DISARMframeworks/CODE/DISARM-STIX2/main.py

51 lines
2.0 KiB
Python

# A STIX bundle generator for the DISARM Framework.
#
# Author: Roger Johnston, Twitter: @VV_X_7
# License: GPL-3
import pandas as pd
import openpyxl
from stix2 import (Bundle, AttackPattern, ThreatActor, IntrusionSet, Relationship, CustomObject, properties,
Malware, Tool, Campaign, Identity, MarkingDefinition, ExternalReference, StatementMarking,
GranularMarking, Location, MemoryStore, Filter)
from stix2.properties import (ReferenceProperty, ListProperty, StringProperty, TimestampProperty, BooleanProperty, IntegerProperty)
import helpers
from objects import tactic, technique, matrix, bundle, relationship, identity, marking_definition
from helpers import xlsx, file
def generate_disarm_stix():
"""Generates a DISARM STIX bundle.
Returns:
"""
data = helpers.xlsx.load_excel_data("../DISARM_MASTER_DATA/DISARM_FRAMEWORKS_MASTER.xlsx")
disarm_identity = identity.make_disarm_identity()
identity_id = disarm_identity[0]["id"]
disarm_marking_definition = marking_definition.make_disarm_marking_definition(identity_id)
marking_id = disarm_marking_definition[0]["id"]
tactics = tactic.make_disarm_tactics(data, identity_id, marking_id)
techniques = technique.make_disarm_techniques(data, identity_id, marking_id)
subtechnique_relationships = relationship.make_disarm_subtechnique_relationships(techniques, marking_id)
navigator_matrix = matrix.make_disarm_matrix(tactics)
stix_objects = []
stix_objects.append(tactics)
stix_objects.append(techniques)
stix_objects.append(subtechnique_relationships)
stix_objects.append(disarm_identity)
stix_objects.append(disarm_marking_definition)
stix_objects.append(navigator_matrix)
stix_objects = [item for sublist in stix_objects for item in sublist]
disarm_bundle = bundle.make_stix_bundle(stix_objects)
helpers.file.clean_output_dir()
helpers.file.write_files(stix_objects)
helpers.file.write_bundle(disarm_bundle, "DISARM")
if __name__ == "__main__":
generate_disarm_stix()