def test_instertBlockBetweenPatiallySuccessfulActions(render=True):
# Prep
root = Root("Start")
goal = Goal("Finish")
a = root.add(Action(label="A", pSuccess=80))
b = a.action("B")
c = b.action("C")
c.connectTo(goal)
# a has an 80percent chance of working.
# lets add a blocker that's 20% effective
block = Block(label="Test Block", implemented=True, cost=5000, pDefend=50)
# The tested function
block.insertBetween(a, b)
assert (len(a.edges) == 1)
assert (a.edges[0].childNode == block)
assert (len(block.edges) == 1)
assert (block.edges[0].childNode == b)
# The tested function:
if render:
Renderer().render(root=root,
fname=inspect.currentframe().f_code.co_name)
def test_insertBlockBetween_100perecent(render=False):
# Prep
root = Root("Start")
goal = Goal("Finish")
a = root.action("A")
b = a.action("B")
c = b.action("C")
c.connectTo(goal)
#Before
assert (len(b.edges) == 1)
# Create a second block with a pSuccess of 100
block = Block(label="Test Block", implemented=True, cost=5000, pDefend=100)
# The tested function
block.insertBetween(b, c)
# After
assert (
len(b.edges) == 1
) # As the block has 100% chance of working, c should be unreachable
assert (b.edges[0].childNode == block)
if render:
Renderer().render(root=root,
fname=inspect.currentframe().f_code.co_name)
def test_insertBetween_50perecent(render=False):
# Prep
root = Root("Start")
goal = Goal("Finish")
a = root.action("A")
b = a.action("B")
c = b.action("C")
c.connectTo(goal)
# Verify prep
assert (len(a.edges) == 1)
assert (a.edges[0].childNode == b)
# Create a block
block = Block(label="Test Block", implemented=True, cost=5000, pDefend=50)
# The tested function
block.insertBetween(a, b)
# After
assert (len(a.edges) == 1)
assert (len(block.edges) == 1)
assert (a.edges[0].childNode.edges[0].childNode == b)
if render:
Renderer().render(root=root,
fname=inspect.currentframe().f_code.co_name)
def test_pathEvaluationWithBlock(render=True):
root = Root("Root")
goal = Goal("Goal")
brain = Brain()
a = root.add(Action("A",pSuccess=100, cost=500))
b = a.add(Action("b",pSuccess=70, cost=500))
b.add(goal)
paths = []
_ = brain.pathsToVictory(root, paths)
assert(len(paths)==1)
res = brain.evaluatePath(paths[0])
# Check results are correct before we add a block
assert(res['attackCost']==1000)
assert(res['pSuccess']==70)
assert(a.pSuccess==100)
block = Block(label="FIREWALL",implemented=True,cost=0,pDefend=50)
block.insertBetween(a,b)
paths = []
_ = brain.pathsToVictory(root, paths)
res = brain.evaluatePath(paths[0])
print(res)
assert(res['attackCost']==1000)
assert(res['pSuccess']==35)
if render:
Renderer().render(
root=root,
fname=inspect.currentframe().f_code.co_name
)
with Renderer(root="Reality", goal="Attacker gets data from bucket") as graph:
apiCache = Action(
label="Search API Caches",
chain="recon",
cost=0,
time=3,
objective="Discover bucket paths",
pSuccess=1.0,
)
siteMapsDisabled = Block(
label="Sitemaps disabled",
cost=0,
description="Ensure sitemaps are disabled",
complexity=1,
implemented=False,
pDefend=1.0,
)
awsPublicBucketSearch = Action(
label="AWS Public Bucket Search",
chain="recon",
cost=200,
time=1,
objective="Discover bucket paths",
pSuccess=1.0,
)
s3urls = Discovery(
label="S3 Urls",
from attacktree.models import Action, Block, Detect, Discovery, Edge
from attacktree.renderer import Renderer
with Renderer(root="Internet", goal="Launch Containers") as graph:
breakApplication = Action(label="RCE in application")
graph.root.add(breakApplication)
patch = Block(label="Keep containers up to date", implemented=True)
breakApplication.add(patch)
executeSiloScape = Action(label="Execute Siloscape")
breakApplication.add(executeSiloScape)
systemPrivileges = Discovery(label="Privileged Access")
executeSiloScape.add(systemPrivileges)
symLinkDrive = Action(label="SymLink root volume")
systemPrivileges.add(symLinkDrive)
kubeConfig = Action(label="Find Kubernetes creds on disk")
symLinkDrive.add(kubeConfig)
deployMalicious = Action(label="Deploy malicious containers")
kubeConfig.add(deployMalicious)
runWindowsContainersWithLowPrivilege = Block(
label="Windows containers have low privilege", implemented=False)
deployMalicious.add(runWindowsContainersWithLowPrivilege)
deployMalicious.add(graph.goal)