ATT&CK Navigator Layer Generation via Ruby (#500)

* initial commit * modified output style * final url changes * Update rocke-and-roll-stage-01.sh * Added code to generate Navigator layer * Add ATT&CK Navigator layer to readme
2019-05-11 19:23:48 -10:00
parent 6abfe94684
commit b5dc3e17a8
2 changed files with 40 additions and 0 deletions
@@ -43,6 +43,7 @@ Join the community on Slack at [https://atomicredteam.slack.com](https://atomicr
  - Windows [Tests](atomics/windows-index.md) and [Matrix](atomics/windows-matrix.md)
  - macOS [Tests](atomics/macos-index.md) and [Matrix](atomics/macos-matrix.md)
  - Linux [Tests](atomics/linux-index.md) and [Matrix](atomics/linux-matrix.md)
+* Using [ATT&CK Navigator](https://github.com/mitre-attack/attack-navigator)? Check out our [coverage layer](atomics/art_navigator_layer.json)
 * [Fork](https://github.com/redcanaryco/atomic-red-team/fork) and [Contribute](https://atomicredteam.io/contributing) your own modifications
 * [Doing more with Atomic Red Team](#doing-more-with-atomic-red-team)
    * [Using the Atomic Red Team Ruby API](#using-the-atomic-red-team-ruby-api)
@@ -2,6 +2,7 @@
 $LOAD_PATH << "#{File.dirname(File.dirname(__FILE__))}/atomic_red_team" unless $LOAD_PATH.include? "#{File.dirname(File.dirname(__FILE__))}/atomic_red_team"
 require 'erb'
 require 'fileutils'
+require 'json'
 require 'atomic_red_team'

 class AtomicRedTeamDocs
@@ -42,6 +43,7 @@ class AtomicRedTeamDocs
    generate_index! 'Linux', "#{File.dirname(File.dirname(__FILE__))}/atomics/linux-index.md", only_platform: /^(?!windows|macos).*$/

    generate_yaml_index! "#{File.dirname(File.dirname(__FILE__))}/atomics/index.yaml"
+    generate_navigator_layer! "#{File.dirname(File.dirname(__FILE__))}/atomics/art_navigator_layer.json"

    return oks, fails
  end
@@ -146,6 +148,43 @@ class AtomicRedTeamDocs

    puts "Generated Atomic Red Team YAML index at #{output_doc_path}"
  end
+
+  #
+  # Generates a MITRE ATT&CK Navigator Layer based on contributed techniques
+  #
+  def generate_navigator_layer!(output_layer_path)
+
+    techniques = []
+    
+    ATOMIC_RED_TEAM.atomic_tests.each do |atomic_yaml|
+      begin
+        technique = {
+          "techniqueID" => atomic_yaml['attack_technique'],
+          "score" => 100,
+          "enabled" => true
+        }
+
+        techniques.push(technique)
+      end
+
+    layer = {
+      "version" => "2.1",
+      "name" => "Atomic Red Team",
+      "description" => "Atomic Red Team MITRE ATT&CK Navigator Layer",
+      "domain" => "mitre-enterprise",
+      "gradient" => {
+                  "colors" => ["#ce232e","#ce232e"],
+                  "minValue" => 0,
+                  "maxValue" => 100
+                },
+      "techniques" => techniques
+    }
+
+    File.write output_layer_path,layer.to_json
+    end
+
+    puts "Generated Atomic Red Team ATT&CK Navigator Layer at #{output_layer_path}"
+  end
 end

 #