fix scripts for nobile and pre attack attack pattern

This commit is contained in:
Deborah Servili 2018-05-19 13:09:30 +02:00
parent f6d7291e7a
commit d82a76c08f
6 changed files with 4001 additions and 4001 deletions

View file

@ -20,7 +20,7 @@
],
"external_id": "MOB-T1057",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:exploit-via-cellular-network"
"mitre-mobile-attack:mobile-attack:exploit-via-cellular-network"
],
"mitre_platforms": [
"Android",
@ -41,7 +41,7 @@
],
"external_id": "APP-1",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:general-network-based"
"mitre-mobile-attack:mobile-attack:general-network-based"
],
"mitre_platforms": [
"Android",
@ -63,7 +63,7 @@
],
"external_id": "EMM-5",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:defense-evasion"
"mitre-mobile-attack:mobile-attack:defense-evasion"
],
"mitre_platforms": [
"Android",
@ -82,7 +82,7 @@
],
"external_id": "MOB-T1022",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:discovery"
"mitre-mobile-attack:mobile-attack:discovery"
],
"mitre_platforms": [
"Android"
@ -101,7 +101,7 @@
],
"external_id": "MOB-T1051",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:effects"
"mitre-mobile-attack:mobile-attack:effects"
],
"mitre_platforms": [
"Android"
@ -121,7 +121,7 @@
],
"external_id": "ECO-1",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:cloud-based"
"mitre-mobile-attack:mobile-attack:cloud-based"
],
"mitre_platforms": [
"Android",
@ -141,8 +141,8 @@
],
"external_id": "APP-13",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:collection",
"mitre-mobile-attack:enterprise-attack:credential-access"
"mitre-mobile-attack:mobile-attack:collection",
"mitre-mobile-attack:mobile-attack:credential-access"
],
"mitre_platforms": [
"Android"
@ -162,7 +162,7 @@
],
"external_id": "PHY-2",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:lateral-movement"
"mitre-mobile-attack:mobile-attack:lateral-movement"
],
"mitre_platforms": [
"Android"
@ -180,7 +180,7 @@
],
"external_id": "MOB-T1019",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:credential-access"
"mitre-mobile-attack:mobile-attack:credential-access"
],
"mitre_platforms": [
"Android"
@ -202,7 +202,7 @@
],
"external_id": "AUT-10",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:credential-access"
"mitre-mobile-attack:mobile-attack:credential-access"
],
"mitre_platforms": [
"iOS"
@ -220,7 +220,7 @@
],
"external_id": "APP-32",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:lateral-movement"
"mitre-mobile-attack:mobile-attack:lateral-movement"
],
"mitre_platforms": [
"Android",
@ -241,8 +241,8 @@
],
"external_id": "APP-27",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:defense-evasion",
"mitre-mobile-attack:enterprise-attack:persistence"
"mitre-mobile-attack:mobile-attack:defense-evasion",
"mitre-mobile-attack:mobile-attack:persistence"
],
"mitre_platforms": [
"Android",
@ -262,7 +262,7 @@
],
"external_id": "MOB-T1029",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:discovery"
"mitre-mobile-attack:mobile-attack:discovery"
],
"mitre_platforms": [
"Android",
@ -280,7 +280,7 @@
],
"external_id": "MOB-T1026",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:discovery"
"mitre-mobile-attack:mobile-attack:discovery"
],
"mitre_platforms": [
"Android",
@ -299,7 +299,7 @@
],
"external_id": "APP-13",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:collection"
"mitre-mobile-attack:mobile-attack:collection"
],
"mitre_platforms": [
"Android",
@ -324,7 +324,7 @@
],
"external_id": "ECO-22",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:app-delivery-via-authorized-app-store"
"mitre-mobile-attack:mobile-attack:app-delivery-via-authorized-app-store"
],
"mitre_platforms": [
"Android",
@ -343,7 +343,7 @@
],
"external_id": "CEL-22",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:exploit-via-internet"
"mitre-mobile-attack:mobile-attack:exploit-via-internet"
],
"mitre_platforms": [
"Android",
@ -362,7 +362,7 @@
],
"external_id": "MOB-T1045",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:app-delivery-via-authorized-app-store"
"mitre-mobile-attack:mobile-attack:app-delivery-via-authorized-app-store"
],
"mitre_platforms": [
"Android",
@ -382,7 +382,7 @@
],
"external_id": "CEL-22",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:exploit-via-internet"
"mitre-mobile-attack:mobile-attack:exploit-via-internet"
],
"mitre_platforms": [
"Android",
@ -402,7 +402,7 @@
],
"external_id": "ECO-13",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:app-delivery-via-other-means"
"mitre-mobile-attack:mobile-attack:app-delivery-via-other-means"
],
"mitre_platforms": [
"Android",
@ -422,8 +422,8 @@
],
"external_id": "APP-29",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:command-and-control",
"mitre-mobile-attack:enterprise-attack:exfiltration"
"mitre-mobile-attack:mobile-attack:command-and-control",
"mitre-mobile-attack:mobile-attack:exfiltration"
],
"mitre_platforms": [
"Android",
@ -441,7 +441,7 @@
],
"external_id": "MOB-T1023",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:discovery"
"mitre-mobile-attack:mobile-attack:discovery"
],
"mitre_platforms": [
"Android"
@ -458,7 +458,7 @@
],
"external_id": "MOB-T1050",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:effects"
"mitre-mobile-attack:mobile-attack:effects"
],
"mitre_platforms": [
"Android"
@ -476,7 +476,7 @@
],
"external_id": "APP-19",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:collection"
"mitre-mobile-attack:mobile-attack:collection"
],
"mitre_platforms": [
"Android",
@ -494,7 +494,7 @@
],
"external_id": "MOB-T1076",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:supply-chain"
"mitre-mobile-attack:mobile-attack:supply-chain"
],
"mitre_platforms": [
"Android",
@ -517,7 +517,7 @@
],
"external_id": "APP-21",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:defense-evasion"
"mitre-mobile-attack:mobile-attack:defense-evasion"
],
"mitre_platforms": [
"Android",
@ -540,7 +540,7 @@
],
"external_id": "APP-31",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:credential-access"
"mitre-mobile-attack:mobile-attack:credential-access"
],
"mitre_platforms": [
"Android",
@ -562,7 +562,7 @@
],
"external_id": "STA-19",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:exploit-via-cellular-network"
"mitre-mobile-attack:mobile-attack:exploit-via-cellular-network"
],
"mitre_platforms": [
"Android",
@ -581,7 +581,7 @@
],
"external_id": "MOB-T1027",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:discovery"
"mitre-mobile-attack:mobile-attack:discovery"
],
"mitre_platforms": [
"Android"
@ -599,7 +599,7 @@
],
"external_id": "APP-22",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:persistence"
"mitre-mobile-attack:mobile-attack:persistence"
],
"mitre_platforms": [
"Android"
@ -618,7 +618,7 @@
],
"external_id": "ECO-21",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:app-delivery-via-other-means"
"mitre-mobile-attack:mobile-attack:app-delivery-via-other-means"
],
"mitre_platforms": [
"Android",
@ -636,8 +636,8 @@
],
"external_id": "MOB-T1015",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:collection",
"mitre-mobile-attack:enterprise-attack:credential-access"
"mitre-mobile-attack:mobile-attack:collection",
"mitre-mobile-attack:mobile-attack:credential-access"
],
"mitre_platforms": [
"Android",
@ -656,7 +656,7 @@
],
"external_id": "APP-28",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:effects"
"mitre-mobile-attack:mobile-attack:effects"
],
"mitre_platforms": [
"Android"
@ -675,7 +675,7 @@
],
"external_id": "ECO-23",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:app-delivery-via-other-means"
"mitre-mobile-attack:mobile-attack:app-delivery-via-other-means"
],
"mitre_platforms": [
"iOS"
@ -694,7 +694,7 @@
],
"external_id": "MOB-T1025",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:discovery"
"mitre-mobile-attack:mobile-attack:discovery"
],
"mitre_platforms": [
"Android"
@ -712,8 +712,8 @@
],
"external_id": "APP-30",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:command-and-control",
"mitre-mobile-attack:enterprise-attack:exfiltration"
"mitre-mobile-attack:mobile-attack:command-and-control",
"mitre-mobile-attack:mobile-attack:exfiltration"
],
"mitre_platforms": [
"Android",
@ -732,7 +732,7 @@
],
"external_id": "MOB-T1024",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:discovery"
"mitre-mobile-attack:mobile-attack:discovery"
],
"mitre_platforms": [
"Android"
@ -750,7 +750,7 @@
],
"external_id": "MOB-T1062",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:exploit-via-physical-access"
"mitre-mobile-attack:mobile-attack:exploit-via-physical-access"
],
"mitre_platforms": [
"Android",
@ -773,8 +773,8 @@
],
"external_id": "APP-27",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:credential-access",
"mitre-mobile-attack:enterprise-attack:privilege-escalation"
"mitre-mobile-attack:mobile-attack:credential-access",
"mitre-mobile-attack:mobile-attack:privilege-escalation"
],
"mitre_platforms": [
"Android"
@ -794,7 +794,7 @@
],
"external_id": "LPN-0",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:general-network-based"
"mitre-mobile-attack:mobile-attack:general-network-based"
],
"mitre_platforms": [
"Android",
@ -814,7 +814,7 @@
],
"external_id": "EMM-7",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:cloud-based"
"mitre-mobile-attack:mobile-attack:cloud-based"
],
"mitre_platforms": [
"Android",
@ -834,7 +834,7 @@
],
"external_id": "MOB-T1063",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:exploit-via-physical-access"
"mitre-mobile-attack:mobile-attack:exploit-via-physical-access"
],
"mitre_platforms": [
"Android",
@ -857,8 +857,8 @@
],
"external_id": "GPS-0",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:cellular-network-based",
"mitre-mobile-attack:enterprise-attack:general-network-based"
"mitre-mobile-attack:mobile-attack:cellular-network-based",
"mitre-mobile-attack:mobile-attack:general-network-based"
],
"mitre_platforms": [
"Android",
@ -877,8 +877,8 @@
],
"external_id": "APP-35",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:collection",
"mitre-mobile-attack:enterprise-attack:credential-access"
"mitre-mobile-attack:mobile-attack:collection",
"mitre-mobile-attack:mobile-attack:credential-access"
],
"mitre_platforms": [
"Android",
@ -897,7 +897,7 @@
],
"external_id": "APP-13",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:collection"
"mitre-mobile-attack:mobile-attack:collection"
],
"mitre_platforms": [
"Android",
@ -918,7 +918,7 @@
],
"external_id": "ECO-17",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:app-delivery-via-authorized-app-store"
"mitre-mobile-attack:mobile-attack:app-delivery-via-authorized-app-store"
],
"mitre_platforms": [
"Android",
@ -937,8 +937,8 @@
],
"external_id": "MOB-T1013",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:collection",
"mitre-mobile-attack:enterprise-attack:credential-access"
"mitre-mobile-attack:mobile-attack:collection",
"mitre-mobile-attack:mobile-attack:credential-access"
],
"mitre_platforms": [
"Android",
@ -957,8 +957,8 @@
],
"external_id": "AUT-0",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:collection",
"mitre-mobile-attack:enterprise-attack:credential-access"
"mitre-mobile-attack:mobile-attack:collection",
"mitre-mobile-attack:mobile-attack:credential-access"
],
"mitre_platforms": [
"Android",
@ -979,8 +979,8 @@
],
"external_id": "APP-27",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:defense-evasion",
"mitre-mobile-attack:enterprise-attack:persistence"
"mitre-mobile-attack:mobile-attack:defense-evasion",
"mitre-mobile-attack:mobile-attack:persistence"
],
"mitre_platforms": [
"Android"
@ -999,8 +999,8 @@
],
"external_id": "CEL-3",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:cellular-network-based",
"mitre-mobile-attack:enterprise-attack:general-network-based"
"mitre-mobile-attack:mobile-attack:cellular-network-based",
"mitre-mobile-attack:mobile-attack:general-network-based"
],
"mitre_platforms": [
"Android",
@ -1018,7 +1018,7 @@
],
"external_id": "MOB-T1075",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:effects"
"mitre-mobile-attack:mobile-attack:effects"
],
"mitre_platforms": [
"Android",
@ -1037,7 +1037,7 @@
],
"external_id": "MOB-T1005",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:persistence"
"mitre-mobile-attack:mobile-attack:persistence"
],
"mitre_platforms": [
"Android"
@ -1054,8 +1054,8 @@
],
"external_id": "MOB-T1039",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:command-and-control",
"mitre-mobile-attack:enterprise-attack:exfiltration"
"mitre-mobile-attack:mobile-attack:command-and-control",
"mitre-mobile-attack:mobile-attack:exfiltration"
],
"mitre_platforms": [
"Android",
@ -1073,7 +1073,7 @@
],
"external_id": "MOB-T1055",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:effects"
"mitre-mobile-attack:mobile-attack:effects"
],
"mitre_platforms": [
"Android",
@ -1092,7 +1092,7 @@
],
"external_id": "APP-13",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:collection"
"mitre-mobile-attack:mobile-attack:collection"
],
"mitre_platforms": [
"Android",
@ -1113,7 +1113,7 @@
],
"external_id": "EMM-7",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:cloud-based"
"mitre-mobile-attack:mobile-attack:cloud-based"
],
"mitre_platforms": [
"Android",
@ -1136,7 +1136,7 @@
],
"external_id": "CEL-37",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:cellular-network-based"
"mitre-mobile-attack:mobile-attack:cellular-network-based"
],
"mitre_platforms": [
"Android",
@ -1158,8 +1158,8 @@
],
"external_id": "APP-27",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:defense-evasion",
"mitre-mobile-attack:enterprise-attack:persistence"
"mitre-mobile-attack:mobile-attack:defense-evasion",
"mitre-mobile-attack:mobile-attack:persistence"
],
"mitre_platforms": [
"Android",
@ -1178,8 +1178,8 @@
],
"external_id": "MOB-T1056",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:collection",
"mitre-mobile-attack:enterprise-attack:credential-access"
"mitre-mobile-attack:mobile-attack:collection",
"mitre-mobile-attack:mobile-attack:credential-access"
],
"mitre_platforms": [
"Android"
@ -1198,7 +1198,7 @@
],
"external_id": "APP-6",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:supply-chain"
"mitre-mobile-attack:mobile-attack:supply-chain"
],
"mitre_platforms": [
"Android",
@ -1221,7 +1221,7 @@
],
"external_id": "APP-20",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:defense-evasion"
"mitre-mobile-attack:mobile-attack:defense-evasion"
],
"mitre_platforms": [
"Android",
@ -1244,7 +1244,7 @@
],
"external_id": "CEL-38",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:cellular-network-based"
"mitre-mobile-attack:mobile-attack:cellular-network-based"
],
"mitre_platforms": [
"Android",
@ -1263,8 +1263,8 @@
],
"external_id": "MOB-T1020",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:collection",
"mitre-mobile-attack:enterprise-attack:credential-access"
"mitre-mobile-attack:mobile-attack:collection",
"mitre-mobile-attack:mobile-attack:credential-access"
],
"mitre_platforms": [
"Android",
@ -1283,7 +1283,7 @@
],
"external_id": "APP-26",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:privilege-escalation"
"mitre-mobile-attack:mobile-attack:privilege-escalation"
],
"mitre_platforms": [
"Android",
@ -1304,7 +1304,7 @@
],
"external_id": "ECO-4",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:app-delivery-via-authorized-app-store"
"mitre-mobile-attack:mobile-attack:app-delivery-via-authorized-app-store"
],
"mitre_platforms": [
"Android"
@ -1322,7 +1322,7 @@
],
"external_id": "MOB-T1006",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:persistence"
"mitre-mobile-attack:mobile-attack:persistence"
],
"mitre_platforms": [
"Android"
@ -1341,8 +1341,8 @@
],
"external_id": "MOB-T1021",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:defense-evasion",
"mitre-mobile-attack:enterprise-attack:discovery"
"mitre-mobile-attack:mobile-attack:defense-evasion",
"mitre-mobile-attack:mobile-attack:discovery"
],
"mitre_platforms": [
"Android",
@ -1362,7 +1362,7 @@
],
"external_id": "MOB-T1064",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:exploit-via-physical-access"
"mitre-mobile-attack:mobile-attack:exploit-via-physical-access"
],
"mitre_platforms": [
"Android",
@ -1384,7 +1384,7 @@
],
"external_id": "STA-22",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:cellular-network-based"
"mitre-mobile-attack:mobile-attack:cellular-network-based"
],
"mitre_platforms": [
"Android",
@ -1403,7 +1403,7 @@
],
"external_id": "APP-24",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:collection"
"mitre-mobile-attack:mobile-attack:collection"
],
"mitre_platforms": [
"Android",
@ -1425,7 +1425,7 @@
],
"external_id": "PHY-1",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:exploit-via-physical-access"
"mitre-mobile-attack:mobile-attack:exploit-via-physical-access"
],
"mitre_platforms": [
"Android",
@ -1445,7 +1445,7 @@
],
"external_id": "APP-1",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:general-network-based"
"mitre-mobile-attack:mobile-attack:general-network-based"
],
"mitre_platforms": [
"Android",
@ -1465,7 +1465,7 @@
],
"external_id": "CEL-7",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:cellular-network-based"
"mitre-mobile-attack:mobile-attack:cellular-network-based"
],
"mitre_platforms": [
"Android",
@ -1485,8 +1485,8 @@
],
"external_id": "APP-14",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:app-delivery-via-authorized-app-store",
"mitre-mobile-attack:enterprise-attack:app-delivery-via-other-means"
"mitre-mobile-attack:mobile-attack:app-delivery-via-authorized-app-store",
"mitre-mobile-attack:mobile-attack:app-delivery-via-other-means"
],
"mitre_platforms": [
"Android",
@ -1506,7 +1506,7 @@
],
"external_id": "APP-28",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:effects"
"mitre-mobile-attack:mobile-attack:effects"
],
"mitre_platforms": [
"Android",
@ -1525,7 +1525,7 @@
],
"external_id": "MOB-T1065",
"kill_chain": [
"mitre-mobile-attack:enterprise-attack:supply-chain"
"mitre-mobile-attack:mobile-attack:supply-chain"
],
"mitre_platforms": [
"Android",

File diff suppressed because it is too large Load diff

View file

@ -32,7 +32,7 @@ for element in os.listdir('.'):
value['meta']['external_id'] = reference['external_id']
value['meta']['kill_chain'] = []
for killchain in temp['kill_chain_phases']:
value['meta']['kill_chain'].append(killchain['kill_chain_name'] + ':enterprise-attack:' + killchain['phase_name'])
value['meta']['kill_chain'].append(killchain['kill_chain_name'] + ':mobile-attack:' + killchain['phase_name'])
if 'x_mitre_data_sources' in temp:
value['meta']['mitre_data_sources'] = temp['x_mitre_data_sources']
if 'x_mitre_platforms' in temp:

View file

@ -32,7 +32,7 @@ for element in os.listdir('.'):
value['meta']['external_id'] = reference['external_id']
value['meta']['kill_chain'] = []
for killchain in temp['kill_chain_phases']:
value['meta']['kill_chain'].append(killchain['kill_chain_name'] + ':enterprise-attack:' + killchain['phase_name'])
value['meta']['kill_chain'].append(killchain['kill_chain_name'] + ':pre-attack:' + killchain['phase_name'])
if 'x_mitre_data_sources' in temp:
value['meta']['mitre_data_sources'] = temp['x_mitre_data_sources']
if 'x_mitre_platforms' in temp: