def response_stage(self, rs_path):
"""Populate Response Actions"""
print("[*] Populating Response Actions..")
if rs_path:
rs_list = glob.glob(rs_path + '*.yml')
else:
rs_dir = ATCconfig.get('response_stages_dir')
rs_list = glob.glob(rs_dir + '/*.yml')
for rs_file in rs_list:
try:
rs = ResponseStage(rs_file)
rs.render_template("markdown")
rs.save_markdown_file(atc_dir=self.atc_dir)
except Exception as e:
print(rs_file + " failed\n\n%s\n\n" % e)
print("Err message: %s" % e)
print('-' * 60)
traceback.print_exc(file=sys.stdout)
print('-' * 60)
template = env.get_template('markdown_responsestage_main_template.j2')
rss, rs_paths = ATCutils.load_yamls_with_paths(
ATCconfig.get('response_stages_dir'))
rs_filenames = [
_rs_path.split('/')[-1].replace('.yml', '')
for _rs_path in rs_paths
]
rss_dict = {}
rss_list = []
for i in range(len(rss)):
rs_title = rss[i].get('title')
rs_id = rss[i].get('id')
rs_description = rss[i].get('description')
rss_list.append((rs_id, rs_title, rs_description))
rss_dict.update({'rss_list': sorted(rss_list)})
content = template.render(rss_dict)
ATCutils.write_file('docs/responsestages.md', content)
print("[+] Response Stages populated!")
def save_markdown_file(self, atc_dir='../Atomic_Threat_Coverage/'):
"""Write content (md template filled with data) to a file"""
base = os.path.basename(self.yaml_file)
title = os.path.splitext(base)[0]
file_path = atc_dir + self.parent_title + "/" + \
title + ".md"
return ATCutils.write_file(file_path, self.content)
def save_markdown_file(self, atc_dir=ATCconfig.get('md_name_of_root_directory') + '/'):
"""Write content (md template filled with data) to a file"""
base = os.path.basename(self.yaml_file)
title = os.path.splitext(base)[0]
file_path = atc_dir + self.parent_title + "/" + \
title + ".md"
# Should return True
return ATCutils.write_file(file_path, self.content)
def __init__(self,
ra=False,
rp=False,
rs=False,
auto=False,
ra_path=False,
rp_path=False,
rs_path=False,
atc_dir=False,
init=False):
"""Init"""
# Check if atc_dir provided
if atc_dir:
self.atc_dir = atc_dir
else:
self.atc_dir = ATCconfig.get('md_name_of_root_directory') + '/'
# Main logic
if auto:
self.response_action(ra_path)
self.response_playbook(rp_path)
self.response_stage(rs_path)
if ra:
self.response_action(ra_path)
if rp:
self.response_playbook(rp_path)
if rs:
self.response_stage(rs_path)
if ra_path:
ras, ra_paths = ATCutils.load_yamls_with_paths(ra_path)
else:
ras, ra_paths = ATCutils.load_yamls_with_paths(
ATCconfig.get('response_actions_dir'))
if rp_path:
rps, rp_paths = ATCutils.load_yamls_with_paths(rp_path)
else:
rps, rp_paths = ATCutils.load_yamls_with_paths(
ATCconfig.get('response_playbooks_dir'))
if rs_path:
rss, rs_paths = ATCutils.load_yamls_with_paths(rs_path)
else:
rss, rs_paths = ATCutils.load_yamls_with_paths(
ATCconfig.get('response_stages_dir'))
ra_filenames = [
ra_path.split('/')[-1].replace('.yml', '') for ra_path in ra_paths
]
rp_filenames = [
rp_path.split('/')[-1].replace('.yml', '') for rp_path in rp_paths
]
rs_filenames = [
rs_path.split('/')[-1].replace('.yml', '') for rs_path in rs_paths
]
# Point to the templates directory
env = Environment(loader=FileSystemLoader('scripts/templates'))
# Get proper template
template = env.get_template('mkdocs_config_template.md.j2')
preparation = []
identification = []
containment = []
eradication = []
recovery = []
lessons_learned = []
detect = []
deny = []
disrupt = []
degrade = []
deceive = []
destroy = []
deter = []
stages = [('preparation', preparation),
('identification', identification),
('containment', containment), ('eradication', eradication),
('recovery', recovery), ('lessons_learned', lessons_learned),
('detect', detect), ('deny', deny), ('disrupt', disrupt),
('degrade', degrade), ('deceive', deceive),
('destroy', destroy), ('deter', deter)]
playbooks = []
data_to_render = {}
for i in range(len(ras)):
ra_updated_title = ras[i].get('id')\
+ ": "\
+ ATCutils.normalize_react_title(ras[i].get('title'))
if "RA1" in ras[i]['id']:
preparation.append((ra_updated_title, ra_filenames[i]))
elif "RA2" in ras[i]['id']:
identification.append((ra_updated_title, ra_filenames[i]))
elif "RA3" in ras[i]['id']:
containment.append((ra_updated_title, ra_filenames[i]))
elif "RA4" in ras[i]['id']:
eradication.append((ra_updated_title, ra_filenames[i]))
elif "RA5" in ras[i]['id']:
recovery.append((ra_updated_title, ra_filenames[i]))
elif "RA6" in ras[i]['id']:
lessons_learned.append((ra_updated_title, ra_filenames[i]))
stages = [(stage_name.replace('_',
' ').capitalize(), sorted(stage_list))
for stage_name, stage_list in stages]
for i in range(len(rps)):
rp_updated_title = rps[i].get('id')\
+ ": "\
+ ATCutils.normalize_react_title(rps[i].get('title'))
playbooks.append((rp_updated_title, rp_filenames[i]))
rs_list = []
for i in range(len(rss)):
rs_title = rss[i].get('title')
rs_id = rss[i].get('id')
rs_list.append((rs_title, rs_id))
data_to_render.update({'stages': stages})
data_to_render.update({'playbooks': sorted(playbooks)})
data_to_render.update({'rs_list': rs_list})
content = template.render(data_to_render)
try:
ATCutils.write_file('mkdocs.yml', content)
print("[+] Created mkdocs.yml")
except:
print("[-] Failed to create mkdocs.yml")
def __init__(self, dn_path=False, lp_path=False,
en_path=False, atc_dir=False, init=False):
"""Init"""
# Check if atc_dir provided
if atc_dir:
self.atc_dir = atc_dir
else:
self.atc_dir = ATCconfig.get('md_name_of_root_directory') + '/'
# Main logic
if dn_path:
dns, dn_paths = ATCutils.load_yamls_with_paths(dn_path)
else:
dns, dn_paths = ATCutils.load_yamls_with_paths(ATCconfig.get('data_needed_dir'))
if lp_path:
lps, lp_paths = ATCutils.load_yamls_with_paths(lp_path)
else:
lps, lp_paths = ATCutils.load_yamls_with_paths(ATCconfig.get('logging_policies_dir'))
if en_path:
ens, en_paths = ATCutils.load_yamls_with_paths(en_path)
else:
ens, en_paths = ATCutils.load_yamls_with_paths(ATCconfig.get('enrichments_dir'))
dn_filenames = [dn_path.split('/')[-1].replace('.yml', '') for dn_path in dn_paths]
lp_filenames = [lp_path.split('/')[-1].replace('.yml', '') for lp_path in lp_paths]
en_filenames = [en_path.split('/')[-1].replace('.yml', '') for en_path in en_paths]
# Point to the templates directory
env = Environment(loader=FileSystemLoader('scripts/templates'))
# Get proper template
template = env.get_template(
'mkdocs_config_template.yml.j2'
)
data_to_render = {}
data_needed_list = []
for i in range(len(dns)):
dn_updated_title = dns[i].get('title')
data_needed_list.append((dn_updated_title, dn_filenames[i]))
logging_policy_list = []
for i in range(len(lps)):
rp_updated_title = lps[i].get('title')
logging_policy_list.append((rp_updated_title, lp_filenames[i]))
enrichment_list = []
for i in range(len(ens)):
en_updated_title = ens[i].get('title')
enrichment_list.append((en_updated_title, en_filenames[i]))
data_to_render.update({'data_needed_list': sorted(data_needed_list)})
data_to_render.update({'logging_policy_list': sorted(logging_policy_list)})
data_to_render.update({'enrichment_list': sorted(enrichment_list)})
content = template.render(data_to_render)
try:
ATCutils.write_file('mkdocs.yml', content)
print("[+] Created mkdocs.yml")
except:
print("[-] Failed to create mkdocs.yml")