong colour for visibility, when detection coverage is overlaid with visibility. Reported by @Sreeman. 2019-12-04 10:39:11 +01:00
Marcus Bakker 14852fb24a Merge branch 'master' of https://github.com/marcusbakker/DeTTECT-private 2019-08-20 11:16:05 +02:00
Marcus Bakker da23777631 - Excel columns made wider. 
- Removed depreciated functionality.
 2019-08-20 11:15:26 +02:00
Ruben Bouman 90fc9278c9 Don't overwrite output files if they already exist, but append a number to the filename as suffix. 2019-08-20 09:15:41 +02:00
Ruben Bouman 7ad8fe16c7 added same kind of graph for visibility as for detection 2019-08-15 16:00:06 +02:00
Marcus Bakker 08b4c9c1ec Made the necessary changes to be compatible with the interactive menu. 2019-08-13 14:28:43 +02:00
Marcus Bakker 1d2fd69a5b - Removed functionality due to the deprecation of the argument '-a, --applicable'. 
- Renamed the Excel column 'General comment' to 'Technique comment'.
- Improved the function '_load_data_sources' to make use of StringIO instead of writing a temporary file to disk.
- Before the Excel file is created, it is made sure that the date is written in the following format "%Y-%m%d". This is necessary due to the new EQL query functionality.
- Added a try/except block to '_load_data_sources', for when an EQL query resulted in invalid data source administration YAML content.
 2019-08-08 14:41:34 +02:00
Marcus Bakker ef7f494cda - Made compatible with the version 1.2 of the technique admin YAML file. 
- Replaced PyYAML with ruamel.yaml.
 2019-07-31 10:21:39 +02:00
Marcus Bakker 4e89105f04 Bugfix causing a red colour when score equals 0 in the visibility Navigator layer 2019-07-24 10:21:19 +02:00
Marcus Bakker 3f4876a682 Increased performance by caching ATT&CK STIX objects were possible. 2019-07-15 14:55:39 +02:00
Marcus Bakker e251c6157c Made compatible with the latest version of attackcti (v0.2.6) 2019-07-13 14:40:24 +02:00
Marcus Bakker 2f480b0c4e fixed a typo 2019-05-20 14:54:16 +02:00
Marcus Bakker 5fdcb2376d added a new option '--health' to check a technique administration YAML file on errors. 2019-05-14 12:58:06 +02:00
Ruben Bouman 9e62e54e7a Small bugfix on filtering applicable_to for graphs. 2019-05-07 15:29:00 +02:00
Ruben Bouman 78bc2f2842 Added support for multiple detections and visibility per technique in the technique administration YAML file. 
Changed version number tot 1.1.

Improvements and fixes for the new detections/visibility Excel sheet.
 2019-05-02 13:21:01 +02:00
Ruben Bouman add18fc725 Added wrap_text and (v)aligns to Excel cells. 
Added colors for detection, visibility and data quality scores in Excel sheets.
 2019-04-24 17:16:11 +02:00
Ruben Bouman 43d8b130a0 Added support for filtering applicable_to in groups overlayed with detection/visibility. Added docstrings. Fixed bug in arg parsing. 2019-04-24 16:15:04 +02:00
Ruben 9a607a7a72 Support for filtering on applicable_to field for detections+visibility overlay. 2019-04-24 09:36:42 +02:00
Ruben 6da47fe9fb Support for filtering on applicable_to field for visibility mode and detection graph. 2019-04-23 15:43:28 +02:00
Marcus Bakker bf617f4538 Fixed a bug that would cause a crash when the 'score' key-value pair had not value assigned 2019-04-23 13:29:27 +02:00
Ruben 58497e41ce Added applicable_to parameter in command line arguments and interactive menu, to filter on this field while generating a layer file. 2019-04-18 15:32:35 +02:00
Ruben 3754dd39bc Merge branch 'development' of https://github.com/rabobank-cdc/DeTTACT into development 
# Conflicts:
#	technique_mapping.py
 2019-04-17 13:41:55 +02:00
Ruben 2dd9a832bd Add comment and new field "Applicable to" to detection meta data within the layer file. 2019-04-17 13:35:39 +02:00
Marcus Bakker dcbf4499b2 A detection layer file now contains a score to allow sorting within the ATT&CK Navigator 2019-04-15 14:12:24 +02:00
Ruben Bouman f13ca49fff Added functionality for exporting administrated techniques to Excel. 2019-04-10 10:08:30 +02:00
Marcus Bakker 8b5b397ebc initial commit 2019-03-29 15:26:25 +01:00