From 7f63453c0f9fdf7647174038e32e987e0b6b285f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Fri, 14 Oct 2016 12:01:56 +0200 Subject: [PATCH 1/2] Explicitely set values to null if there are none --- euci/machinetag.json | 3 ++- kill-chain/machinetag.json | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/euci/machinetag.json b/euci/machinetag.json index 238f705..b83c003 100644 --- a/euci/machinetag.json +++ b/euci/machinetag.json @@ -23,5 +23,6 @@ "expanded": "RESTREINT UE/EU RESTRICTED", "description": "Information and material the unauthorised disclosure of which could be disadvantageous to the interests of the European Union or of one or more of the Member States." } - ] + ], + "values": null } diff --git a/kill-chain/machinetag.json b/kill-chain/machinetag.json index dd23fcd..c18ad3c 100644 --- a/kill-chain/machinetag.json +++ b/kill-chain/machinetag.json @@ -32,5 +32,6 @@ "value": "Actions on Objectives", "expanded": "Only now, after progressing through the first six phases, can intruders take actions to achieve their original objectives. Typically, this objective is data exfiltration which involves collecting, encrypting and extracting information from the victim environment; violations of data integrity or availability are potential objectives as well. Alternatively, the intruders may only desire access to the initial victim box for use as a hop point to compromise additional systems and move laterally inside the network." } - ] + ], + "values": null } From f7a0f46868c64ef7da16a4a88e3d5b789e7cd787 Mon Sep 17 00:00:00 2001 From: Christophe Vandeplas Date: Mon, 24 Oct 2016 17:01:32 +0200 Subject: [PATCH 2/2] dynamically build taxonomies list solves the problem to update the list constantly --- tools/machinetag.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tools/machinetag.py b/tools/machinetag.py index 150ba1d..2469460 100755 --- a/tools/machinetag.py +++ b/tools/machinetag.py @@ -29,8 +29,12 @@ import json import os.path import argparse +import os -taxonomies = ['admiralty-scale', 'adversary', 'tlp', 'circl', 'iep', 'kill-chain', 'veris', 'ecsirt', 'enisa', 'dni-ism', 'europol-events', 'europol-incident', 'nato', 'euci', 'osint', 'csirt_case_classification', 'malware_classification', 'de-vs', 'fr-classif','eu-critical-sectors','dhs-ciip-sectors','estimative-language', 'ms-caro-malware', 'information-security-indicators', 'open-threat', 'misp', 'domain-abuse'] +taxonomies = [] +for folder in os.listdir('../'): + if os.path.isfile(os.path.join('../', folder, 'machinetag.json')): + taxonomies.append(folder) argParser = argparse.ArgumentParser(description='Dump Machine Tags (Triple Tags) from MISP taxonomies', epilog='Available taxonomies are {0}'.format(taxonomies)) argParser.add_argument('-e', action='store_true', help='Include expanded tags') argParser.add_argument('-a', action='store_true', help='Generate asciidoctor document from MISP taxonomies')