forked from p15670423/monkey
Island: Remove attack-data submodule
Removed submodule with its fork. Remove usage of the submodule. Fixed monkey_island.spec Added attack_mitigations dump. Added hook for above file.
This commit is contained in:
parent
6de33bfd57
commit
36b13d0db9
|
@ -1,6 +1,3 @@
|
|||
[submodule "monkey/monkey_island/cc/services/attack/attack_data"]
|
||||
path = monkey/monkey_island/cc/services/attack/attack_data
|
||||
url = https://github.com/guardicore/cti
|
||||
[submodule "docs/themes/learn"]
|
||||
path = docs/themes/learn
|
||||
url = https://github.com/guardicode/hugo-theme-learn.git
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
Subproject commit fb8942b1a10f4e734ed75542f2ccae7cbd72c46d
|
|
@ -1,42 +1,4 @@
|
|||
import os
|
||||
from typing import Dict, List
|
||||
|
||||
from stix2 import AttackPattern, CourseOfAction, FileSystemSource, Filter
|
||||
|
||||
from monkey_island.cc.server_utils.consts import MONKEY_ISLAND_ABS_PATH
|
||||
|
||||
|
||||
class MitreApiInterface:
|
||||
ATTACK_DATA_PATH = os.path.join(
|
||||
MONKEY_ISLAND_ABS_PATH, "cc", "services", "attack", "attack_data", "enterprise-attack"
|
||||
)
|
||||
|
||||
@staticmethod
|
||||
def get_all_mitigations() -> Dict[str, CourseOfAction]:
|
||||
file_system = FileSystemSource(MitreApiInterface.ATTACK_DATA_PATH)
|
||||
mitigation_filter = [Filter("type", "=", "course-of-action")]
|
||||
all_mitigations = file_system.query(mitigation_filter)
|
||||
all_mitigations = {mitigation["id"]: mitigation for mitigation in all_mitigations}
|
||||
return all_mitigations
|
||||
|
||||
@staticmethod
|
||||
def get_all_attack_techniques() -> Dict[str, AttackPattern]:
|
||||
file_system = FileSystemSource(MitreApiInterface.ATTACK_DATA_PATH)
|
||||
technique_filter = [Filter("type", "=", "attack-pattern")]
|
||||
all_techniques = file_system.query(technique_filter)
|
||||
all_techniques = {technique["id"]: technique for technique in all_techniques}
|
||||
return all_techniques
|
||||
|
||||
@staticmethod
|
||||
def get_technique_and_mitigation_relationships() -> List[CourseOfAction]:
|
||||
file_system = FileSystemSource(MitreApiInterface.ATTACK_DATA_PATH)
|
||||
technique_filter = [
|
||||
Filter("type", "=", "relationship"),
|
||||
Filter("relationship_type", "=", "mitigates"),
|
||||
]
|
||||
all_techniques = file_system.query(technique_filter)
|
||||
return all_techniques
|
||||
|
||||
@staticmethod
|
||||
def get_stix2_external_reference_id(stix2_data) -> str:
|
||||
for reference in stix2_data["external_references"]:
|
||||
|
|
File diff suppressed because one or more lines are too long
|
@ -35,20 +35,5 @@ def _try_store_mitigations_on_mongo():
|
|||
|
||||
|
||||
def _store_mitigations_on_mongo():
|
||||
stix2_mitigations = MitreApiInterface.get_all_mitigations()
|
||||
mongo_mitigations = AttackMitigations.dict_from_stix2_attack_patterns(
|
||||
MitreApiInterface.get_all_attack_techniques()
|
||||
)
|
||||
mitigation_technique_relationships = (
|
||||
MitreApiInterface.get_technique_and_mitigation_relationships()
|
||||
)
|
||||
for relationship in mitigation_technique_relationships:
|
||||
mongo_mitigations[relationship["target_ref"]].add_mitigation(
|
||||
stix2_mitigations[relationship["source_ref"]]
|
||||
)
|
||||
for relationship in mitigation_technique_relationships:
|
||||
mongo_mitigations[relationship["target_ref"]].add_no_mitigations_info(
|
||||
stix2_mitigations[relationship["source_ref"]]
|
||||
)
|
||||
for key, mongo_object in mongo_mitigations.items():
|
||||
mongo_object.save()
|
||||
# TODO: import attack mitigations
|
||||
pass
|
||||
|
|
|
@ -13,7 +13,7 @@ def main():
|
|||
# The format of the tuples is (src, dest_dir). See https://pythonhosted.org/PyInstaller/spec-files.html#adding-data-files
|
||||
added_datas = [
|
||||
("../common/BUILD", "/common"),
|
||||
("../monkey_island/cc/services/attack/attack_data", "/monkey_island/cc/services/attack/attack_data")
|
||||
("../monkey_island/cc/services/mongo/attack_mitigations.json", "/monkey_island/cc/services/mongo/attack_mitigations.json")
|
||||
]
|
||||
|
||||
a = Analysis(['main.py'],
|
||||
|
|
|
@ -1,14 +1,18 @@
|
|||
import pytest
|
||||
import json
|
||||
from pathlib import Path
|
||||
|
||||
from monkey_island.cc.services.attack.mitre_api_interface import MitreApiInterface
|
||||
from monkey_island.cc.server_utils.consts import MONKEY_ISLAND_ABS_PATH
|
||||
|
||||
|
||||
@pytest.mark.slow
|
||||
def test_get_all_mitigations():
|
||||
mitigations = MitreApiInterface.get_all_mitigations()
|
||||
assert len(mitigations.items()) >= 282
|
||||
mitigation = next(iter(mitigations.values()))
|
||||
assert mitigation["type"] == "course-of-action"
|
||||
attack_mitigation_path = (
|
||||
Path(MONKEY_ISLAND_ABS_PATH) / "cc" / "setup" / "mongo" / "attack_mitigations.json"
|
||||
)
|
||||
|
||||
with open(attack_mitigation_path) as mitigations:
|
||||
mitigations = json.load(mitigations)
|
||||
assert len(mitigations) >= 266
|
||||
mitigation = next(iter(mitigations))["mitigations"][0]
|
||||
assert mitigation["name"] is not None
|
||||
assert mitigation["description"] is not None
|
||||
assert mitigation["external_references"] is not None
|
||||
assert mitigation["url"] is not None
|
||||
|
|
Loading…
Reference in New Issue