mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
new: [mkdocs] basic generator for the mkdocs-material website for all the MISP galaxy
Work-in-progress
This commit is contained in:
parent
919bfbce8b
commit
03db961dd8
2 changed files with 63 additions and 0 deletions
60
tools/mkdocs/generator.py
Normal file
60
tools/mkdocs/generator.py
Normal file
|
@ -0,0 +1,60 @@
|
||||||
|
#!/usr/bin/python
|
||||||
|
|
||||||
|
import json
|
||||||
|
import os
|
||||||
|
|
||||||
|
pathClusters = '../../clusters'
|
||||||
|
pathSite = './site/docs'
|
||||||
|
|
||||||
|
galaxies_fnames = []
|
||||||
|
files_to_ignore = [] # if you want to skip a specific cluster in the generation
|
||||||
|
|
||||||
|
for f in os.listdir(pathClusters):
|
||||||
|
if '.json' in f and f not in files_to_ignore:
|
||||||
|
galaxies_fnames.append(f)
|
||||||
|
|
||||||
|
galaxies_fnames.sort()
|
||||||
|
|
||||||
|
index_output = ""
|
||||||
|
index_output += """
|
||||||
|
# MISP Galaxy
|
||||||
|
|
||||||
|
The MISP galaxy offers a streamlined approach for representing large entities, known as clusters, which can be linked to MISP events or attributes. Each cluster consists of one or more elements, represented as key-value pairs. MISP galaxy comes with a default knowledge base, encompassing areas like Threat Actors, Tools, Ransomware, and ATT&CK matrices. However, users have the flexibility to modify, update, replace, or share these elements according to their needs.
|
||||||
|
|
||||||
|
Clusters and vocabularies within MISP galaxy can be utilized in their original form or as a foundational knowledge base. The distribution settings for each cluster can be adjusted, allowing for either restricted or wide dissemination.
|
||||||
|
|
||||||
|
Additionally, MISP galaxies enable the representation of existing standards like the MITRE ATT&CK™ framework, as well as custom matrices.
|
||||||
|
|
||||||
|
The aim is to provide a core set of clusters for organizations embarking on analysis, which can be further tailored to include localized, private information or additional, shareable data.
|
||||||
|
|
||||||
|
Clusters serve as an open and freely accessible knowledge base, which can be utilized and expanded within [MISP](https://www.misp-project.org/) or other threat intelligence platforms.
|
||||||
|
|
||||||
|
## Publicly available clusters
|
||||||
|
|
||||||
|
"""
|
||||||
|
|
||||||
|
galaxy_output = {}
|
||||||
|
|
||||||
|
for f in galaxies_fnames:
|
||||||
|
with open(os.path.join(pathClusters, f)) as fr:
|
||||||
|
cluster = json.load(fr)
|
||||||
|
cluster_filename = f.split('.')[0]
|
||||||
|
index_output += f'- [{cluster["name"]}](./{cluster_filename}/index.md)\n'
|
||||||
|
galaxy_output[cluster_filename] = ""
|
||||||
|
galaxy_output[cluster_filename] += f'# {cluster["name"]}\n'
|
||||||
|
galaxy_output[cluster_filename] += f'{cluster["description"]}\n'
|
||||||
|
for value in cluster["values"]:
|
||||||
|
galaxy_output[cluster_filename] += f'## {value["value"]}\n'
|
||||||
|
if 'description' in value:
|
||||||
|
galaxy_output[cluster_filename] += f'{value["description"]}\n'
|
||||||
|
|
||||||
|
with open(os.path.join(pathSite, 'index.md'), "w") as index:
|
||||||
|
index.write(index_output)
|
||||||
|
|
||||||
|
for f in galaxies_fnames:
|
||||||
|
cluster_filename = f.split('.')[0]
|
||||||
|
pathSiteCluster = os.path.join(pathSite, cluster_filename)
|
||||||
|
if not os.path.exists(pathSiteCluster):
|
||||||
|
os.mkdir(pathSiteCluster)
|
||||||
|
with open(os.path.join(pathSiteCluster, 'index.md'), "w") as index:
|
||||||
|
index.write(galaxy_output[cluster_filename])
|
3
tools/mkdocs/site/mkdocs.yml
Normal file
3
tools/mkdocs/site/mkdocs.yml
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
site_name: MISP galaxy
|
||||||
|
theme:
|
||||||
|
name: material
|
Loading…
Reference in a new issue