security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: trademark test case

Browse Source
This commit is contained in:
Florian Roth
2021-05-15 13:02:49 +02:00
parent 48757423ef
commit 526ab4f707
1 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/test_rules.py
+15
View File
@@ -17,6 +17,8 @@ from colorama import Fore
class TestRules(unittest.TestCase):
MITRE_TECHNIQUE_NAMES = ["process_injection", "signed_binary_proxy_execution", "process_injection"] # incomplete list
MITRE_TACTICS = ["initial_access", "execution", "persistence", "privilege_escalation", "defense_evasion", "credential_access", "discovery", "lateral_movement", "collection", "exfiltration", "command_and_control", "impact", "launch"]
# Don't use trademarks in rules - they require non-ASCII characters to be used on we don't want them in our rules
TRADE_MARKS = {"MITRE ATT&CK", "ATT&CK"}
path_to_rules = "rules"
@@ -58,6 +60,19 @@ class TestRules(unittest.TestCase):
self.assertEqual(files_with_incorrect_extensions, [], Fore.RED +
"There are rule files with extensions other than .yml")
def test_legal_trademark_violations(self):
files_with_legal_issues = []
for file in self.yield_next_rule_file_path(self.path_to_rules):
with open(file, 'r') as fh:
file_data = fh.read()
for tm in self.TRADE_MARKS:
if tm in file_data:
files_with_legal_issues.append(file)
self.assertEqual(files_with_legal_issues, [], Fore.RED +
"There are rule files which contains a trademark or reference that doesn't comply with the respective trademark requirements - please remove the trademark to avoid legal issues")
def test_confirm_correct_mitre_tags(self):
files_with_incorrect_mitre_tags = []