mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
chg: [galaxy] added AMITT galaxy/cluster generator script
This commit is contained in:
parent
a0357c735e
commit
e4998efec9
3 changed files with 235 additions and 64 deletions
|
@ -3,11 +3,11 @@
|
|||
"misinfosecproject"
|
||||
],
|
||||
"category": "misinformation-pattern",
|
||||
"description": "AM!TT Misinformation Technique",
|
||||
"description": "AM!TT Technique",
|
||||
"name": "Misinformation Pattern",
|
||||
"source": "https://github.com/misinfosecproject/amitt_framework",
|
||||
"type": "amitt-misinformation-pattern",
|
||||
"uuid": "1195e780-3da2-4205-a24d-110ccd37bcfa",
|
||||
"uuid": "b3f65346-49e4-48c3-88f8-354902a5fe47",
|
||||
"values": [
|
||||
{
|
||||
"description": "Nimmo's \"4Ds of propaganda\": dismiss, distort, distract, dismay (MisinfosecWG added divide in 2019). Misinformation promotes an agenda by advancing narratives supportive of that agenda. This is most effective when the advanced narrative pre-dates the revelation of the specific misinformation content. But this is often not possible.",
|
||||
|
@ -20,7 +20,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0001.md"
|
||||
]
|
||||
},
|
||||
"uuid": "6d8ad7ba-2f37-4c55-bccd-a89499df2c48",
|
||||
"uuid": "16556f68-fe4f-43c8-a8a4-6fc205d80251",
|
||||
"value": "5Ds (dismiss, distort, distract, dismay, divide)"
|
||||
},
|
||||
{
|
||||
|
@ -34,7 +34,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0002.md"
|
||||
]
|
||||
},
|
||||
"uuid": "b628bbe6-c154-48d7-8942-0cfb1a863719",
|
||||
"uuid": "35f79572-d306-4df1-92e7-84e4d2242baf",
|
||||
"value": "Facilitate State Propaganda"
|
||||
},
|
||||
{
|
||||
|
@ -48,7 +48,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0003.md"
|
||||
]
|
||||
},
|
||||
"uuid": "c8be5802-6cb0-4318-a1a6-ae609f56e0db",
|
||||
"uuid": "05f58511-8d22-45d5-b889-47a07b9be00d",
|
||||
"value": "Leverage Existing Narratives"
|
||||
},
|
||||
{
|
||||
|
@ -62,7 +62,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0004.md"
|
||||
]
|
||||
},
|
||||
"uuid": "d562c7d5-f7ec-4515-b725-d5b78c7c6a9e",
|
||||
"uuid": "8960c6c3-ab73-41b3-b661-901f4e4ed5e6",
|
||||
"value": "Competing Narratives"
|
||||
},
|
||||
{
|
||||
|
@ -76,7 +76,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0005.md"
|
||||
]
|
||||
},
|
||||
"uuid": "6a60f29c-2fc2-4c7e-be8e-ceb7e550ac64",
|
||||
"uuid": "a6de0798-4de8-4aa8-90c4-fd6d88f850f3",
|
||||
"value": "Center of Gravity Analysis"
|
||||
},
|
||||
{
|
||||
|
@ -90,7 +90,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0006.md"
|
||||
]
|
||||
},
|
||||
"uuid": "17bc8eac-276f-4223-a867-c39d3f567458",
|
||||
"uuid": "73c4fe48-8d25-47ce-8295-33db463b0e85",
|
||||
"value": "Create Master Narratives"
|
||||
},
|
||||
{
|
||||
|
@ -104,7 +104,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0007.md"
|
||||
]
|
||||
},
|
||||
"uuid": "4fd7495c-2497-4945-ac61-950388cdc819",
|
||||
"uuid": "14394d02-9f8f-4999-8e3d-c51b6f25076b",
|
||||
"value": "Create fake Social Media Profiles / Pages / Groups"
|
||||
},
|
||||
{
|
||||
|
@ -118,7 +118,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0008.md"
|
||||
]
|
||||
},
|
||||
"uuid": "801a79cd-a5df-4c8c-9bd4-2388e0f4f8d4",
|
||||
"uuid": "dd3f7b62-a99c-40d6-baeb-cd36601cc524",
|
||||
"value": "Create fake or imposter news sites"
|
||||
},
|
||||
{
|
||||
|
@ -132,7 +132,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0009.md"
|
||||
]
|
||||
},
|
||||
"uuid": "67be3606-81a1-4c2b-bec2-9fefb22df4cd",
|
||||
"uuid": "0253d5f6-cc08-4f46-b00a-628926020d2c",
|
||||
"value": "Create fake experts"
|
||||
},
|
||||
{
|
||||
|
@ -146,7 +146,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0010.md"
|
||||
]
|
||||
},
|
||||
"uuid": "f22cf6d1-259d-4c0d-b565-15e40db7fae8",
|
||||
"uuid": "784cfb1f-c6f5-44a3-8b60-272c64aac4ea",
|
||||
"value": "Cultivate useful idiots"
|
||||
},
|
||||
{
|
||||
|
@ -160,7 +160,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0011.md"
|
||||
]
|
||||
},
|
||||
"uuid": "1011896b-7ccb-4b87-a820-8f8b6cb907a2",
|
||||
"uuid": "79e9410b-c325-44fd-9b1b-8c9c53c8ecdd",
|
||||
"value": "Hijack legitimate account"
|
||||
},
|
||||
{
|
||||
|
@ -174,7 +174,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0012.md"
|
||||
]
|
||||
},
|
||||
"uuid": "291b04d5-0ecd-4699-b1a0-6b26c685c2cc",
|
||||
"uuid": "40c0ba05-ecb4-42c1-af78-4c7cf586f547",
|
||||
"value": "Use concealment"
|
||||
},
|
||||
{
|
||||
|
@ -188,7 +188,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0013.md"
|
||||
]
|
||||
},
|
||||
"uuid": "6166e079-0659-48e4-8ad5-578c3dfc1b58",
|
||||
"uuid": "81d35c37-da96-423b-9ec1-e2831a6f413d",
|
||||
"value": "Create fake websites"
|
||||
},
|
||||
{
|
||||
|
@ -202,7 +202,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0014.md"
|
||||
]
|
||||
},
|
||||
"uuid": "84dbeacd-2e2d-4c4d-b3ea-591e329bb9bd",
|
||||
"uuid": "06ff0cd0-08a4-486b-ab81-57c50bc2253e",
|
||||
"value": "Create funding campaigns"
|
||||
},
|
||||
{
|
||||
|
@ -216,7 +216,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0015.md"
|
||||
]
|
||||
},
|
||||
"uuid": "48e96d90-f303-4eeb-943a-0b79144c73d5",
|
||||
"uuid": "80c68f29-1c22-4277-93c0-e19f97bd56ee",
|
||||
"value": "Create hashtag"
|
||||
},
|
||||
{
|
||||
|
@ -230,7 +230,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0016.md"
|
||||
]
|
||||
},
|
||||
"uuid": "c7d7ba34-a33d-4a83-bd5b-1209b803c652",
|
||||
"uuid": "7193e229-e122-4f50-818b-e2b047b18a9a",
|
||||
"value": "Clickbait"
|
||||
},
|
||||
{
|
||||
|
@ -244,7 +244,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0017.md"
|
||||
]
|
||||
},
|
||||
"uuid": "75088056-42bf-4184-ac9e-65669b83313d",
|
||||
"uuid": "3a540119-0ede-4ac5-968c-de11ac477cb3",
|
||||
"value": "Promote online funding"
|
||||
},
|
||||
{
|
||||
|
@ -258,7 +258,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0018.md"
|
||||
]
|
||||
},
|
||||
"uuid": "43664600-b2f4-4c51-bb3f-1f758645f3be",
|
||||
"uuid": "97ce4b61-b888-4a76-98f6-a32dc1df1a1a",
|
||||
"value": "Paid targeted ads"
|
||||
},
|
||||
{
|
||||
|
@ -272,7 +272,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0019.md"
|
||||
]
|
||||
},
|
||||
"uuid": "37acf68e-6cb3-4481-ace4-793a73fe65d5",
|
||||
"uuid": "7bdc0b07-63db-406b-8602-1b8a1faa387f",
|
||||
"value": "Generate information pollution"
|
||||
},
|
||||
{
|
||||
|
@ -286,7 +286,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0020.md"
|
||||
]
|
||||
},
|
||||
"uuid": "97f2e50d-7b88-4fac-8671-ea25efe2558d",
|
||||
"uuid": "5bd83398-8273-49b8-8bc2-9435bda603ed",
|
||||
"value": "Trial content"
|
||||
},
|
||||
{
|
||||
|
@ -300,7 +300,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0021.md"
|
||||
]
|
||||
},
|
||||
"uuid": "059e53fd-5cf0-430a-b671-ac5998d28940",
|
||||
"uuid": "fa6e62ca-16c3-4fdd-93ff-b1e1da4cfad8",
|
||||
"value": "Memes"
|
||||
},
|
||||
{
|
||||
|
@ -314,7 +314,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0022.md"
|
||||
]
|
||||
},
|
||||
"uuid": "67b00579-bc91-4559-9dfc-7634e4d356cb",
|
||||
"uuid": "5a832f09-0b39-4734-b7a1-9a4592bdb57e",
|
||||
"value": "Conspiracy narratives"
|
||||
},
|
||||
{
|
||||
|
@ -328,7 +328,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0023.md"
|
||||
]
|
||||
},
|
||||
"uuid": "f19b41ec-09e3-4c8b-ac3f-7a41dd962be3",
|
||||
"uuid": "01c4d71e-47ef-4cad-abda-ad1abd42cae7",
|
||||
"value": "Distort facts"
|
||||
},
|
||||
{
|
||||
|
@ -342,7 +342,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0024.md"
|
||||
]
|
||||
},
|
||||
"uuid": "f17d7126-2c9b-4127-8a0c-41754736dd7c",
|
||||
"uuid": "79a57ba1-9d29-4cd6-8669-ce9728bc33d7",
|
||||
"value": "Create fake videos and images"
|
||||
},
|
||||
{
|
||||
|
@ -356,7 +356,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0025.md"
|
||||
]
|
||||
},
|
||||
"uuid": "d24a520e-ce18-4a7e-8c93-3644bdd86e22",
|
||||
"uuid": "01f8720b-d254-4744-a4eb-a28efc8c3528",
|
||||
"value": "Leak altered documents"
|
||||
},
|
||||
{
|
||||
|
@ -370,7 +370,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0026.md"
|
||||
]
|
||||
},
|
||||
"uuid": "d94873c2-329e-4488-8dda-d79b3c86b2c8",
|
||||
"uuid": "032ea639-87e3-413b-925d-e556b472216b",
|
||||
"value": "Create fake research"
|
||||
},
|
||||
{
|
||||
|
@ -384,7 +384,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0027.md"
|
||||
]
|
||||
},
|
||||
"uuid": "5fdcdb97-cc75-49e6-b9f9-c50e780e298d",
|
||||
"uuid": "c30bfa00-2da6-4443-aa05-5342ad9ea2cc",
|
||||
"value": "Adapt existing narratives"
|
||||
},
|
||||
{
|
||||
|
@ -398,7 +398,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0028.md"
|
||||
]
|
||||
},
|
||||
"uuid": "3a3f54e9-3e46-4b04-9d0d-65d54835a974",
|
||||
"uuid": "c84a5389-92a0-41f1-bed1-b85a4720ffa5",
|
||||
"value": "Create competing narratives"
|
||||
},
|
||||
{
|
||||
|
@ -412,7 +412,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0029.md"
|
||||
]
|
||||
},
|
||||
"uuid": "6b38dd6b-9700-4416-8a4f-ba6e4650979f",
|
||||
"uuid": "d7175e98-579d-4675-aff1-3fc24a18e003",
|
||||
"value": "Manipulate online polls"
|
||||
},
|
||||
{
|
||||
|
@ -426,7 +426,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0030.md"
|
||||
]
|
||||
},
|
||||
"uuid": "edbbc306-021c-44b2-b90e-3241f463465f",
|
||||
"uuid": "88fad613-42bb-46b0-8ef7-dafde53d2b72",
|
||||
"value": "Backstop personas"
|
||||
},
|
||||
{
|
||||
|
@ -440,7 +440,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0031.md"
|
||||
]
|
||||
},
|
||||
"uuid": "59d20015-d440-4c03-9572-2d689e497d64",
|
||||
"uuid": "18a024a0-b0c8-4091-bd22-9d167c0ada16",
|
||||
"value": "YouTube"
|
||||
},
|
||||
{
|
||||
|
@ -454,7 +454,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0032.md"
|
||||
]
|
||||
},
|
||||
"uuid": "35095c87-0a22-498e-b9d0-1ecf7a6f3c11",
|
||||
"uuid": "0cf0ecdb-fc07-41b0-9fa1-8c7eb40a8116",
|
||||
"value": "Reddit"
|
||||
},
|
||||
{
|
||||
|
@ -468,7 +468,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0033.md"
|
||||
]
|
||||
},
|
||||
"uuid": "19e8610b-702e-459c-8816-4a7d338beb7c",
|
||||
"uuid": "3ad77fc0-970b-4a6a-bfd9-db122e375812",
|
||||
"value": "Instagram"
|
||||
},
|
||||
{
|
||||
|
@ -482,7 +482,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0034.md"
|
||||
]
|
||||
},
|
||||
"uuid": "af692c8b-0538-479c-b850-95af4bb86343",
|
||||
"uuid": "9a440d3e-eba9-4d8f-ba93-d691a9121a68",
|
||||
"value": "LinkedIn"
|
||||
},
|
||||
{
|
||||
|
@ -496,7 +496,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0035.md"
|
||||
]
|
||||
},
|
||||
"uuid": "c7693e6c-9cff-47e1-9216-4d4881e23a5a",
|
||||
"uuid": "ba998ea4-b39d-4d66-b3ba-d90e2e0abc8c",
|
||||
"value": "Pinterest"
|
||||
},
|
||||
{
|
||||
|
@ -510,7 +510,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0036.md"
|
||||
]
|
||||
},
|
||||
"uuid": "ef7f5bce-e450-4df0-b4c7-6a401b7b2959",
|
||||
"uuid": "231e17e7-3268-4316-ae25-ba4e978a043a",
|
||||
"value": "WhatsApp"
|
||||
},
|
||||
{
|
||||
|
@ -524,7 +524,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0037.md"
|
||||
]
|
||||
},
|
||||
"uuid": "32150610-d2e7-4d1a-b64c-65252f540505",
|
||||
"uuid": "70086088-dfd6-4fd7-9f28-bf61c7f77dbb",
|
||||
"value": "Facebook"
|
||||
},
|
||||
{
|
||||
|
@ -538,7 +538,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0038.md"
|
||||
]
|
||||
},
|
||||
"uuid": "fd027fde-0ce3-478d-9bac-a0d57ae870d6",
|
||||
"uuid": "c2463ebc-2156-4597-b8e8-cad15954cab4",
|
||||
"value": "Twitter"
|
||||
},
|
||||
{
|
||||
|
@ -552,7 +552,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0039.md"
|
||||
]
|
||||
},
|
||||
"uuid": "694462be-7453-4bce-8ed7-b64fb5dac145",
|
||||
"uuid": "f1145ebe-da32-471b-9ce5-4ba5c1393bb3",
|
||||
"value": "Bait legitimate influencers"
|
||||
},
|
||||
{
|
||||
|
@ -566,7 +566,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0040.md"
|
||||
]
|
||||
},
|
||||
"uuid": "44383921-e224-4135-9969-9ce1705dcb87",
|
||||
"uuid": "6134c516-1521-40ee-9cdd-48d5f034289a",
|
||||
"value": "Demand unsurmountable proof"
|
||||
},
|
||||
{
|
||||
|
@ -580,7 +580,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0041.md"
|
||||
]
|
||||
},
|
||||
"uuid": "542904d2-5668-43fa-86bc-40f97df1d3c6",
|
||||
"uuid": "90e5c8f1-55b4-48f3-99df-07a1b15621b7",
|
||||
"value": "Deny involvement"
|
||||
},
|
||||
{
|
||||
|
@ -594,7 +594,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0042.md"
|
||||
]
|
||||
},
|
||||
"uuid": "6fb83c27-3c43-41d9-a465-73732988711b",
|
||||
"uuid": "c4820314-22b3-4143-b197-0ef49faa6132",
|
||||
"value": "Kernel of Truth"
|
||||
},
|
||||
{
|
||||
|
@ -608,7 +608,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0043.md"
|
||||
]
|
||||
},
|
||||
"uuid": "dccc18fc-73ec-4ff3-84aa-1b73aace4172",
|
||||
"uuid": "f89d4b1d-34a3-41fc-9fcb-5c17faf4d928",
|
||||
"value": "Use SMS/ WhatsApp/ Chat apps"
|
||||
},
|
||||
{
|
||||
|
@ -622,7 +622,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0044.md"
|
||||
]
|
||||
},
|
||||
"uuid": "183f5e6e-e5b1-4a81-b1cc-e36d84c557cb",
|
||||
"uuid": "04946fbc-9bfc-4078-8dec-d3554233494b",
|
||||
"value": "Seed distortions"
|
||||
},
|
||||
{
|
||||
|
@ -636,7 +636,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0045.md"
|
||||
]
|
||||
},
|
||||
"uuid": "67f7c0dd-8a2c-4319-9dd9-e64350652d49",
|
||||
"uuid": "6284e088-837a-4dbe-8f81-249559069625",
|
||||
"value": "Use fake experts"
|
||||
},
|
||||
{
|
||||
|
@ -650,7 +650,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0046.md"
|
||||
]
|
||||
},
|
||||
"uuid": "8c9f1b7c-5d77-4ee1-9537-c804b52ba6fc",
|
||||
"uuid": "1a51094b-5965-4ddb-9833-11e14ac1fd98",
|
||||
"value": "Search Engine Optimization"
|
||||
},
|
||||
{
|
||||
|
@ -664,7 +664,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0047.md"
|
||||
]
|
||||
},
|
||||
"uuid": "4f52e74c-ff58-48fc-a354-c7493339b948",
|
||||
"uuid": "6e13aaa2-8452-4f4f-b5ca-56291dcbb351",
|
||||
"value": "Muzzle social media as a political force"
|
||||
},
|
||||
{
|
||||
|
@ -678,7 +678,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0048.md"
|
||||
]
|
||||
},
|
||||
"uuid": "bd18199f-9c13-41d7-bde8-42e509a4d6d6",
|
||||
"uuid": "cf50c811-8d01-4c0b-bb0c-c7d84ac620b4",
|
||||
"value": "Cow online opinion leaders"
|
||||
},
|
||||
{
|
||||
|
@ -692,7 +692,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0049.md"
|
||||
]
|
||||
},
|
||||
"uuid": "904e3b19-9148-4789-8956-38839032e1d2",
|
||||
"uuid": "01b27791-6daf-4819-a218-256377282135",
|
||||
"value": "Flooding"
|
||||
},
|
||||
{
|
||||
|
@ -706,7 +706,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0050.md"
|
||||
]
|
||||
},
|
||||
"uuid": "256f7772-b242-4227-be1b-52443cf3665c",
|
||||
"uuid": "b1744176-7e69-4d2a-bd26-3994dd1ade79",
|
||||
"value": "Cheerleading domestic social media ops"
|
||||
},
|
||||
{
|
||||
|
@ -720,7 +720,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0051.md"
|
||||
]
|
||||
},
|
||||
"uuid": "79db159e-9282-454a-9ab1-041d1f36e3c4",
|
||||
"uuid": "a9d7894e-abc8-407f-8f90-62d3b2cff277",
|
||||
"value": "Fabricate social media comment"
|
||||
},
|
||||
{
|
||||
|
@ -734,7 +734,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0052.md"
|
||||
]
|
||||
},
|
||||
"uuid": "7470d52e-f514-4be4-813a-82d81715ab18",
|
||||
"uuid": "bb0c643e-c83b-474e-9eb6-21ba51d20efe",
|
||||
"value": "Tertiary sites amplify news"
|
||||
},
|
||||
{
|
||||
|
@ -748,7 +748,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0053.md"
|
||||
]
|
||||
},
|
||||
"uuid": "31dd725e-32eb-4708-acc3-245af99f0225",
|
||||
"uuid": "9feff36b-887c-4cb8-9224-a0694b003d57",
|
||||
"value": "Twitter trolls amplify and manipulate"
|
||||
},
|
||||
{
|
||||
|
@ -762,7 +762,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0054.md"
|
||||
]
|
||||
},
|
||||
"uuid": "75aa1b6c-728a-4a44-81e5-9e4a35144a80",
|
||||
"uuid": "10f072e1-02cd-4b6e-8a4e-c1c35cf9e166",
|
||||
"value": "Twitter bots amplify"
|
||||
},
|
||||
{
|
||||
|
@ -776,7 +776,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0055.md"
|
||||
]
|
||||
},
|
||||
"uuid": "8dd4d3c4-5d7f-4e0f-9512-c3cfe665feb4",
|
||||
"uuid": "0f490149-34b2-4316-b19b-7b43423522b3",
|
||||
"value": "Use hashtag"
|
||||
},
|
||||
{
|
||||
|
@ -790,7 +790,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0056.md"
|
||||
]
|
||||
},
|
||||
"uuid": "671a8bbe-c3d1-4a7e-b3f5-abe7adcb8d94",
|
||||
"uuid": "4a3a83d1-fb95-47ac-91fe-cd2682eb4637",
|
||||
"value": "Dedicated channels disseminate information pollution"
|
||||
},
|
||||
{
|
||||
|
@ -804,7 +804,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0057.md"
|
||||
]
|
||||
},
|
||||
"uuid": "18955c64-6db1-4e3b-8acd-fd2f1fc3be76",
|
||||
"uuid": "37a150a4-abb9-475d-820b-132336b25491",
|
||||
"value": "Organise remote rallies and events"
|
||||
},
|
||||
{
|
||||
|
@ -818,7 +818,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0058.md"
|
||||
]
|
||||
},
|
||||
"uuid": "3009da99-c962-4f0c-b4de-f7d79af8abc2",
|
||||
"uuid": "c7366126-f01d-435d-91d5-e77d26082c1a",
|
||||
"value": "Legacy web content"
|
||||
},
|
||||
{
|
||||
|
@ -832,7 +832,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0059.md"
|
||||
]
|
||||
},
|
||||
"uuid": "82e9dcca-c219-4149-9d59-aaf53631b4df",
|
||||
"uuid": "12a75c2e-495d-43da-bf13-d89f448cefc0",
|
||||
"value": "Play the long game"
|
||||
},
|
||||
{
|
||||
|
@ -846,7 +846,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0060.md"
|
||||
]
|
||||
},
|
||||
"uuid": "3f8e7b42-709f-4c88-9461-499697676a6a",
|
||||
"uuid": "cface37a-cbb9-4554-96f0-d3088f7131ed",
|
||||
"value": "Continue to amplify"
|
||||
},
|
||||
{
|
||||
|
@ -860,7 +860,7 @@
|
|||
"https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/T0061.md"
|
||||
]
|
||||
},
|
||||
"uuid": "f3481684-7081-46f0-bbde-db3c415d67e8",
|
||||
"uuid": "3b312e50-6420-48b7-9a94-c4d84f29ad1c",
|
||||
"value": "Sell merchandising"
|
||||
}
|
||||
],
|
||||
|
|
|
@ -20,6 +20,6 @@
|
|||
"name": "Misinformation Pattern",
|
||||
"namespace": "misinfosec",
|
||||
"type": "amitt-misinformation-pattern",
|
||||
"uuid": "984a2745-14f0-476e-a6d3-648e1f91dc96",
|
||||
"uuid": "4d381145-9a5e-4778-918c-fbf23d78544e",
|
||||
"version": 3
|
||||
}
|
||||
|
|
171
tools/gen_amitt.py
Normal file
171
tools/gen_amitt.py
Normal file
|
@ -0,0 +1,171 @@
|
|||
import pandas as pd
|
||||
import os
|
||||
import json
|
||||
import uuid
|
||||
import xlrd
|
||||
|
||||
|
||||
class Amitt:
|
||||
"""
|
||||
Create MISP galaxy and cluster JSON files.
|
||||
|
||||
This script relies on the AMITT metadata xlsx available here:
|
||||
https://github.com/misinfosecproject/amitt_framework/blob/master/generating_code/amitt_metadata_v3.xlsx
|
||||
|
||||
This script has been adapted from:
|
||||
https://github.com/misinfosecproject/amitt_framework/blob/master/generating_code/amitt.py
|
||||
"""
|
||||
|
||||
def __init__(self, infile='amitt_metadata_v3.xlsx'):
|
||||
metadata = {}
|
||||
xlsx = pd.ExcelFile(infile)
|
||||
for sheetname in xlsx.sheet_names:
|
||||
metadata[sheetname] = xlsx.parse(sheetname)
|
||||
|
||||
# Create individual tables and dictionaries
|
||||
self.phases = metadata['phases']
|
||||
self.techniques = metadata['techniques']
|
||||
self.tasks = metadata['tasks']
|
||||
self.incidents = metadata['incidents']
|
||||
|
||||
tactechs = self.techniques.groupby('tactic')['id'].apply(list).reset_index().rename({'id': 'techniques'},
|
||||
axis=1)
|
||||
self.tactics = metadata['tactics'].merge(tactechs, left_on='id', right_on='tactic', how='left').fillna('').drop(
|
||||
'tactic', axis=1)
|
||||
|
||||
self.tacdict = self.make_object_dict(self.tactics)
|
||||
|
||||
def make_object_dict(self, df):
|
||||
return pd.Series(df.name.values, index=df.id).to_dict()
|
||||
|
||||
def make_amitt_galaxy(self):
|
||||
galaxy = {}
|
||||
galaxy['name'] = 'Misinformation Pattern'
|
||||
galaxy['type'] = 'amitt-misinformation-pattern'
|
||||
galaxy['description'] = 'AM!TT Tactic'
|
||||
galaxy['uuid'] = str(uuid.uuid4())
|
||||
galaxy['version'] = 3
|
||||
galaxy['icon'] = 'map'
|
||||
galaxy['namespace'] = 'misinfosec'
|
||||
|
||||
galaxy['kill_chain_order'] = {
|
||||
'misinformation-tactics': []
|
||||
}
|
||||
|
||||
for k, v in self.tacdict.items():
|
||||
galaxy['kill_chain_order']['misinformation-tactics'].append(v)
|
||||
|
||||
return galaxy
|
||||
|
||||
def write_amitt_file(self, fname, file_data):
|
||||
with open(fname, 'w') as f:
|
||||
json.dump(file_data, f, indent=2, sort_keys=True, ensure_ascii=False)
|
||||
f.write('\n')
|
||||
|
||||
def make_amitt_cluster(self):
|
||||
cluster = {}
|
||||
cluster['authors'] = ['misinfosecproject']
|
||||
cluster['category'] = 'misinformation-pattern'
|
||||
cluster['description'] = 'AM!TT Technique'
|
||||
cluster['name'] = 'Misinformation Pattern'
|
||||
cluster['source'] = 'https://github.com/misinfosecproject/amitt_framework'
|
||||
cluster['type'] = 'amitt-misinformation-pattern'
|
||||
cluster['uuid'] = str(uuid.uuid4())
|
||||
cluster['values'] = []
|
||||
cluster['version'] = 3
|
||||
|
||||
techniques = self.techniques.values.tolist()
|
||||
|
||||
for technique in techniques:
|
||||
t = {}
|
||||
|
||||
if technique[1] != technique[1]:
|
||||
technique[1] = ''
|
||||
|
||||
if technique[2] != technique[2]:
|
||||
technique[2] = ''
|
||||
|
||||
if technique[3] != technique[3]:
|
||||
technique[3] = ''
|
||||
|
||||
if technique[1] == technique[2] == technique[3] == '':
|
||||
continue
|
||||
|
||||
t['uuid'] = str(uuid.uuid4())
|
||||
t['value'] = technique[1]
|
||||
t['description'] = technique[3]
|
||||
t['meta'] = {
|
||||
'external_id': technique[0],
|
||||
'kill_chain': [
|
||||
'misinfosec:misinformation-tactics:' + self.tacdict[technique[2]].replace(' ', '-').lower()
|
||||
],
|
||||
'refs': [
|
||||
'https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/' + technique[
|
||||
0] + '.md'
|
||||
]
|
||||
}
|
||||
|
||||
cluster['values'].append(t)
|
||||
|
||||
return cluster
|
||||
|
||||
def make_amitt_task_cluster(self):
|
||||
cluster = {}
|
||||
cluster['authors'] = ['misinfosecproject']
|
||||
cluster['category'] = 'misinformation-pattern'
|
||||
cluster['description'] = 'AM!TT Task'
|
||||
cluster['name'] = 'Misinformation Task'
|
||||
cluster['source'] = 'https://github.com/misinfosecproject/amitt_framework'
|
||||
cluster['type'] = 'amitt-misinformation-pattern'
|
||||
cluster['uuid'] = str(uuid.uuid4())
|
||||
cluster['values'] = []
|
||||
cluster['version'] = '3'
|
||||
|
||||
techniques = self.techniques.values.tolist()
|
||||
|
||||
for technique in techniques:
|
||||
t = {}
|
||||
|
||||
if technique[1] != technique[1]:
|
||||
technique[1] = ''
|
||||
|
||||
if technique[2] != technique[2]:
|
||||
technique[2] = ''
|
||||
|
||||
if technique[3] != technique[3]:
|
||||
technique[3] = ''
|
||||
|
||||
if technique[1] == technique[2] == technique[3] == '':
|
||||
continue
|
||||
|
||||
t['uuid'] = str(uuid.uuid4())
|
||||
t['value'] = technique[1]
|
||||
t['description'] = technique[3]
|
||||
t['meta'] = {
|
||||
'external_id': technique[0],
|
||||
'kill_chain': [
|
||||
'misinfosec:misinformation-tactics:' + self.tacdict[technique[2]].replace(' ', '-').lower()
|
||||
],
|
||||
'refs': [
|
||||
'https://github.com/misinfosecproject/amitt_framework/blob/master/techniques/' + technique[
|
||||
0] + '.md'
|
||||
]
|
||||
}
|
||||
|
||||
cluster['values'].append(t)
|
||||
|
||||
return cluster
|
||||
|
||||
|
||||
def main():
|
||||
amitt = Amitt()
|
||||
|
||||
galaxy = amitt.make_amitt_galaxy()
|
||||
amitt.write_amitt_file('../galaxies/misinfosec-amitt-misinformation-pattern.json', galaxy)
|
||||
|
||||
cluster = amitt.make_amitt_cluster()
|
||||
amitt.write_amitt_file('../clusters/misinfosec-amitt-misinformation-technique.json', cluster)
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
Loading…
Reference in a new issue