Skip to content

Commit

Permalink
Rename falco_mitre_checker into falco_mitre_attack_checker
Browse files Browse the repository at this point in the history
  • Loading branch information
IceManGreen committed Nov 27, 2023
1 parent 65d5f64 commit 07782fb
Show file tree
Hide file tree
Showing 36 changed files with 864 additions and 839 deletions.
4 changes: 2 additions & 2 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Specific project files
build/mitre_checker/build
build/mitre_checker/reports
build/mitre_attack_checker/build
build/mitre_attack_checker/reports
**/falco_rules_mitre_errors.json
**/application_rules_errors.json

Expand Down
File renamed without changes.
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
# Mitre Checker Module
# Mitre ATT&CK Checker Module

The Mitre Checker module aims to check the compliance of the Falco rules against the Mitre ATT&CK
Framework. This module provides to Falco experts and Falco users a way to check default and custom
The Mitre ATT&CK Checker module aims to check the compliance of the Falco rules against the Mitre ATT&CK
framework. This module provides to Falco experts and Falco users a way to check default and custom
rules for Mitre ATT&CK extra tags.
This module uses STIX from the OASIS standards. Structured Threat Information Expression (STIX™) is a
language and serialization format used to exchange cyber threat intelligence (CTI) :

- [STIX CTI documentation](https://oasis-open.github.io/cti-documentation/stix/intro)

Leveraging STIX, Mitre Checker fetches the ATT&CK® STIX Data from MITRE ATT&CK repositories using the
`python-stix2` library implemented by OASIS:
Leveraging STIX, Mitre ATT&CK Checker fetches the ATT&CK® STIX Data from MITRE ATT&CK repositories using
the `python-stix2` library implemented by OASIS:

- [ATT&CK STIX Data repository](https://github.com/mitre-attack/attack-stix-data)
- [Python STIX2 repository](https://github.com/oasis-open/cti-python-stix2)
Expand Down Expand Up @@ -45,19 +45,19 @@ Requirements :
Or manualy using `pip` :

```sh
pip install dist/mitre_checker-0.1.0-py3-none-any.whl
pip install dist/falco_mitre_attack_checker-0.1.0-py3-none-any.whl
```

## Usage

```sh
python -m falco_mitre_checker --help
python -m falco_mitre_attack_checker --help
```

Using the stable falco rules :

```sh
python -m falco_mitre_checker -f ../../rules/falco_rules.yaml -o /tmp/
python -m falco_mitre_attack_checker -f ../../rules/falco_rules.yaml -o /tmp/
```

## Development
Expand All @@ -79,7 +79,7 @@ With coverage :

```sh
poetry update
poetry run python -m pytest falco_mitre_checker/tests --cov=falco_mitre_checker
poetry run python -m pytest --cov=falco_mitre_attack_checker
```

```
Expand Down
File renamed without changes.
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
from falco_mitre_checker.cli.core import cli
from falco_mitre_checker.utils.logger import MitreCheckerLogger
from falco_mitre_attack_checker.cli.core import cli
from falco_mitre_attack_checker.utils.logger import MitreCheckerLogger


def main():
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
from pathlib import Path
from typing import List, Dict

from falco_mitre_checker.engine.mitre_checker import FalcoMitreChecker
from falco_mitre_checker.models.falco_mitre_errors import FalcoMitreError
from falco_mitre_checker.utils.logger import MitreCheckerLogger
from falco_mitre_attack_checker.engine.mitre_checker import FalcoMitreChecker
from falco_mitre_attack_checker.models.falco_mitre_errors import FalcoMitreError
from falco_mitre_attack_checker.utils.logger import MitreCheckerLogger

logger = logging.getLogger(MitreCheckerLogger.name)

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,9 @@

import typer

from falco_mitre_checker.api.core import mitre_checker_engine
from falco_mitre_checker.exceptions.rules_exceptions import FalcoRulesFileContentError
from falco_mitre_checker.utils.logger import MitreCheckerLogger
from falco_mitre_attack_checker.api.core import mitre_checker_engine
from falco_mitre_attack_checker.exceptions.rules_exceptions import FalcoRulesFileContentError
from falco_mitre_attack_checker.utils.logger import MitreCheckerLogger

app = typer.Typer(help=f"Mitre Checker",
no_args_is_help=True,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,13 @@
from pathlib import Path
from typing import List

from falco_mitre_checker.models.falco_mitre_errors import \
from falco_mitre_attack_checker.models.falco_mitre_errors import \
ErrorReason, FalcoMitreError, FalcoRulesErrors
from falco_mitre_checker.models.falco_mitre_relations import MitreRelations
from falco_mitre_checker.parsers.falco_rules import FalcoRulesParser
from falco_mitre_checker.parsers.mitre_stix import MitreParser
from falco_mitre_checker.utils.file import write_file
from falco_mitre_checker.utils.logger import MitreCheckerLogger
from falco_mitre_attack_checker.models.falco_mitre_relations import MitreRelations
from falco_mitre_attack_checker.parsers.falco_rules import FalcoRulesParser
from falco_mitre_attack_checker.parsers.mitre_stix import MitreParser
from falco_mitre_attack_checker.utils.file import write_file
from falco_mitre_attack_checker.utils.logger import MitreCheckerLogger

logger = logging.getLogger(MitreCheckerLogger.name)

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
from pathlib import Path
from typing import Dict

from falco_mitre_checker.exceptions.rules_exceptions import FalcoRulesFileContentError
from falco_mitre_checker.models.falco_mitre_relations import MitreRelations
from falco_mitre_checker.utils.file import read_yaml
from falco_mitre_attack_checker.exceptions.rules_exceptions import FalcoRulesFileContentError
from falco_mitre_attack_checker.models.falco_mitre_relations import MitreRelations
from falco_mitre_attack_checker.utils.file import read_yaml


class FalcoRulesParser(object):
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
import requests
from stix2 import MemoryStore, Filter, AttackPattern

from falco_mitre_checker.utils.logger import MitreCheckerLogger
from falco_mitre_attack_checker.utils.logger import MitreCheckerLogger

logger = logging.getLogger(MitreCheckerLogger.name)

Expand Down
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
from pathlib import Path
from typing import List

from falco_mitre_checker.engine.mitre_checker import FalcoMitreChecker
from falco_mitre_checker.models.falco_mitre_errors import ErrorReason, FalcoRulesErrors, FalcoMitreError
from falco_mitre_checker.tests.test_common import MITRE_DOMAIN, MITRE_VERSION, FALCO_RULES_FILE
from falco_mitre_attack_checker.engine.mitre_checker import FalcoMitreChecker
from falco_mitre_attack_checker.models.falco_mitre_errors import ErrorReason, FalcoRulesErrors, FalcoMitreError
from falco_mitre_attack_checker.tests.test_common import MITRE_DOMAIN, MITRE_VERSION, FALCO_RULES_FILE

# global
mitre_checker = FalcoMitreChecker(MITRE_DOMAIN, MITRE_VERSION)
Expand Down
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import pytest

from falco_mitre_checker.exceptions.rules_exceptions import FalcoRulesFileContentError
from falco_mitre_checker.parsers.falco_rules import FalcoRulesParser
from falco_mitre_checker.tests.test_common import NOT_FALCO_RULES_FILE, FALCO_RULES_FILE
from falco_mitre_attack_checker.exceptions.rules_exceptions import FalcoRulesFileContentError
from falco_mitre_attack_checker.parsers.falco_rules import FalcoRulesParser
from falco_mitre_attack_checker.tests.test_common import NOT_FALCO_RULES_FILE, FALCO_RULES_FILE

# test falco rules file validation
with pytest.raises(FalcoRulesFileContentError):
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
from falco_mitre_checker.parsers.mitre_stix import MitreParser
from falco_mitre_checker.tests.test_common import RESOURCES_DIR, MITRE_VERSION, MITRE_DOMAIN
from falco_mitre_attack_checker.parsers.mitre_stix import MitreParser
from falco_mitre_attack_checker.tests.test_common import RESOURCES_DIR, MITRE_VERSION, MITRE_DOMAIN

MITRE_STIX_DATAFILE = f"{RESOURCES_DIR}/mitre_cti_stix_13_1.json"

Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import os
from pathlib import Path

from falco_mitre_checker.utils.logger import MitreCheckerLogger
from falco_mitre_attack_checker.utils.logger import MitreCheckerLogger

MitreCheckerLogger()

Expand Down
File renamed without changes.
Loading

0 comments on commit 07782fb

Please sign in to comment.