MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #358 from Delta-Sierra/master 

add attribution-confidence attribute to threat-actor
pull/359/head
Alexandre Dulaunoy 2019-03-11 13:51:55 +01:00 committed by GitHub
parent 03be509459 ecf76178e7
commit ee66543210
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 188 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

167
clusters/threat-actor.json
View File

File diff suppressed because it is too large Load Diff

22
tools/add_missing_attribution-confidence.py Executable file
View File

@ -0,0 +1,22 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import json
import argparse
import uuid
parser = argparse.ArgumentParser(description='Add missing attribution-confidence in threat-actor clusters')
parser.add_argument("-f", "--filename", required=True, help="name of the cluster")
args = parser.parse_args()
with open(args.filename) as json_file:
data = json.load(json_file)
json_file.close()
for value in data['values']:
if value.get('meta'):
if not value.get('meta').get('attribution-confidence') and (value.get('meta').get('cfr-suspected-state-sponsor') or value.get('meta').get('country')):
value.get('meta')['attribution-confidence'] = 50
with open(args.filename, 'w') as json_file:
json.dump(data, json_file, indent=2, sort_keys=True, ensure_ascii=False)