latest changes to libray

Cyb3rWard0g · Cyb3rWard0g · commit 64321f8fac2f · 2018-10-27T04:23:53.000-04:00
solved #4
diff --git a/README.md b/README.md
@@ -53,7 +53,7 @@ I created a few jupyter notebooks that I hope can help you get familiar with the
 * [Basic Functionality](https://github.com/Cyb3rWard0g/ATTACK-Python-Client/blob/master/notebooks/Usage_Basics.ipynb)
 * [Custom Filters](https://github.com/Cyb3rWard0g/ATTACK-Python-Client/blob/master/notebooks/Usage_Filters.ipynb)
 
-Install **Jupyter Lab** and **Pandas==0.22.0** in order to use the Jupyter Notebooks on your own. You can do it by using the **requirements.txt** file in this repo
+Install **Jupyter Lab** and **Pandas** in order to use the Jupyter Notebooks on your own. You can do it by using the **requirements.txt** file in this repo
 
 ```
 pip install -r requirements.txt
diff --git a/attackcti/attack_api.py b/attackcti/attack_api.py
@@ -31,15 +31,16 @@ def parse_stix_objects(self, stix_objects, stix_object_type):
                 technique_dict = {
                     'type': technique['type'],
                     'id': technique['id'],
-                    'created_by_ref': technique['created_by_ref'],
+                    'created_by_ref': self.try_except(technique,'created_by_ref'),
                     'created': str(technique['created']),
                     'modified': str(technique['modified']),
-                    'object_marking_refs': technique['object_marking_refs'],
+                    'object_marking_refs': self.try_except(technique,'object_marking_refs'),
                     'url': technique['external_references'][0]['url'],
                     'matrix': technique['external_references'][0]['source_name'],
                     'technique': technique['name'],
-                    'technique_description': technique['description'],
-                    'tactic': self.handle_list(technique,'kill_chain_phases'),
+                    'technique_description': self.try_except(technique, 'description'),
+                    #'tactic': self.handle_list(technique,'kill_chain_phases'),
+                    'tactic': self.try_except(technique,'kill_chain_phases'),
                     'technique_id': technique['external_references'][0]['external_id'],
                     'platform': self.try_except(technique,'x_mitre_platforms'),
                     'data_sources': self.try_except(technique,'x_mitre_data_sources'),
@@ -417,8 +418,7 @@ def get_technique_by_name(self, name):
         mobile_stix_objects = self.TC_MOBILE_SOURCE.query(filter_objects)
         all_stix_objects = enterprise_stix_objects + pre_stix_objects + mobile_stix_objects
         all_stix_objects = self.parse_stix_objects(all_stix_objects, "techniques")
-        for o in all_stix_objects:
-            return o
+        return all_stix_objects
 
     def get_object_by_attack_id(self, object_type, attack_id):
         valid_objects = {'attack-pattern','course-of-action','intrusion-set','malware','tool'}
@@ -443,8 +443,7 @@ def get_object_by_attack_id(self, object_type, attack_id):
             mobile_stix_objects = self.TC_MOBILE_SOURCE.query(filter_objects)
             mobile_stix_objects = self.parse_stix_objects(mobile_stix_objects, dictionary[object_type])
             all_stix_objects = enterprise_stix_objects + pre_stix_objects + mobile_stix_objects
-            for o in all_stix_objects:
-                return o
+            return all_stix_objects
 
     def get_group_by_alias(self, group_alias):
         filter_objects = [
@@ -456,8 +455,7 @@ def get_group_by_alias(self, group_alias):
         mobile_stix_objects = self.TC_MOBILE_SOURCE.query(filter_objects)
         all_stix_objects = enterprise_stix_objects + pre_stix_objects + mobile_stix_objects
         all_stix_objects = self.parse_stix_objects(all_stix_objects, 'groups')
-        for o in all_stix_objects:
-            return o
+        return all_stix_objects
 
     def get_relationships_by_object(self, stix_object):
         valid_objects = {'groups','software','mitigations'}
@@ -691,4 +689,28 @@ def get_all_used_by_group(self, group_name=None):
             software = self.get_software_used_by_group(group_name)
             techniques = self.get_techniques_used_by_group(group_name)
             all_used = software + techniques
-        return all_used
+        return all_used
+
+    def get_techniques_by_datasources(self, data_sources):
+        techniques_results = []
+        techniques = self.get_all_techniques()
+        if isinstance(data_sources, list):
+            for d in [x.lower() for x in data_sources]:
+                for t in techniques:
+                    if t['data_sources'] is not None and d in [x.lower() for x in t['data_sources']]:
+                        techniques_results.append(t)
+        elif isinstance(data_sources, str):
+            for t in techniques:
+                if t['data_sources'] is not None and data_sources.lower() in [x.lower() for x in t['data_sources']]:
+                    techniques_results.append(t)
+        else:
+            raise Exception("Not a list or a string")
+        # Remove Duplicates
+        already_seen = set()
+        results_dedup = []
+        for d in techniques_results:
+            i = str(d.items())
+            if i not in already_seen:
+                already_seen.add(i)
+                results_dedup.append(d)
+        return results_dedup
diff --git a/requirements.txt b/requirements.txt
@@ -1,6 +1,7 @@
-pandas==0.22.0
-jupyter
-jupyterlab
+pandas==0.23.4
+altair==2.2.2
+jupyter==1.0.0
+jupyterlab==0.34.1
 ipykernel
 pprint
 altair
diff --git a/setup.py b/setup.py
@@ -13,7 +13,7 @@
 
 setuptools.setup(
     name="attackcti",
-    version="0.1.4",
+    version="0.1.6",
     author="Roberto Rodriguez",
     author_email="rrodriguezops@gmail.com",
     description="ATTACK CTI Libary",
