-
Notifications
You must be signed in to change notification settings - Fork 35
/
mitre_attack_navigator_layer.json
42 lines (42 loc) · 1.74 KB
/
mitre_attack_navigator_layer.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
---
NOTE: "Please use the rendered version of this file"
---
{%- assign techniques = '' -%}
{%- for file in site.lolbas -%}
{% for command in file.Commands -%}
{% assign techniques = techniques | append:command.MitreID | append:"|" -%}
{% endfor -%}
{%- endfor -%}
{%- assign occurrences = techniques | split:'|' | group_by_exp:"item","item" | sort:"items" -%}
{%- assign subtechniques = occurrences | where_exp:"item","item.name contains '.'" | group_by_exp:"item","item.name | split:'.' | slice:0" | map:'name' |join:','|split:',' -%}
{
"name": "The LOLBAS Project",
"versions": {"attack": "15", "navigator": "4.9.5", "layer": "4.5"},
"domain": "enterprise-attack",
"description": "ATT&CK alignment of the LOLBAS project, see https://lolbas-project.github.io/.",
"filters": {"platforms": ["Windows"]},
"layout": {
"layout": "flat",
"aggregateFunction": "average",
"showID": false,
"showName": true,
"showAggregateScores": false,
"countUnscored": false,
"expandedSubtechniques": "none"
},
"techniques": [
{%- assign max_score = 0 -%}
{% for occurrence in occurrences %}
{"techniqueID": "{{ occurrence.name }}", "score": {{ occurrence.size }}{% if subtechniques contains occurrence.name %}, "showSubtechniques": true{% endif %}}{% unless forloop.last %},{% endunless %}
{%- if occurrence.size > max_score %}{% assign max_score = occurrence.size %}{% endif -%}
{%- endfor -%}
],
"gradient": {
"colors": ["#cdf0fc", "#0d89b3"],
"minValue": 0,
"maxValue": {{max_score}}
},
"selectTechniquesAcrossTactics": true,
"selectSubtechniquesWithParent": false,
"selectVisibleTechniques": false
}