def home(request):
context = {
'indicators': 0,
'observables': 0,
'campaigns': 0,
'threatactors': 0,
'packages': 0
}
context['packages'] = Package.objects.count()
context['threatactors'] = ThreatActor.objects.count()
context['campaigns'] = Campaign.objects.count()
context['ttps'] = TTP.objects.count()
context['indicators'] = Indicator.objects.count()
context['observables'] = Observable.objects.count()
if hasattr(request.user.userextension, 'namespaces'):
context['usernamespace'] = request.user.userextension.namespaces.last(
).namespace.split(':')[0]
context['namespaceicon'] = get_icon_for_namespace(
request.user.userextension.namespaces.last().namespace)
else:
context['usernamespace'] = 'nospace'
context['namespaceicon'] = static('ns_icon/octalpus.png')
return render_to_response('kraut_base/index.html',
context,
context_instance=RequestContext(request))
def accounts_change_password(request):
"""change password
"""
if request.method == 'POST':
form = PasswordChangeCustomForm(request.POST)
if form.is_valid():
current_user = request.user
# check if old password equals current password
old_pass = form.cleaned_data['old_password']
n1_pass = form.cleaned_data['new_password1']
n2_pass = form.cleaned_data['new_password2']
if not current_user.check_password(old_pass):
messages.error(request, 'Old password wrong!')
return HttpResponseRedirect(reverse("accounts:changepw"))
if n1_pass != n2_pass:
messages.error(request, 'New password does not match!')
return HttpResponseRedirect(reverse("accounts:changepw"))
# change password
current_user.set_password(n1_pass)
update_session_auth_hash(request, request.user)
current_user.save()
messages.info(request, 'Password successfully changed!')
else:
messages.error(request, 'Failure updating password!')
return HttpResponseRedirect(reverse("accounts:changepw"))
context = {'form': PasswordChangeCustomForm()}
if hasattr(request.user.userextension, 'namespaces'):
context['usernamespace'] = request.user.userextension.namespaces.last(
).namespace.split(':')[0]
context['namespaceicon'] = get_icon_for_namespace(
request.user.userextension.namespaces.last().namespace)
else:
context['usernamespace'] = 'nospace'
context['namespaceicon'] = static('ns_icon/octalpus.png')
return render(request, 'kraut_accounts/changepw.html', context)
def threatactor(request, threat_actor_id="1"):
context = {'ta_id': threat_actor_id, 'ta': None}
try:
ta = ThreatActor.objects.filter(pk=int(threat_actor_id)).prefetch_related(
Prefetch('campaigns'),
Prefetch('associated_threat_actors'),
Prefetch('observed_ttps'),
)
except ThreatActor.DoesNotExist:
messages.error(request, 'The requested threat actor does not exist!')
return render_to_response('kraut_intel/campaign_details.html', context, context_instance=RequestContext(request))
if len(ta)<=0:
messages.warning(request, "No threat actor with the given ID exists in the system.")
else:
try:
comments = ThreatActorComment.objects.filter(actor_reference=ta[0]).order_by('-creation_time')
except:
comments = None
context['comments'] = comments
context['commentform'] = ActorCommentForm()
context['ta'] = ta[0]
### Get TA Types
try:
ta_types = TA_Types.objects.filter(actor=ta[0])
#ta_type = ta_type_object.ta_type
except TA_Types.DoesNotExist:
ta_types = [{'ta_type': "Unknown"}]
ta_types_string = ""
for item in ta_types:
ta_types_string += '%s, ' % (item.ta_type)
ta_types_string = ta_types_string.strip()[:-1]
if ta_types_string == "":
ta_types_string = "Unknown"
### Get TA Roles
try:
ta_roles = TA_Roles.objects.filter(actor=ta[0])
except TA_Roles.DoesNotExist:
ta_roles = [{'role': "Unknown"}]
ta_roles_string = ""
for item in ta_roles:
ta_roles_string += '%s, ' % (item.role)
ta_roles_string = ta_roles_string.strip()[:-1]
if ta_roles_string == "":
ta_roles_string = "Unknown"
### Get TA Alias Names
try:
ta_alias = TA_Alias.objects.filter(actor=ta[0])
except TA_Alias.DoesNotExist:
ta_alias = None
context['ta_types'] = ta_types_string
context['ta_roles'] = ta_roles_string
context['ta_alias'] = ta_alias
context['namespaces'] = Namespace.objects.all()
context['namespace_icon'] = get_icon_for_namespace(ta[0].namespace)
context['tab'] = 'campaigns'
context['num_campaigns'] = ta[0].campaigns.count()
context['num_assoc_ta'] = ta[0].associated_threat_actors.count()
context['num_ttps'] = ta[0].observed_ttps.count()
return render_to_response('kraut_intel/threatactor_details.html', context, context_instance=RequestContext(request))
def campaigns(request):
context = {}
if hasattr(request.user.userextension, 'namespaces'):
context['usernamespace'] = request.user.userextension.namespaces.last().namespace.split(':')[0]
context['namespaceicon'] = get_icon_for_namespace(request.user.userextension.namespaces.last().namespace)
else:
context['usernamespace'] = 'nospace'
context['namespaceicon'] = static('ns_icon/octalpus.png')
return render_to_response('kraut_intel/campaigns.html', context, context_instance=RequestContext(request))
def observable(request, observable_id="1"):
""" details of a single observable
"""
context = {'observable_id': observable_id, 'observable': None, 'objects': None, 'related_objects': [], 'related_observables': []}
try:
observable = Observable.objects.filter(pk=int(observable_id)).prefetch_related(
Prefetch('indicators'),
)
except Observable.DoesNotExist:
messages.error(request, 'The requested observable does not exist!')
return render_to_response('kraut_intel/observable_details.html', context, context_instance=RequestContext(request))
if len(observable)<=0:
messages.warning(request, "No observable with the given ID exists in the system.")
else:
context['observable'] = observable[0]
context['namespace_icon'] = get_icon_for_namespace(observable[0].namespace.last().namespace)
context['namespaces'] = Namespace.objects.all()
context['objects'] = get_object_for_observable(observable[0].observable_type, observable[0])
# get related objects
for obj in context['objects']:
context['related_objects'].append(get_related_objects_for_object(obj.id, observable[0].observable_type))
context['related_observables'].append(obj.observables.all())
if len(context['related_observables'])<=0:
context['related_observables'].append(observable)
# check if observable is in a composition
for obs_comp in observable[0].observablecomposition_set.all():
context['related_observables'].append(obs_comp.observable_set.all())
# check object type specific settings
if observable[0].observable_type == 'FileObjectType':
context['custom'] = []
context['meta'] = []
context['hashes'] = []
context['active_tab'] = 'hashes'
for obj in context['objects']:
for custom in obj.file_custom.all():
context['custom'].append({'name': custom.property_name, 'value': custom.property_value})
context['active_tab'] = 'custom'
for meta in obj.file_meta.all():
if meta.file_name != 'No Name' or meta.file_path != 'No Path' or meta.file_extension != 'No Extension' or meta.file_size != 0:
context['meta'].append({
'name': meta.file_name,
'path': meta.file_path,
'extension': meta.file_extension,
'size': meta.file_size
})
context['active_tab'] = 'meta'
if obj.md5_hash != 'No MD5' or obj.sha256_hash != 'No SHA256':
context['hashes'] = True
context['active_tab'] = 'hashes'
elif observable[0].observable_type == 'CompositionContainer':
### TODO: currently supports only single composition in observable
for composition in observable[0].compositions.all():
context['composition_id'] = composition.id
elif observable[0].observable_type == 'WindowsExecutableFileObjectType':
context['active_tab'] = 'winexeobj'
return render_to_response('kraut_intel/observable_details.html', context, context_instance=RequestContext(request))
def package(request, package_id="1"):
""" details of a single intelligence package
"""
context = {'package_id': package_id, 'package': None}
try:
package = Package.objects.filter(pk=int(package_id)).prefetch_related(
Prefetch('threat_actors'),
Prefetch('campaigns'),
Prefetch('indicators'),
Prefetch('observables'),
)
except Package.DoesNotExist:
messages.error(request, 'The requested package does not exist!')
return render_to_response('kraut_intel/package_details.html', context, context_instance=RequestContext(request))
if len(package)<=0:
messages.warning(request, "No package with the given ID exists in the system.")
else:
try:
comments = PackageComment.objects.filter(package_reference=package[0]).order_by('-creation_time')
except:
comments = None
context['comments'] = comments
context['commentform'] = PackageCommentForm()
context['package'] = package[0]
if package[0].description:
context['description'] = ' '.join(package[0].description.strip().split())
else:
context['description'] = ''
context['namespaces'] = Namespace.objects.all()
context['namespace_icon'] = get_icon_for_namespace(package[0].namespace.last().namespace)
context['num_threat_actors'] = package[0].threat_actors.count()
context['num_campaigns'] = package[0].campaigns.count()
context['num_ttps'] = package[0].ttps.count()
context['num_indicators'] = package[0].indicators.count()
context['num_observables'] = package[0].observables.count()
if context['num_threat_actors'] > 0:
context['tab'] = 'threatactors'
elif context['num_campaigns'] > 0:
context['tab'] = 'campaigns'
elif context['num_indicators'] > 0:
context['tab'] = 'indicators'
elif context['num_ttps'] > 0:
context['tab'] = 'ttps'
else:
context['tab'] = 'observables'
context['quick_pane'] = {}
for obs_obj in package[0].observables.all():
context['quick_pane'][obs_obj.observable_type] = True
for ind_obj in package[0].indicators.all():
for obs_obj in ind_obj.observable_set.all():
context['quick_pane'][obs_obj.observable_type] = True
return render_to_response('kraut_intel/package_details.html', context, context_instance=RequestContext(request))
def malware_instance(request, mwi_id="1"):
""" details of a single malware instance
"""
context = {'mwi_id': mwi_id, 'mwi': None, 'related_ttps': []}
try:
mwi = MalwareInstance.objects.get(pk=int(mwi_id))
except MalwareInstance.DoesNotExist:
messages.error(request, 'The requested Malware Instance object does not exist')
return render_to_response('kraut_intel/mwinstance_details.html', context, context_instance=RequestContext(request))
context['mwi'] = mwi
context['namespace_icon'] = get_icon_for_namespace(mwi.ttp_ref.namespace.last().namespace)
context['description'] = ' '.join(strip_tags(mwi.description).replace('\n', ' ').replace('\r', '').replace('\t', ' ').strip().split())
return render_to_response('kraut_intel/mwinstance_details.html', context, context_instance=RequestContext(request))
def attack_pattern(request, ap_id="1"):
""" details of a single attack pattern
"""
context = {'ap_id': ap_id, 'ap': None, 'related_ttps': []}
try:
ap = AttackPattern.objects.get(pk=int(ap_id))
except AttackPattern.DoesNotExist:
messages.error(request, 'The requested Malware Instance object does not exist')
return render_to_response('kraut_intel/attpattern_details.html', context, context_instance=RequestContext(request))
context['ap'] = ap
context['namespace_icon'] = get_icon_for_namespace(ap.ttp_ref.namespace.last().namespace)
context['description'] = ' '.join(strip_tags(ap.description).replace('\n', ' ').replace('\r', '').replace('\t', ' ').strip().split())
return render_to_response('kraut_intel/attpattern_details.html', context, context_instance=RequestContext(request))
def indicator(request, indicator_id="1"):
""" details of a single indicator
"""
context = {'indicator_id': indicator_id, 'indicator': None, 'tab': 'indicators'}
try:
indicator = Indicator.objects.filter(pk=int(indicator_id)).prefetch_related(
Prefetch('indicator_types'),
Prefetch('confidence'),
Prefetch('related_indicators'),
Prefetch('observablecomposition_set'),
Prefetch('ttps'),
Prefetch('kill_chain_phases')
)
except Indicator.DoesNotExist:
messages.error(request, "The requested indicator does not exist!")
return render_to_response('kraut_intel/indicator_details.html', context, context_instance=RequestContext(request))
if len(indicator)<=0:
messages.warning(request, "No indicator with the given ID exists in the system.")
else:
context['indicator'] = indicator[0]
context['namespace_icon'] = get_icon_for_namespace(indicator[0].namespace)
context['namespaces'] = Namespace.objects.all()
context['num_killchain'] = indicator[0].kill_chain_phases.count()
context['num_ttps'] = indicator[0].ttps.count()
context['num_indicators'] = indicator[0].related_indicators.count()
context['num_observables'] = indicator[0].observable_set.count()
context['num_observable_compositions'] = indicator[0].observablecomposition_set.count()
if context['num_indicators'] > 0:
context['tab'] = 'indicators'
elif context['num_observables'] > 0:
context['tab'] = 'observables'
elif context['num_observable_compositions'] > 0:
context['tab'] = 'compositions'
elif context['num_ttps'] > 0:
context['tab'] = 'ttps'
context['confidence'] = indicator[0].confidence.last().value
if context['confidence'] == 'Low':
context['confidence_color'] = 'success'
elif context['confidence'] == 'Medium':
context['confidence_color'] = 'warning'
else:
context['confidence_color'] = 'danger'
### TODO: currently supports only single composition in indicator
if context['num_observable_compositions'] > 0:
for composition in indicator[0].observablecomposition_set.all():
context['composition_id'] = composition.id
else:
context['composition_id'] = None
return render_to_response('kraut_intel/indicator_details.html', context, context_instance=RequestContext(request))
def observable(request, observable_id="1"):
""" details of a single observable
"""
context = {'observable_id': observable_id, 'observable': None, 'objects': None, 'related_objects': [], 'related_observables': []}
try:
observable = Observable.objects.filter(pk=int(observable_id)).prefetch_related(
Prefetch('indicators'),
)
except Observable.DoesNotExist:
messages.error(request, 'The requested observable does not exist!')
return render_to_response('kraut_intel/observable_details.html', context, context_instance=RequestContext(request))
if len(observable)<=0:
messages.warning(request, "No observable with the given ID exists in the system.")
else:
context['observable'] = observable[0]
context['namespace_icon'] = get_icon_for_namespace(observable[0].namespace)
context['objects'] = get_object_for_observable(observable[0].observable_type, observable[0])
# get related objects
for obj in context['objects']:
context['related_objects'].append(get_related_objects_for_object(obj.id, observable[0].observable_type))
context['related_observables'].append(obj.observables.all())
if len(context['related_observables'])<=0:
context['related_observables'].append(observable)
# check object type specific settings
if observable[0].observable_type == 'FileObjectType':
context['custom'] = []
context['meta'] = []
context['hashes'] = []
context['active_tab'] = 'hashes'
for obj in context['objects']:
for custom in obj.file_custom.all():
context['custom'].append({'name': custom.property_name, 'value': custom.property_value})
context['active_tab'] = 'custom'
for meta in obj.file_meta.all():
if meta.file_name != 'No Name' or meta.file_path != 'No Path' or meta.file_extension != 'No Extension' or meta.file_size != 0:
context['meta'].append({
'name': meta.file_name,
'path': meta.file_path,
'extension': meta.file_extension,
'size': meta.file_size
})
context['active_tab'] = 'meta'
if obj.md5_hash != 'No MD5' or obj.sha256_hash != 'No SHA256':
context['hashes'] = True
context['active_tab'] = 'hashes'
return render_to_response('kraut_intel/observable_details.html', context, context_instance=RequestContext(request))
def campaign(request, campaign_id="1"):
context = {'campaign_id': campaign_id, 'campaign': None}
try:
campaign = Campaign.objects.filter(pk=int(campaign_id)).prefetch_related(
Prefetch('confidence'),
Prefetch('related_indicators'),
Prefetch('associated_campaigns'),
Prefetch('related_ttps'),
)
except Campaign.DoesNotExist:
messages.error(request, 'The requested campaign does not exist!')
return render_to_response('kraut_intel/campaign_details.html', context, context_instance=RequestContext(request))
if len(campaign)<=0:
messages.warning(request, "No campaign with the given ID exists in the system.")
else:
try:
comments = CampaignComment.objects.filter(campaign_reference=campaign[0]).order_by('-creation_time')
except:
comments = None
context['comments'] = comments
context['commentform'] = CampaignCommentForm()
context['campaign'] = campaign[0]
context['confidences'] = Confidence.objects.all()
context['namespaces'] = Namespace.objects.all()
context['namespace_icon'] = get_icon_for_namespace(campaign[0].namespace)
try:
context['confidence'] = campaign[0].confidence.last().value
except:
context['confidence'] = 'Low'
context['confidence_color'] = 'success'
context['num_indicators'] = campaign[0].related_indicators.count()
context['num_campaigns'] = campaign[0].associated_campaigns.count()
context['num_ttps'] = campaign[0].related_ttps.count()
if context['num_indicators'] >0:
context['tab'] = 'indicators'
elif context['num_campaigns']:
context['tab'] = 'campaigns'
else:
context['tab'] = 'ttps'
if context['confidence'] == 'Low':
context['confidence_color'] = 'success'
elif context['confidence'] == 'Medium':
context['confidence_color'] = 'warning'
else:
context['confidence_color'] = 'danger'
return render_to_response('kraut_intel/campaign_details.html', context, context_instance=RequestContext(request))
def threatactor(request, threat_actor_id="1"):
context = {'ta_id': threat_actor_id, 'ta': None}
try:
ta = ThreatActor.objects.filter(pk=int(threat_actor_id)).prefetch_related(
Prefetch('campaigns'),
Prefetch('associated_threat_actors'),
Prefetch('observed_ttps'),
)
except ThreatActor.DoesNotExist:
messages.error(request, 'The requested threat actor does not exist!')
return render_to_response('kraut_intel/campaign_details.html', context, context_instance=RequestContext(request))
if len(ta)<=0:
messages.warning(request, "No threat actor with the given ID exists in the system.")
else:
context['ta'] = ta[0]
try:
ta_type_object = TA_Types.objects.get(actor=ta[0])
ta_type = ta_type_object.ta_type
except TA_Types.DoesNotExist:
ta_type = "Unknown"
try:
ta_roles = TA_Roles.objects.filter(actor=ta[0])
except TA_Roles.DoesNotExist:
ta_roles = [{'role': "Unknown"}]
ta_roles_string = ""
for item in ta_roles:
ta_roles_string += '%s, ' % (item.role)
ta_roles_string = ta_roles_string.strip()[:-1]
if ta_roles_string == "":
ta_roles_string = "Unknown"
try:
ta_alias = TA_Alias.objects.filter(actor=ta[0])
except TA_Alias.DoesNotExist:
ta_alias = None
context['ta_type'] = ta_type
context['ta_roles'] = ta_roles_string
context['ta_alias'] = ta_alias
context['namespace_icon'] = get_icon_for_namespace(ta[0].namespace)
context['tab'] = 'campaigns'
context['num_campaigns'] = ta[0].campaigns.count()
context['num_assoc_ta'] = ta[0].associated_threat_actors.count()
context['num_ttps'] = ta[0].observed_ttps.count()
return render_to_response('kraut_intel/threatactor_details.html', context, context_instance=RequestContext(request))
def indicator(request, indicator_id="1"):
""" details of a single indicator
"""
context = {'indicator_id': indicator_id, 'indicator': None, 'tab': 'indicators'}
try:
indicator = Indicator.objects.filter(pk=int(indicator_id)).prefetch_related(
Prefetch('indicator_types'),
Prefetch('confidence'),
Prefetch('related_indicators'),
Prefetch('observablecomposition_set')
)
except Indicator.DoesNotExist:
messages.error(request, "The requested indicator does not exist!")
return render_to_response('kraut_intel/indicator_details.html', context, context_instance=RequestContext(request))
if len(indicator)<=0:
messages.warning(request, "No indicator with the given ID exists in the system.")
else:
context['indicator'] = indicator[0]
context['namespace_icon'] = get_icon_for_namespace(indicator[0].namespace)
context['num_indicators'] = indicator[0].related_indicators.count()
context['num_observables'] = indicator[0].observable_set.count()
context['num_observable_compositions'] = indicator[0].observablecomposition_set.count()
if context['num_indicators'] > 0:
context['tab'] = 'indicators'
elif context['num_observables'] > 0:
context['tab'] = 'observables'
elif context['num_observable_compositions'] > 0:
context['tab'] = 'compositions'
context['confidence'] = indicator[0].confidence.last().value
if context['confidence'] == 'Low':
context['confidence_color'] = 'success'
elif context['confidence'] == 'Medium':
context['confidence_color'] = 'warning'
else:
context['confidence_color'] = 'danger'
### TODO: currently supports only single composition in indicator
if context['num_observable_compositions'] > 0:
for composition in indicator[0].observablecomposition_set.all():
context['composition_id'] = composition.id
else:
context['composition_id'] = None
return render_to_response('kraut_intel/indicator_details.html', context, context_instance=RequestContext(request))
def ttp(request, ttp_id="1"):
context = {'ttp_id': ttp_id, 'ttp': None}
try:
ttp = TTP.objects.filter(pk=int(ttp_id)).prefetch_related(
Prefetch('related_ttps'),
)
except TTP.DoesNotExist:
messages.error(request, 'The requested TTP does not exist!')
return render_to_response('kraut_intel/ttp_details.html', context, context_instance=RequestContext(request))
if len(ttp)<=0:
messages.error(request, 'No TTP with given ID exists in the system.')
else:
context['ttp'] = ttp[0]
context['namespace_icon'] = get_icon_for_namespace(ttp[0].namespace)
context['num_rel_ttps'] = ttp[0].related_ttps.count()
context['num_instances'] = MalwareInstance.objects.filter(ttp_ref=ttp[0]).count()
context['num_patterns'] = AttackPattern.objects.filter(ttp_ref=ttp[0]).count()
if context['num_instances'] > 0:
context['tab'] = 'malware_instances'
else:
context['tab'] = 'attack_patterns'
return render_to_response('kraut_intel/ttp_details.html', context, context_instance=RequestContext(request))
def ttp(request, ttp_id="1"):
context = {'ttp_id': ttp_id, 'ttp': None}
try:
ttp = TTP.objects.filter(pk=int(ttp_id)).prefetch_related(
Prefetch('related_ttps'),
)
except TTP.DoesNotExist:
messages.error(request, 'The requested TTP does not exist!')
return render_to_response('kraut_intel/ttp_details.html', context, context_instance=RequestContext(request))
if len(ttp)<=0:
messages.error(request, 'No TTP with given ID exists in the system.')
else:
context['ttp'] = ttp[0]
context['namespace_icon'] = get_icon_for_namespace(ttp[0].namespace)
context['num_rel_ttps'] = ttp[0].related_ttps.count()
context['num_instances'] = MalwareInstance.objects.filter(ttp_ref=ttp[0]).count()
context['num_patterns'] = AttackPattern.objects.filter(ttp_ref=ttp[0]).count()
if context['num_instances'] > 0:
context['tab'] = 'malware_instances'
else:
context['tab'] = 'attack_patterns'
return render_to_response('kraut_intel/ttp_details.html', context, context_instance=RequestContext(request))
def campaign(request, campaign_id="1"):
context = {'campaign_id': campaign_id, 'campaign': None}
try:
campaign = Campaign.objects.filter(pk=int(campaign_id)).prefetch_related(
Prefetch('confidence'),
Prefetch('related_indicators'),
Prefetch('associated_campaigns'),
Prefetch('related_ttps'),
)
except Campaign.DoesNotExist:
messages.error(request, 'The requested campaign does not exist!')
return render_to_response('kraut_intel/campaign_details.html', context, context_instance=RequestContext(request))
if len(campaign)<=0:
messages.warning(request, "No campaign with the given ID exists in the system.")
else:
context['campaign'] = campaign[0]
context['namespace_icon'] = get_icon_for_namespace(campaign[0].namespace)
try:
context['confidence'] = campaign[0].confidence.last().value
except:
context['confidence'] = 'Low'
context['confidence_color'] = 'success'
context['num_indicators'] = campaign[0].related_indicators.count()
context['num_campaigns'] = campaign[0].associated_campaigns.count()
context['num_ttps'] = campaign[0].related_ttps.count()
if context['num_indicators'] >0:
context['tab'] = 'indicators'
elif context['num_campaigns']:
context['tab'] = 'campaigns'
else:
context['tab'] = 'ttps'
if context['confidence'] == 'Low':
context['confidence_color'] = 'success'
elif context['confidence'] == 'Medium':
context['confidence_color'] = 'warning'
else:
context['confidence_color'] = 'danger'
return render_to_response('kraut_intel/campaign_details.html', context, context_instance=RequestContext(request))
def view_incident(request, incident_id):
"""View details of incident
"""
context = {'incident_id': incident_id, 'incident': None}
try:
inc = Incident.objects.get(id=incident_id)
except Incident.DoesNotExist:
messages.error(request, 'The requested incident does not exist!')
return render(request, 'kraut_incident/incident_list.html', context)
context['incident'] = inc
context['severities'] = ['High', 'Medium', 'Low']
context['severity'] = inc.get_severity_display()
if hasattr(request.user.userextension, 'namespaces'):
context['usernamespace'] = request.user.userextension.namespaces.last(
).namespace.split(':')[0]
context['namespaceicon'] = get_icon_for_namespace(
request.user.userextension.namespaces.last().namespace)
else:
context['usernamespace'] = 'nospace'
context['namespaceicon'] = static('ns_icon/octalpus.png')
try:
comments = IncidentComment.objects.filter(
incident_reference=inc).order_by('-creation_time')
except:
comments = None
context['comments'] = comments
context['commentform'] = IncidentCommentForm()
context['num_incident_handlers'] = inc.incident_handler.count()
context['num_incident_contacts'] = inc.contacts.count()
context['num_incident_tasks'] = inc.tasks.count()
context['num_affected_assets'] = inc.affected_assets.count()
if context['num_incident_tasks'] > 0:
context['tab'] = 'incident_tasks'
elif context['num_incident_contacts'] > 0:
context['tab'] = 'incident_contacts'
else:
context['tab'] = 'incident_handler'
return render(request, 'kraut_incident/incident_details.html', context)
def package(request, package_id="1"):
""" details of a single intelligence package
"""
context = {'package_id': package_id, 'package': None}
try:
package = Package.objects.filter(pk=int(package_id)).prefetch_related(
Prefetch('threat_actors'),
Prefetch('campaigns'),
Prefetch('indicators'),
Prefetch('observables'),
)
except Package.DoesNotExist:
messages.error(request, 'The requested package does not exist!')
return render_to_response('kraut_intel/package_details.html', context, context_instance=RequestContext(request))
if len(package)<=0:
messages.warning(request, "No package with the given ID exists in the system.")
else:
context['package'] = package[0]
context['namespace_icon'] = get_icon_for_namespace(package[0].namespace)
context['num_threat_actors'] = package[0].threat_actors.count()
context['num_campaigns'] = package[0].campaigns.count()
context['num_ttps'] = package[0].ttps.count()
context['num_indicators'] = package[0].indicators.count()
context['num_observables'] = package[0].observables.count()
if context['num_threat_actors'] > 0:
context['tab'] = 'threatactors'
elif context['num_campaigns'] > 0:
context['tab'] = 'campaigns'
elif context['num_indicators'] > 0:
context['tab'] = 'indicators'
else:
context['tab'] = 'observables'
context['quick_pane'] = {}
for obs_obj in package[0].observables.all():
context['quick_pane'][obs_obj.observable_type] = True
return render_to_response('kraut_intel/package_details.html', context, context_instance=RequestContext(request))
def get_namespace_icon(self, obj):
return get_icon_for_namespace(obj.namespace.last().namespace)
def new_incident(request):
context = {}
if request.method == 'POST':
### {'status': <Incident_Status: Open>, 'incident_number': 4976401221, 'category': <Incident_Category: Investigation>, 'description': u'', 'title': u'Unnamed Incident'}
incident_form = IncidentForm(request.POST)
if incident_form.is_valid():
# check if handler and contact given
handler_dict = slicedict(request.POST, 'HandlerCheckBox')
contact_dict = slicedict(request.POST, 'ContactCheckBox')
if len(handler_dict) <= 0:
messages.error(request, 'Missing an incident handler!')
return HttpResponseRedirect(reverse("incidents:new"))
if len(contact_dict) <= 0:
messages.error(request, 'Missing an incident contact!')
return HttpResponseRedirect(reverse("incidents:new"))
new_incident = Incident(
incident_number=incident_form.cleaned_data['incident_number'],
title=incident_form.cleaned_data['title'],
description=incident_form.cleaned_data['description'],
status=incident_form.cleaned_data['status'],
category=incident_form.cleaned_data['category'],
severity=incident_form.cleaned_data['severity'])
new_incident.save()
for key in handler_dict:
handler_id = handler_dict[key]
try:
handler = Handler.objects.get(pk=handler_id)
new_incident.incident_handler.add(handler)
except Handler.DoesNotExist:
messages.error(
request,
'Failed getting incident handler with ID: %s' %
(handler_id))
for key in contact_dict:
contact_id = contact_dict[key]
try:
contact = Contact.objects.get(pk=contact_id)
new_incident.contacts.add(contact)
except Contact.DoesNotExist:
messages.error(
request,
'Failed getting incident contact with ID: %s' %
(contact_id))
new_incident.save()
messages.info(request, "Incident successfully created!")
return HttpResponseRedirect(reverse("incidents:new"))
incident_form = IncidentForm(initial={'status': 1, 'category': 7})
contact_form = ContactForm()
handler_form = HandlerForm()
context['formset'] = incident_form
context['contact_form'] = contact_form
context['handler_form'] = handler_form
if hasattr(request.user.userextension, 'namespaces'):
context['usernamespace'] = request.user.userextension.namespaces.last(
).namespace.split(':')[0]
context['namespaceicon'] = get_icon_for_namespace(
request.user.userextension.namespaces.last().namespace)
else:
context['usernamespace'] = 'nospace'
context['namespaceicon'] = static('ns_icon/octalpus.png')
return render(request, 'kraut_incident/incident_new.html', context)
def get_namespace_icon(self, obj):
return get_icon_for_namespace(obj.namespace)
