def test_memory_store_save_load_file(mem_store): filename = 'memory_test/mem_store.json' mem_store.save_to_file(filename) contents = open(os.path.abspath(filename)).read() assert '"id": "indicator--d81f86b9-975b-bc0b-775e-810c5ad45a4f",' in contents assert '"id": "indicator--d81f86b8-975b-bc0b-775e-810c5ad45a4f",' in contents mem_store2 = MemoryStore() mem_store2.load_from_file(filename) assert mem_store2.get("indicator--d81f86b8-975b-bc0b-775e-810c5ad45a4f") assert mem_store2.get("indicator--d81f86b9-975b-bc0b-775e-810c5ad45a4f") shutil.rmtree(os.path.dirname(filename))
def test_memory_store_save_load_file_no_name_provided(fs_mem_store_no_name): filename = fs_mem_store_no_name # the fixture fs_mem_store yields filename where the memory store was written to # STIX2 contents of mem_store have already been written to file # (this is done in fixture 'fs_mem_store'), so can already read-in here contents = open(os.path.abspath(filename)).read() assert '"id": "indicator--00000000-0000-4000-8000-000000000001",' in contents assert '"id": "indicator--00000000-0000-4000-8000-000000000001",' in contents mem_store2 = MemoryStore() mem_store2.load_from_file(filename) assert mem_store2.get("indicator--00000000-0000-4000-8000-000000000001") assert mem_store2.get("indicator--00000000-0000-4000-8000-000000000001")
def test_memory_store_save_load_file(mem_store, fs_mem_store): filename = fs_mem_store # the fixture fs_mem_store yields filename where the memory store was written to # STIX2 contents of mem_store have already been written to file # (this is done in fixture 'fs_mem_store'), so can already read-in here contents = open(os.path.abspath(filename)).read() assert '"id": "indicator--d81f86b9-975b-bc0b-775e-810c5ad45a4f",' in contents assert '"id": "indicator--d81f86b8-975b-bc0b-775e-810c5ad45a4f",' in contents mem_store2 = MemoryStore() mem_store2.load_from_file(filename) assert mem_store2.get("indicator--d81f86b8-975b-bc0b-775e-810c5ad45a4f") assert mem_store2.get("indicator--d81f86b9-975b-bc0b-775e-810c5ad45a4f")
def __init__(self, source='taxii', local=None): """ Initialization - Creates a matrix generator object :param server: Source to utilize (taxii or local) :param local: string path to local cache of stix data """ self.convert_data = {} if source.lower() not in ['taxii', 'local']: print( '[MatrixGen] - Unable to generate matrix, source {} is not one of "taxii" or "local"' .format(source)) raise ValueError if source.lower() == 'taxii': self.server = Server('https://cti-taxii.mitre.org/taxii') self.api_root = self.server.api_roots[0] self.collections = dict() for collection in self.api_root.collections: if collection.title != "PRE-ATT&CK": tc = Collection( 'https://cti-taxii.mitre.org/stix/collections/' + collection.id) self.collections[collection.title.split(' ') [0].lower()] = TAXIICollectionSource(tc) elif source.lower() == 'local': if local is not None: hd = MemoryStore() if 'mobile' in local.lower(): self.collections['mobile'] = hd.load_from_file(local) else: self.collections['enterprise'] = hd.load_from_file(local) else: print( '[MatrixGen] - "local" source specified, but path to local source not provided' ) raise ValueError self.matrix = {} self._build_matrix()
def load(url): """Load stix data from file""" src = MemoryStore() src.load_from_file(url) return src
def __init__(self, source='taxii', resource=None): """ Initialization - Creates a matrix generator object :param source: Source to utilize (taxii, remote, or local) :param resource: string path to local cache of stix data (local) or url of an ATT&CK Workbench (remote) """ self.convert_data = {} self.collections = dict() if source.lower() not in ['taxii', 'local', 'remote']: print( '[MatrixGen] - Unable to generate matrix, source {} is not one of "taxii", "remote" or ' '"local"'.format(source)) raise ValueError if source.lower() == 'taxii': self.server = Server('https://cti-taxii.mitre.org/taxii') self.api_root = self.server.api_roots[0] for collection in self.api_root.collections: if collection.title != "PRE-ATT&CK": tc = Collection( 'https://cti-taxii.mitre.org/stix/collections/' + collection.id) self.collections[collection.title.split(' ') [0].lower()] = TAXIICollectionSource(tc) elif source.lower() == 'local': if resource is not None: hd = MemoryStore() hd.load_from_file(resource) if 'mobile' in resource.lower(): self.collections['mobile'] = hd else: self.collections['enterprise'] = hd else: print( '[MatrixGen] - "local" source specified, but path to local source not provided' ) raise ValueError elif source.lower() == 'remote': if resource is not None: if ':' not in resource[6:]: print( '[MatrixGen] - "remote" source missing port; assuming ":3000"' ) resource += ":3000" if not resource.startswith('http'): resource = 'http://' + resource for dataset in ['enterprise', 'mobile']: hd = MemoryStore() response = requests.get( f"{resource}/api/stix-bundles?domain={dataset}-" f"attack&includeRevoked=true&includeDeprecated=true") response.raise_for_status( ) # ensure we notice bad responses _add(hd, json.loads(response.text), True, None) self.collections[dataset] = hd else: print( f'[MatrixGen] - WARNING: "remote" selected without providing a "resource" url. The use of ' f'"remote" requires the inclusion of a "resource" url to an ATT&CK Workbench instance. No matrix ' f'will be generated...') self.matrix = {} self._build_matrix()
def load_dir(dir, new=False): data_store = MemoryStore() datafile = os.path.join(dir, domain + ".json") data_store.load_from_file(datafile) parse_subtechniques(data_store, new) return load_datastore(data_store)
def load_dir(dir): data_store = MemoryStore() datafile = os.path.join(dir, domain + ".json") data_store.load_from_file(datafile) return load_datastore(data_store)