def create_markdown_dirs(): config = ATCutils.load_config('config.yml') base_dir = Path( config.get('md_name_of_root_directory', '../Atomic_Threat_Coverage')) target_dir_list = [ 'Detection_Rules', 'Logging_Policies', 'Data_Needed', 'Triggers', 'Response_Actions', 'Response_Playbooks', 'Enrichments', 'Customers' ] for item in target_dir_list: (base_dir / item).mkdir(parents=True, exist_ok=True)
from enrichment import Enrichment from responseaction import ResponseAction from responseplaybook import ResponsePlaybook from customer import Customer from attack_mapping import te_mapping # , ta_mapping # Import ATC Utils from atcutils import ATCutils # Others import glob import sys import traceback import os ATCconfig = ATCutils.load_config("config.yml") class PopulateConfluence: """Desc""" def __init__(self, auth, lp=False, dn=False, dr=False, en=False, tg=False, ra=False, rp=False, cu=False, ms=False,
#!/usr/bin/env python3 from atcutils import ATCutils from attack_mapping import te_mapping, ta_mapping from jinja2 import Environment, FileSystemLoader import os import subprocess import re # ########################################################################### # # ########################### Detection Rule ################################ # # ########################################################################### # ATCconfig = ATCutils.load_config('config.yml') class DetectionRule: """Class for the Detection Rule entity""" def __init__(self, yaml_file, apipath=None, auth=None, space=None): """Init method""" # Init vars self.yaml_file = yaml_file # The name of the directory containing future markdown DetectionRules self.parent_title = "Detection_Rules" self.apipath = apipath self.auth = auth
dr=args.detectionrule, tg=args.triggers, en=args.enrichment, ra=args.responseactions, rp=args.responseplaybook, rs=args.responsestage, cu=args.customers, hp=args.hardeningpolicy, init=args.init) elif args.react_stix: GenerateSTIX() elif args.react_navigator: GenerateNavigator() elif args.visualisations: ATCconfig = ATCutils.load_config("config.yml") ATCconfig_default = ATCutils.load_config("config.default.yml") if not args.vis_output_dir: analytics_generated = ATCconfig.get( "exported_analytics_directory", ATCconfig_default.get("exported_analytics_directory")) analytics_generated = analytics_generated if \ analytics_generated[-1] == "/" else analytics_generated + "/" output_path = analytics_generated + "visualizations/" if not args.vis_output_file_name: output_name = ''.join( random.choices(string.ascii_uppercase + string.ascii_lowercase + string.digits, k=20)) # output_name += ".json"
def main(c_auth=None): try: ATCconfig = ATCutils.load_config("config.yml") confluence_space_name = ATCconfig.get('confluence_space_name') confluence_space_home_page_name = ATCconfig.get( 'confluence_space_home_page_name') confluence_rest_api_url = ATCconfig.get('confluence_rest_api_url') confluence_name_of_root_directory = ATCconfig.get( 'confluence_name_of_root_directory') except Exception as e: raise e pass if not c_auth: mail = input("Login: "******"" print("Creating ATC page..") # print(str(ATCutils.confluence_get_page_id(url, # auth, confluence_space_name, confluence_space_home_page_name))) data = { "title": confluence_name_of_root_directory, "spacekey": confluence_space_name, "parentid": str( ATCutils.confluence_get_page_id(url, auth, confluence_space_name, confluence_space_home_page_name)), "confluencecontent": content, } # print(push_to_confluence(data, url, auth)) if not ATCutils.push_to_confluence(data, url, auth): raise Exception("Could not create or update the page. " + "Is the parent name correct?") spaces = [ "Detection Rules", "Logging Policies", "Data Needed", "Triggers", "Response Actions", "Response Playbooks", "Enrichments", "Customers", "Mitigation Systems", "Mitigation Policies", "Hardening Policies" ] for space in spaces: print("Creating %s.." % space) data = { "title": space, "spacekey": confluence_space_name, "parentid": str( ATCutils.confluence_get_page_id( url, auth, confluence_space_name, confluence_name_of_root_directory)), "confluencecontent": content, } # print(push_to_confluence(data, url, auth)) if not ATCutils.push_to_confluence(data, url, auth): raise Exception("Could not create or update the page. " + "Is the parent name correct?") print("Done!") return True