From b011ddee5bc589b2d84cc562717dea539ed1aacd Mon Sep 17 00:00:00 2001
From: Christophe Vandeplas <christophe@vandeplas.com>
Date: Tue, 13 Sep 2022 22:12:51 +0200
Subject: [PATCH] fix: [360net] fixes null entries in lists

---
 clusters/360net.json | 46 +++++++++++++++-----------------------------
 tools/gen_360net.py  | 13 ++++++++-----
 2 files changed, 24 insertions(+), 35 deletions(-)

diff --git a/clusters/360net.json b/clusters/360net.json
index 506c067..95e45ec 100644
--- a/clusters/360net.json
+++ b/clusters/360net.json
@@ -14,8 +14,8 @@
       "meta": {
         "country": "america",
         "refs": [
-          "https://apt.360.net/report/apts/96.html",
-          "https://apt.360.net/report/apts/12.html"
+          "https://apt.360.net/report/apts/12.html",
+          "https://apt.360.net/report/apts/96.html"
         ],
         "suspected-victims": [
           "中国"
@@ -38,9 +38,9 @@
       "meta": {
         "country": "vietnam",
         "refs": [
+          "https://apt.360.net/report/apts/94.html",
           "https://apt.360.net/report/apts/1.html",
-          "https://apt.360.net/report/apts/93.html",
-          "https://apt.360.net/report/apts/94.html"
+          "https://apt.360.net/report/apts/93.html"
         ],
         "suspected-victims": [
           "中国",
@@ -88,9 +88,9 @@
       "meta": {
         "country": "mideast",
         "refs": [
+          "https://apt.360.net/report/apts/26.html",
           "https://apt.360.net/report/apts/100.html",
-          "https://apt.360.net/report/apts/98.html",
-          "https://apt.360.net/report/apts/26.html"
+          "https://apt.360.net/report/apts/98.html"
         ],
         "suspected-victims": [
           "叙利亚"
@@ -110,8 +110,8 @@
         "country": "korea",
         "refs": [
           "https://apt.360.net/report/apts/9.html",
-          "https://apt.360.net/report/apts/101.html",
-          "https://apt.360.net/report/apts/90.html"
+          "https://apt.360.net/report/apts/90.html",
+          "https://apt.360.net/report/apts/101.html"
         ],
         "suspected-victims": [
           "中国",
@@ -139,9 +139,7 @@
         "refs": [
           "https://apt.360.net/report/apts/11.html"
         ],
-        "suspected-victims": [],
-        "synonyms": [],
-        "target-category": []
+        "synonyms": []
       },
       "uuid": "03e70e52-ec27-5961-bb53-d4c8c737addc",
       "value": "黄金雕 - APT-C-34"
@@ -153,9 +151,7 @@
         "refs": [
           "https://apt.360.net/report/apts/83.html"
         ],
-        "suspected-victims": [],
-        "synonyms": [],
-        "target-category": []
+        "synonyms": []
       },
       "uuid": "c111ae65-f889-56b0-b266-f54342977da5",
       "value": "盲眼鹰 - APT-C-36"
@@ -310,7 +306,6 @@
         "target-category": [
           "政府",
           "航空航天、教育",
-          null,
           "军事"
         ]
       },
@@ -408,8 +403,8 @@
       "meta": {
         "country": "russia",
         "refs": [
-          "https://apt.360.net/report/apts/87.html",
-          "https://apt.360.net/report/apts/69.html"
+          "https://apt.360.net/report/apts/69.html",
+          "https://apt.360.net/report/apts/87.html"
         ],
         "suspected-victims": [
           "欧美国家",
@@ -783,9 +778,7 @@
       "meta": {
         "country": "Israel",
         "refs": [],
-        "suspected-victims": [],
-        "synonyms": [],
-        "target-category": []
+        "synonyms": []
       },
       "uuid": "bf77827a-e0f1-504f-815c-4bccfe72b644",
       "value": "SandCat - APT-C-32"
@@ -838,11 +831,9 @@
         "refs": [
           "https://apt.360.net/report/apts/159.html"
         ],
-        "suspected-victims": null,
         "synonyms": [
           "Machete"
-        ],
-        "target-category": null
+        ]
       },
       "uuid": "d0b9840d-efe2-5200-89d1-2f1a37737e30",
       "value": "Machete - APT-C-43"
@@ -852,9 +843,7 @@
       "meta": {
         "country": "russia",
         "refs": [],
-        "suspected-victims": [],
-        "synonyms": [],
-        "target-category": []
+        "synonyms": []
       },
       "uuid": "ca52d879-f02b-531e-89ff-817ffc23ce35",
       "value": "Gamaredon - APT-C-53"
@@ -866,9 +855,7 @@
         "refs": [
           "https://apt.360.net/report/apts/157.html"
         ],
-        "suspected-victims": null,
-        "synonyms": [],
-        "target-category": null
+        "synonyms": []
       },
       "uuid": "367bfb72-da65-5886-a333-389299470722",
       "value": "北非狐 - APT-C-44"
@@ -880,7 +867,6 @@
         "refs": [
           "https://apt.360.net/report/apts/136.html"
         ],
-        "suspected-victims": null,
         "synonyms": [],
         "target-category": [
           "IT通信行业"
diff --git a/tools/gen_360net.py b/tools/gen_360net.py
index b2c3eec..9633516 100755
--- a/tools/gen_360net.py
+++ b/tools/gen_360net.py
@@ -41,7 +41,7 @@ for actor in list_data['data']['list']:
     for ref in actor['recommends']:
         refs.append(ref['url'])
     refs = list(set(refs))
-    clusters.append({
+    cluster = {
         'value': f"{actor['name']} - {actor['code']}",
         'description': actor['description'],
         'uuid': str(uuid.uuid5(uuid.UUID("9319371e-2504-4128-8410-3741cebbcfd3"), actor['code'])),
@@ -49,11 +49,14 @@ for actor in list_data['data']['list']:
             'synonyms': actor['alias'],
             'country': country_code,
             'refs': refs,
-            'target-category': actor['attack_industry'],
-            'suspected-victims': actor['attack_region'],
-            # LATER find a way to convert attack-method to MITRE ATT&CK
         }
-    })
+    }
+    if actor['attack_industry']:
+        cluster['meta']['target-category'] = [i for i in actor['attack_industry'] if i]
+    if actor['attack_region']:
+        cluster['meta']['suspected-victims'] = [i for i in actor['attack_region'] if i]
+    # LATER find a way to convert attack-method to MITRE ATT&CK
+    clusters.append(cluster)
 
 json_galaxy = {
     'icon': "user-secret",