Commit Graph

236 Commits (2db99b1fb7aa5583505fcac31a1d7914eead8094)

Author SHA1 Message Date
Marcus Bakker 933d6a859f
Merge pull request #9 from rabobank-cdc/master
Merge dev. with master
2019-07-08 14:09:03 +02:00
Marcus Bakker 58bdb99c86 Add Dockerfile 2019-07-08 13:40:24 +02:00
Marcus Bakker 0a80380fe2 Changed name from DeTTACT to DeTTECT 2019-07-08 10:39:15 +02:00
Marcus Bakker 7fdc637d6c Split layer into enterprise and mobile 2019-07-02 09:38:44 +02:00
Marcus Bakker 50b177f8dc rename 2019-07-02 08:56:46 +02:00
Marcus Bakker 787ca07afb Added "Rapid7 Quarterly Threat Report Q1 2019" 2019-07-02 08:54:28 +02:00
Marcus Bakker 95e9a4b068 Typos fix 2019-06-10 20:19:19 +02:00
Marcus Bakker c2d607b854 fix of a broken img url 2019-05-23 10:25:38 +02:00
Marcus Bakker 77cac4f8aa fix of a broken link 2019-05-23 10:14:10 +02:00
Marcus Bakker 75c4fa69f6
Merge pull request #7 from rabobank-cdc/development
Merge dev to master for version 1.1.1
2019-05-23 10:06:04 +02:00
Marcus Bakker 5fef4b6981 moved the overall to the top 2019-05-23 09:51:39 +02:00
Marcus Bakker 7db280b94c updated the version from 1.1 to 1.1.1 2019-05-23 09:44:20 +02:00
Marcus Bakker 70a33fc018 update on text 2019-05-23 09:43:07 +02:00
Marcus Bakker 2dd9327955 removed an unnecessary print statement 2019-05-23 09:37:08 +02:00
Marcus Bakker 34aba1e278 Fixt a small bug causing an exception in the data source menu 2019-05-23 09:36:03 +02:00
Marcus Bakker 223b7801d2 fixed a typo in T1171 2019-05-22 10:00:27 +02:00
Marcus Bakker 2f480b0c4e fixed a typo 2019-05-20 14:54:16 +02:00
Marcus Bakker 621ac3a367 updated help texts 2019-05-20 14:49:35 +02:00
Marcus Bakker f10e4ea9ab - The health function now checks for very similar values within the key-value pair 'applicable_to'. E.g. 'server' and 'servers'.
- The health function is now always called for technique admin files. Showing a generic error message if possible errors are found.
- Created new function 'check_file' to separate the functionality from 'check_file_type'.
2019-05-19 14:10:25 +02:00
Marcus Bakker 3de186c96e added the health check to the menu 2019-05-17 14:08:17 +02:00
Marcus Bakker bdb57f0270 Fixed some errors 2019-05-17 14:05:48 +02:00
Marcus Bakker 7c88bb46d8 Renamed the .yaml file and created Navigator layers. 2019-05-16 13:30:42 +02:00
Ruben Bouman 4b94efa651 Moved threat actor info from redcanary to new folder "threat-actor-data". 2019-05-16 08:24:14 +02:00
Ruben Bouman 111395c684 Merge branch 'development' of https://github.com/rabobank-cdc/DeTTACT into development 2019-05-15 14:43:32 +02:00
Ruben Bouman 9a9aa01355 Provided a groups YAML file for the Red Canary threat detection 2019 report, listing all frequently used techniques including lists per sector. Adjusted functionality in DeTT&CT to support the use of 'weight' in group files. 2019-05-15 14:43:25 +02:00
Marcus Bakker 7c027606d9 small improvement in the health check for tech. YAML files 2019-05-15 11:00:33 +02:00
Ruben Bouman e745b3bfe4 Merge branch 'development' of https://github.com/rabobank-cdc/DeTTACT into development 2019-05-15 10:05:29 +02:00
Ruben Bouman 24be857eb2 Added both detection and visibility score to detection/visibility overlay. 2019-05-15 10:05:19 +02:00
Marcus Bakker ff492db9ff fixed a small bug in new code 2019-05-14 13:56:07 +02:00
Marcus Bakker 5fdcb2376d added a new option '--health' to check a technique administration YAML file on errors. 2019-05-14 12:58:06 +02:00
rubinator 778dded30a
Merge pull request #6 from rabobank-cdc/development
update on text
2019-05-08 10:33:57 +02:00
Marcus Bakker a183280ca9 update on text 2019-05-08 10:31:08 +02:00
rubinator 4277bc134c
Merge pull request #5 from rabobank-cdc/development
Merge dev to master for version 1.1
2019-05-08 10:25:57 +02:00
Marcus Bakker e505a966c3 Merge branch 'development' of https://github.com/rabobank-cdc/DeTTACT into development 2019-05-08 10:23:46 +02:00
Marcus Bakker 5047b4555b update on content 2019-05-08 10:22:45 +02:00
Ruben Bouman 249bf07f4c Show help when running DeTT&CT without params. 2019-05-08 08:42:32 +02:00
Ruben Bouman 16ab713db1 Small bugfix when using interactive menu: default overlay type should be 'group'. And when giving empty group, value is set to 'all'. 2019-05-07 15:40:15 +02:00
Ruben Bouman e043a9ed7e Small bugfix for using applicable to in interactive menu for detections. 2019-05-07 15:29:19 +02:00
Ruben Bouman 9e62e54e7a Small bugfix on filtering applicable_to for graphs. 2019-05-07 15:29:00 +02:00
Ruben Bouman 62eccabe2d Corrections on double spaces 2019-05-07 15:28:34 +02:00
Marcus Bakker 5cbb419a09 Fixed a bug that resulted in a wrong scoring an colouring of groups when overlaid with detection/visibility 2019-05-03 10:25:11 +02:00
Marcus Bakker 149362f9d8 Created 3 constants for overlay_type 2019-05-02 20:15:43 +02:00
Marcus Bakker f475c26ede Merge branch 'development' of https://github.com/rabobank-cdc/DeTTACT into development 2019-05-02 19:54:57 +02:00
Marcus Bakker e60d77fdf1 Added score (in the layer attribute "score" and as metadata) for detection/visibility when overlaid with a group 2019-05-02 19:54:32 +02:00
Marcus Bakker b84e98c12b Converted float to int 2019-05-02 19:45:45 +02:00
Ruben Bouman 9b52bf1136 Improvend the legend for group + detection and visibility overlays. 2019-05-02 16:47:40 +02:00
Ruben Bouman 95a9877370 Merge branch 'development' of https://github.com/rabobank-cdc/DeTTACT into development 2019-05-02 13:21:18 +02:00
Ruben Bouman 78bc2f2842 Added support for multiple detections and visibility per technique in the technique administration YAML file.
Changed version number tot 1.1.

Improvements and fixes for the new detections/visibility Excel sheet.
2019-05-02 13:21:01 +02:00
Marcus Bakker 35b85b6ddb Re-added multiple visibilities and detections to T1171 2019-05-01 12:06:39 +02:00
Marcus Bakker 34073234dc Added new examples for the new tactic "Impact" 2019-05-01 12:04:59 +02:00