Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Atomic Red Team support #1

Open
wants to merge 35 commits into
base: main
Choose a base branch
from
Open

Atomic Red Team support #1

Changes from 1 commit
Commits
Show all changes
35 commits
Select commit Hold shift + click to select a range
207233d
Add PoC ART code
l50 Aug 25, 2023
e83486c
Added Mitre field to TTP struct
inesusvet Oct 22, 2024
4d956b6
added dockerfile to build ttpforge binary for windows
inesusvet Oct 22, 2024
fa858cc
Allow loose Mitre tags
inesusvet Oct 22, 2024
5a2fca6
Adjust struct names and yaml tags to ensure valid serialization
inesusvet Oct 22, 2024
0938230
Produce many resulting TTPForge files from one Atomic YAML
inesusvet Oct 23, 2024
f054c5f
Take care of arguments in clean up instructions; Properly serialize Args
inesusvet Oct 23, 2024
3c29a97
Convert argument placeholders to TTPForge format
inesusvet Oct 23, 2024
4791fa7
Added a map of Mitre Techniques to Tactics
inesusvet Oct 23, 2024
0a23699
Read Mitre map JSON to enrich Mitre tags, properly build list of resu…
inesusvet Oct 23, 2024
c643a5e
Update the mitre map JSON, populate Mitre tags
inesusvet Oct 23, 2024
c539ba4
Populate Mitre tags properly, extract GUID per atomic test
inesusvet Oct 23, 2024
df45242
Use UUID as safe target filename
inesusvet Oct 23, 2024
d956ca4
Always define API version
inesusvet Oct 23, 2024
1a9d336
Added todos and Executor to clean up step
inesusvet Oct 23, 2024
96fce19
Comma
inesusvet Oct 23, 2024
5bfd931
Populate Mitre Subtechnique when present
inesusvet Oct 23, 2024
0b0f233
Supported Platforms translates to Requirements
inesusvet Oct 23, 2024
c5bf9f2
Added translation of platform names and argument types
inesusvet Oct 24, 2024
fd71360
Process dependencies as Steps
inesusvet Oct 24, 2024
3d4713c
Add expected super-user flag, ReplaceAll in dependency step formatting
inesusvet Oct 24, 2024
3fd9174
Added Description field to Argument Specification
inesusvet Oct 24, 2024
890f09f
update magefiles reference to [email protected]
inesusvet Oct 25, 2024
6acf7e4
Replace argument placeholders in dependency steps; prevent double cur…
inesusvet Nov 3, 2024
f9fcc73
Make all argument types lowercased
inesusvet Nov 3, 2024
a58114e
Do not translate empty clean up instructions
inesusvet Nov 3, 2024
5f7a6ab
Properly escape default values
inesusvet Nov 3, 2024
9037d30
Translate executor names to executables
inesusvet Nov 3, 2024
1f8b7d4
Translate arg placeholders in pre-requisites instructions
inesusvet Nov 12, 2024
ed2dd78
Actual translation of argument types
inesusvet Nov 14, 2024
df6b136
Keep arguments sorted by name
inesusvet Nov 14, 2024
e727269
Added manual for YAML translation process
inesusvet Nov 26, 2024
f2fcf50
go mod tidy
inesusvet Nov 30, 2024
f50fbe2
Moved translation guide to docs
inesusvet Nov 30, 2024
13d2ef8
Drop pkg/art as outdated
inesusvet Nov 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Do not translate empty clean up instructions
  • Loading branch information
@inesusvet
inesusvet committed Nov 30, 2024
commit a58114eb6c2d6d123b1c22306f3244769c95092d
12 changes: 8 additions & 4 deletions magefiles/translate.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -245,14 +245,18 @@ func ConvertSchema(atomic AtomicSchema) []TTP {
ttp.Steps = append(ttp.Steps, depSteps...)
}

inline := replaceArgumentPlaceholders(test.Executor.Command, argumentReplacements)
step := Step{
Name: formatStepName(test.Name),
Inline: replaceArgumentPlaceholders(test.Executor.Command, argumentReplacements),
Inline: inline,
Executor: test.Executor.Name,
Cleanup: CleanupAction{
Inline: replaceArgumentPlaceholders(test.Executor.CleanupCommand, argumentReplacements),
}
cleanUpInline := replaceArgumentPlaceholders(test.Executor.CleanupCommand, argumentReplacements)
if cleanUpInline != "" {
step.Cleanup = CleanupAction{
Inline: cleanUpInline,
Executor: test.Executor.Name,
},
}
}
ttp.Steps = append(ttp.Steps, step)

Expand Down