From d97fdf5520af1b2e2e4f7da6523d8b540048b292 Mon Sep 17 00:00:00 2001 From: Brian Beyer Date: Wed, 23 May 2018 16:55:02 -0600 Subject: [PATCH] uppercase the Ts --- atomic_red_team/atomic_red_team.rb | 6 +++--- atomic_red_team/spec.yaml | 14 +++++++------- bin/new-atomic.rb | 2 +- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/atomic_red_team/atomic_red_team.rb b/atomic_red_team/atomic_red_team.rb index 9b332db6..e4bd7915 100755 --- a/atomic_red_team/atomic_red_team.rb +++ b/atomic_red_team/atomic_red_team.rb @@ -14,7 +14,7 @@ class AtomicRedTeam # Returns a list of paths that contain Atomic Tests # def atomic_test_paths - Dir["#{ATOMICS_DIRECTORY}/t*/t*.yaml"].sort + Dir["#{ATOMICS_DIRECTORY}/T*/T*.yaml"].sort end # @@ -39,7 +39,7 @@ class AtomicRedTeam end atomic_tests.find do |atomic_yaml| - atomic_yaml.fetch('attack_technique').downcase == technique_identifier.downcase + atomic_yaml.fetch('attack_technique').upcase == technique_identifier.upcase end.to_h.fetch('atomic_tests', []) end @@ -49,7 +49,7 @@ class AtomicRedTeam # techniques that have no existing tests. # def github_link_to_technique(technique, include_identifier=false) - technique_identifier = ATTACK_API.technique_identifier_for_technique(technique).downcase + technique_identifier = ATTACK_API.technique_identifier_for_technique(technique).upcase link_display = "#{"#{technique_identifier.upcase} " if include_identifier}#{technique['name']}" if File.exists? "#{ATOMICS_DIRECTORY}/#{technique_identifier}/#{technique_identifier}.md" diff --git a/atomic_red_team/spec.yaml b/atomic_red_team/spec.yaml index a17b5408..17e95e55 100644 --- a/atomic_red_team/spec.yaml +++ b/atomic_red_team/spec.yaml @@ -3,18 +3,18 @@ # # The directory structure is: # - These tests reside in the `atomics` directory -# - One directory per ATT&CK technique, named "t1234" -# - All the atomic tests for a technique in a file called "t1234.yaml" inside that directory +# - One directory per ATT&CK technique, named "T1234" +# - All the atomic tests for a technique in a file called "T1234.yaml" inside that directory # - Any payloads, supporting materials, etc for the atomic tests also live in that directory # # For example: # # atomic_red_team/ # atomic_red_team/atomics -# atomic_red_team/atomics/t1234 -# atomic_red_team/atomics/t1234/t1234.yaml <-- this is where all the atomic tests live -# atomic_red_team/atomics/t1234/payload1.sct <-- a payload file needed by one of the T1234 atomics -# atomic_red_team/atomics/t1234/payload2.dll <-- another payload file needed by one of the T1234 atomics +# atomic_red_team/atomics/T1234 +# atomic_red_team/atomics/T1234/T1234.yaml <-- this is where all the atomic tests live +# atomic_red_team/atomics/T1234/payload1.sct <-- a payload file needed by one of the T1234 atomics +# atomic_red_team/atomics/T1234/payload2.dll <-- another payload file needed by one of the T1234 atomics # # In general, a set of atomic tests for a technique should never depend on payloads # or supporting files from other atomic directories. We want to keep things nice and close. @@ -138,7 +138,7 @@ atomic_tests: # tick 'Developer Mode'. # # 2. Click 'Load unpacked extension...' and navigate to - # [Browser_Extension](../t1176/) + # [Browser_Extension](../T1176/) # # 3. Click the '#{FOOBAR}' button - you can interpolate here too! # diff --git a/bin/new-atomic.rb b/bin/new-atomic.rb index 94d8b7e0..41439e12 100755 --- a/bin/new-atomic.rb +++ b/bin/new-atomic.rb @@ -22,7 +22,7 @@ end technique_id = ARGV[0] usage! if technique_id.nil? -technique_id = technique_id.downcase +technique_id = technique_id.upcase technique_atomic_test_file = "#{File.dirname(File.dirname(__FILE__))}/atomics/#{technique_id}/#{technique_id}.yaml" if File.exists? technique_atomic_test_file