From e4fc4ada127ffeb1f556ea4c2a670784c0285bc2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 21 May 2024 06:06:26 +0000 Subject: [PATCH 01/19] --- updated-dependencies: - dependency-name: requests dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 555f27c8564..45a314ceff0 100644 --- a/requirements.txt +++ b/requirements.txt @@ -8,7 +8,7 @@ mitreattack-python==3.0.6 pelican==4.8.0 pyScss==1.4.0 python-dotenv==1.0.0 -requests==2.31.0 +requests==2.32.0 stix2==3.0.1 stix2-validator==3.1.3 toml==0.10.2 From b20f98f2c5d8755395f2560265ee527321da4b02 Mon Sep 17 00:00:00 2001 From: adpare Date: Wed, 22 May 2024 16:17:37 -0400 Subject: [PATCH 02/19] updated attackcon location --- data/resources_navigation.json | 12 ++-- data/use_cases.json | 2 +- modules/resources/resources.py | 23 ++----- modules/resources/resources_config.py | 10 +-- modules/resources/static_pages/attackcon.md | 3 + .../templates}/attackcon-overview.html | 3 +- modules/resources/templates/attackcon.html | 65 +++++++++++++++++++ .../templates/learn-more-about-attack.html | 38 ----------- 8 files changed, 84 insertions(+), 72 deletions(-) create mode 100644 modules/resources/static_pages/attackcon.md rename {attack-theme/templates/general => modules/resources/templates}/attackcon-overview.html (96%) create mode 100644 modules/resources/templates/attackcon.html diff --git a/data/resources_navigation.json b/data/resources_navigation.json index ac316d59b55..37cb2833f8c 100644 --- a/data/resources_navigation.json +++ b/data/resources_navigation.json @@ -19,12 +19,6 @@ "path": "/resources/learn-more-about-attack/presentation-archive/", "children": [] }, - { - "name": "ATT&CKcon Presentations", - "id": "attackcon", - "path": "/resources/learn-more-about-attack/attackcon/", - "children": [] - }, { "name": "Trainings", "id": "training", @@ -40,6 +34,12 @@ } ] }, + { + "name": "ATT&CKcon", + "id": "attackcon", + "path": "/resources/attackcon/", + "children": [] + }, { "name": "ATT&CK Data & Tools", "id": "attack-data-and-tools", diff --git a/data/use_cases.json b/data/use_cases.json index 7eebdb5c0ed..588f486b5c7 100644 --- a/data/use_cases.json +++ b/data/use_cases.json @@ -37,7 +37,7 @@ "title": "ATT&CKcon 2018 presentations", "date": "(October 2018)", "description": "Many people in the ATT&CK community are doing excellent work with analytics and detection. We encourage you to take a look at these presentations for ideas.", - "url": "/resources/learn-more-about-attack/attackcon/october-2018#presentations" + "url": "/resources/attackcon/october-2018#presentations" } ] }, diff --git a/modules/resources/resources.py b/modules/resources/resources.py index 051044f5350..61f36cb4a09 100644 --- a/modules/resources/resources.py +++ b/modules/resources/resources.py @@ -133,9 +133,9 @@ def generate_attackcon_page(): attackcon_name.append(attackcon[i]["title"]) title = "Title: " + attackcon[i]["title"] + "\n" name = attackcon[i]["date"].lower().replace(" ", "-") - template = "Template: general/attackcon-overview\n" - attackcon_path.append("/resources/learn-more-about-attack/attackcon/" + name + "/") - save_as = "save_as: resources/learn-more-about-attack/attackcon/" + name + "/index.html\n" + template = "Template: resources/attackcon-overview\n" + attackcon_path.append("/resources/attackcon/" + name + "/") + save_as = "save_as: resources/attackcon/" + name + "/index.html\n" data = "data: " content = title + template + save_as + data attackcon_md.append(content) @@ -145,28 +145,19 @@ def generate_attackcon_page(): attackcon_list = attackcon_dict_list["attackcon_md"] # Below code used to add the attackcon children to the resources sidebar - attackcon_index = 0 learnmore_index = 0 temp_dict = {} for i in range(len(site_config.resource_nav["children"])): - if site_config.resource_nav["children"][i]["name"] == "Learn More about ATT&CK": - for j in range(len(site_config.resource_nav["children"][i]["children"])): - if site_config.resource_nav["children"][i]["children"][j]["name"] == "ATT&CKcon Presentations": - learnmore_index = i - attackcon_index = j + if site_config.resource_nav["children"][i]["name"] == "ATT&CKcon": + attackcon_index = i for i in range(len(attackcon_dict_list["attackcon_name"])): temp_dict["name"] = attackcon_dict_list["attackcon_name"][i] temp_dict["path"] = attackcon_dict_list["attackcon_path"][i] temp_dict["children"] = [] - site_config.resource_nav["children"][learnmore_index]["children"][attackcon_index]["children"].append(temp_dict.copy()) + site_config.resource_nav["children"][attackcon_index]["children"].append(temp_dict.copy()) temp_dict = {} - attackcon_content = resources_config.attackcon_md + json.dumps(attackcon[0]) - - # write markdown to file - with open(os.path.join(site_config.resources_markdown_path, "attackcon.md"), "w", encoding="utf8") as md_file: - md_file.write(attackcon_content) for i in range(len(attackcon_list)): attackcon_content = attackcon_list[i] + json.dumps(attackcon[i]) f_name = "attackcon-" + attackcon[i]["date"].lower().replace(" ", "-") + ".md" @@ -300,7 +291,7 @@ def generate_contribute_page(): # Generate redirections util.buildhelpers.generate_redirections( - redirections_filename=resources_config.contribute_redirection_location, redirect_md=site_config.redirect_md + redirections_filename=resources_config.contribute_redirections_location, redirect_md=site_config.redirect_md ) ms = util.relationshipgetters.get_ms() diff --git a/modules/resources/resources_config.py b/modules/resources/resources_config.py index 16e4b68815c..ae80d529d22 100644 --- a/modules/resources/resources_config.py +++ b/modules/resources/resources_config.py @@ -12,14 +12,6 @@ # Path for docs docs_path = "modules/resources/docs/" -# ATT&CKcon md -attackcon_md = ( - "Title: ATT&CKcon\n" - "Template: general/attackcon-overview\n" - "save_as: resources/learn-more-about-attack/attackcon/index.html\n" - "data: " -) - # Training md training_md = ( "Title: ATT&CK Training\n" @@ -50,7 +42,7 @@ "data: " ) -contribute_redirection_location = "modules/resources/contribute_redirections.json" +contribute_redirections_location = "modules/resources/contribute_redirections.json" # Brand md brand_md = ( diff --git a/modules/resources/static_pages/attackcon.md b/modules/resources/static_pages/attackcon.md new file mode 100644 index 00000000000..3b6cd1a055a --- /dev/null +++ b/modules/resources/static_pages/attackcon.md @@ -0,0 +1,3 @@ +Title: ATT&CKCon +Template: resources/attackcon +save_as: resources/attackcon/index.html \ No newline at end of file diff --git a/attack-theme/templates/general/attackcon-overview.html b/modules/resources/templates/attackcon-overview.html similarity index 96% rename from attack-theme/templates/general/attackcon-overview.html rename to modules/resources/templates/attackcon-overview.html index dfc34fb4b1f..fce2942bbb5 100644 --- a/attack-theme/templates/general/attackcon-overview.html +++ b/modules/resources/templates/attackcon-overview.html @@ -13,8 +13,7 @@ diff --git a/modules/resources/templates/attackcon.html b/modules/resources/templates/attackcon.html new file mode 100644 index 00000000000..8fb8f901e3e --- /dev/null +++ b/modules/resources/templates/attackcon.html @@ -0,0 +1,65 @@ +{% extends "general/two-column.html" %} +{% set active_page = "resources" -%} +{% set title = page.title + " | MITRE ATT&CK®" -%} +{% import 'macros/navigation.html' as navigation %} +{% import 'macros/contact_card.html' as contact_card %} + +{% block innerleft %} + +{% endblock %} + +{% block innerright %} + + +
+
+

ATT&CKCon

+
+

+ At MITRE ATT&CK's yearly conference, cybersecurity leaders and practitioners of all levels are + invited to strengthen capabilities and engage with others in the community through two days of programming, + featuring knowledgeable speakers, engaging content, and meaningful collaboration, all designed to help + leverage the ATT&CK framework. Browse the archive of presentations organized by event. +

+

+ Learn about future ATT&CKcons by keeping up with us at Engage with ATT&CK +

+
+ {{contact_card.render( + "ATT&CKcon 4.0", + "/resources/attackcon/october-2023/", + "October 24th - 25th, 2023
McLean, VA", + invert_icon=True)}} + {{contact_card.render( + "ATT&CKcon 3.0", + "/resources/attackcon/march-2022/", + "March 29th - 30th, 2022
McLean, VA", + invert_icon=True)}} + {{contact_card.render( + "ATT&CKcon PowerHour", + "/resources/attackcon/october-2020/", + "October 2020 - January 2021
Virtual", + invert_icon=True)}} +
+
+ {{contact_card.render("ATT&CKcon 2.0", "/resources/attackcon/october-2019/", "October 29th - 30th, + 2019
McLean, VA", + invert_icon=True)}} + {{contact_card.render("ATT&CKcon 2018", "/resources/attackcon/october-2018/", "October 23rd - 24th, + 2018
McLean, VA", + invert_icon=True)}} +
+
+
+
+
+{% endblock %} + +{% block scripts %} {{ super () }} + + +{% endblock %} \ No newline at end of file diff --git a/modules/resources/templates/learn-more-about-attack.html b/modules/resources/templates/learn-more-about-attack.html index 36ecd42a729..c6d5754be8c 100644 --- a/modules/resources/templates/learn-more-about-attack.html +++ b/modules/resources/templates/learn-more-about-attack.html @@ -49,44 +49,6 @@

Featured MITRE Presentations


Browse all MITRE presentations -
-

ATT&CKCon Presentations

-

- At MITRE ATT&CK's yearly conference, cybersecurity leaders and practitioners of all levels are - invited to strengthen capabilities and engage with others in the community through two days of programming, - featuring knowledgeable speakers, engaging content, and meaningful collaboration, all designed to help - leverage the ATT&CK framework. Browse the archive of presentations organized by event. -

-

- Learn about future ATT&CKcons by keeping up with us at Engage with ATT&CK -

-
- {{contact_card.render( - "ATT&CKcon 4.0", - "/resources/learn-more-about-attack/attackcon/october-2023/", - "October 24th - 25th, 2023
McLean, VA", - invert_icon=True)}} - {{contact_card.render( - "ATT&CKcon 3.0", - "/resources/learn-more-about-attack/attackcon/march-2022/", - "March 29th - 30th, 2022
McLean, VA", - invert_icon=True)}} - {{contact_card.render( - "ATT&CKcon PowerHour", - "/resources/learn-more-about-attack/attackcon/october-2020/", - "October 2020 - January 2021
Virtual", - invert_icon=True)}} -
-
- {{contact_card.render("ATT&CKcon 2.0", "/resources/learn-more-about-attack/attackcon/october-2019/", "October 29th - 30th, - 2019
McLean, VA", - invert_icon=True)}} - {{contact_card.render("ATT&CKcon 2018", "/resources/learn-more-about-attack/attackcon/october-2018/", "October 23rd - 24th, - 2018
McLean, VA", - invert_icon=True)}} -
-
-

MITRE CTI Training

From 0f212e894ee22efdff197748f8162d9827e6845e Mon Sep 17 00:00:00 2001 From: adpare Date: Wed, 22 May 2024 18:06:18 -0400 Subject: [PATCH 03/19] redirections --- modules/redirections/redirections.json | 95 ++++++++++++++++--- modules/resources/resources.py | 2 +- modules/resources/resources_config.py | 2 +- ...tions.json => resources_redirections.json} | 2 +- 4 files changed, 83 insertions(+), 18 deletions(-) rename modules/resources/{contribute_redirections.json => resources_redirections.json} (75%) diff --git a/modules/redirections/redirections.json b/modules/redirections/redirections.json index 5be1ff3235a..21beaa32d9e 100644 --- a/modules/redirections/redirections.json +++ b/modules/redirections/redirections.json @@ -1,19 +1,4 @@ [ - { - "title" : "Getting Started Redirect", - "from" : "resources/getting-started", - "to" : "/resources/" - }, - { - "title" : "Training Redirect", - "from" : "training", - "to" : "/resources/learn-more-about-attack/training" - }, - { - "title" : "CTI Training Redirect", - "from" : "training/cti", - "to" : "/resources/learn-more-about-attack/training/cti" - }, { "title": "enterprise-attack-matrix", "from": "wiki/ATT&CK_Matrix", @@ -278,5 +263,85 @@ "title": "azure-matrix", "from": "matrices/enterprise/cloud/azure", "to": "/matrices/enterprise/cloud/iaas" + }, + { + "title" : "Getting Started Redirect", + "from" : "resources/getting-started", + "to" : "/resources/" + }, + { + "title" : "Training Redirect", + "from" : "resources/training", + "to" : "/resources/learn-more-about-attack/training" + }, + { + "title" : "CTI Training Redirect", + "from" : "resources/training/cti", + "to" : "/resources/learn-more-about-attack/training/cti" + }, + { + "title" : "Working with ATT&CK Redirect", + "from" : "resources/working-with-attack", + "to" : "/resources/attack-data-and-tools/" + }, + { + "title" : "Related Projects Redirect", + "from" : "resources/related-projects", + "to" : "/resources/attack-data-and-tools/" + }, + { + "title" : "Brand Guide Redirect", + "from" : "resources/brand", + "to" : "/resources/legal-and-branding/" + }, + { + "title" : "Privacy Redirect", + "from" : "resources/privacy", + "to" : "/resources/legal-and-branding/privacy/" + }, + { + "title" : "Terms of Use Redirect", + "from" : "resources/terms-of-use", + "to" : "/resources/legal-and-branding/terms-of-use/" + }, + { + "title" : "FAQ General Redirect", + "from" : "resources/faq/general", + "to" : "/resources/faq/#general-faq" + }, + { + "title" : "FAQ Content Redirect", + "from" : "resources/faq/content", + "to" : "/resources/faq/#content-faq" + }, + { + "title" : "FAQ Resources Redirect", + "from" : "resources/faq/resources", + "to" : "/resources/faq/#resources-faq" + }, + { + "title" : "FAQ Staying Informed Redirect", + "from" : "resources/faq/staying-informed", + "to" : "/resources/faq/#staying-informed-faq" + }, + { + "title" : "FAQ ATT&CK Other Models Redirect", + "from" : "resources/faq/attack-and-other-models", + "to" : "/resources/faq/#other-models-faq" + }, + { + "title" : "FAQ Legal Redirect", + "from" : "resources/faq/legal", + "to" : "/resources/faq/#legal-faq" + }, + { + "title" : "Contribute Redirect", + "from" : "resources/contribute", + "to" : "/resources/engage-with-attack/contribute/" + }, + { + "title" : "Contact Redirect", + "from" : "contact", + "to" : "/resources/engage-with-attack/contact/" } ] \ No newline at end of file diff --git a/modules/resources/resources.py b/modules/resources/resources.py index 61f36cb4a09..91d686691dc 100644 --- a/modules/resources/resources.py +++ b/modules/resources/resources.py @@ -291,7 +291,7 @@ def generate_contribute_page(): # Generate redirections util.buildhelpers.generate_redirections( - redirections_filename=resources_config.contribute_redirections_location, redirect_md=site_config.redirect_md + redirections_filename=resources_config.resources_redirections_location, redirect_md=site_config.redirect_md ) ms = util.relationshipgetters.get_ms() diff --git a/modules/resources/resources_config.py b/modules/resources/resources_config.py index ae80d529d22..a061ab5f4e0 100644 --- a/modules/resources/resources_config.py +++ b/modules/resources/resources_config.py @@ -42,7 +42,7 @@ "data: " ) -contribute_redirections_location = "modules/resources/contribute_redirections.json" +resources_redirections_location = "modules/resources/resources_redirections.json" # Brand md brand_md = ( diff --git a/modules/resources/contribute_redirections.json b/modules/resources/resources_redirections.json similarity index 75% rename from modules/resources/contribute_redirections.json rename to modules/resources/resources_redirections.json index 5a9abbd7683..5b784c22c90 100644 --- a/modules/resources/contribute_redirections.json +++ b/modules/resources/resources_redirections.json @@ -1,6 +1,6 @@ [ { - "title": "Training Redirect", + "title": "Training Content Redirect", "from": "docs/Contributing_to_MITRE_ATTACK.pdf/index.html", "to": "/resources/engage-with-attack/contribute" } From 9fb41a8db63d7442dbc80aa5f45046f75f335085 Mon Sep 17 00:00:00 2001 From: Jared Ondricek Date: Thu, 30 May 2024 11:16:54 -0500 Subject: [PATCH 04/19] Fix whitespace --- modules/matrices/templates/matrix.html | 6 ++-- modules/techniques/templates/technique.html | 34 ++++++++++----------- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/modules/matrices/templates/matrix.html b/modules/matrices/templates/matrix.html index e87e1778ad0..8bc96168fe5 100644 --- a/modules/matrices/templates/matrix.html +++ b/modules/matrices/templates/matrix.html @@ -1,4 +1,4 @@ -{% extends "general/two-column.html" %} +{% extends "general/two-column.html" %} {% set parsed = page.data | from_json %} {% import 'macros/navigation.html' as navigation %} {% import 'macros/matrix.html' as matrix_macros %} @@ -61,7 +61,7 @@ {% if parsed.deprecated %}

-

{{parsed.name}}

+

{{parsed.name}}

{% if parsed.descr %} {{deprecated.deprecated(clean_output.stixToHTML(parsed.descr, firstParagraphOnly=True))}} {% else %} @@ -73,7 +73,7 @@

{{parsed.name}}

{% set matrix_plural = "Matrices" if (parsed.matrices | length > 1) else "Matrix" %}
-

{{parsed.name}} {{matrix_plural}}

+

{{parsed.name}} {{matrix_plural}}

{{parsed.descr}} diff --git a/modules/techniques/templates/technique.html b/modules/techniques/templates/technique.html index 43259e9be5e..0f7bf8a82b0 100644 --- a/modules/techniques/templates/technique.html +++ b/modules/techniques/templates/technique.html @@ -1,4 +1,4 @@ -{% extends "general/two-column.html" -%} +{% extends "general/two-column.html" -%} {% set parsed = page.data | from_json %} {% import 'macros/navigation.html' as navigation %} {% import 'macros/deprecated.html' as deprecated %} @@ -18,9 +18,9 @@ {% if parsed.domain == "mobile" %} {% set title = title_prefix + parsed.name + ", " + title_type + " " + parsed.attack_id + " - Mobile | MITRE ATT&CK®" -%} -{% elif parsed.domain == "enterprise" %} +{% elif parsed.domain == "enterprise" %} {% set title = title_prefix + parsed.name + ", " + title_type + " " + parsed.attack_id + " - Enterprise | MITRE ATT&CK®" -%} -{% elif parsed.domain == "ics" %} +{% elif parsed.domain == "ics" %} {% set title = title_prefix + parsed.name + ", " + title_type + " " + parsed.attack_id + " - ICS | MITRE ATT&CK®" -%} {% else %} {% set title = title_prefix + parsed.name + ", " + title_type + " " + parsed.attack_id + " | MITRE ATT&CK®" -%} @@ -76,7 +76,7 @@

{{parsed.parent_name}}: {% endif %} {{parsed.name}} -

+ {% if parsed.deprecated %} {% if parsed.descr %} @@ -105,8 +105,8 @@
Sub-techniques ({{parsed.subtechniques|len ID Name - - + + {% for subtechnique in parsed.subtechniques %} {% if (output_file | clean_path) != subtechnique.path %} @@ -120,19 +120,19 @@
Sub-techniques ({{parsed.subtechniques|len {{subtechnique.id}} - + {{subtechnique.name}} {% endif %} - {% endfor %} - + {% endfor %} +
- {% endif %} + {% endif %} {% if parsed.descr %}
@@ -281,7 +281,7 @@
Sub-techniques ({{parsed.subtechniques|len
CAPEC ID: {% for capec in parsed.capecs %} - {{capec.id}}{% if not loop.last %},{% endif %} + {{capec.id}}{% if not loop.last %},{% endif %} {% endfor %}
@@ -294,7 +294,7 @@
Sub-techniques ({{parsed.subtechniques|len
@@ -373,7 +373,7 @@

Procedure Examples

Targeted Assets

- + @@ -398,7 +398,7 @@

Mitigations

ID Asset
- + @@ -459,10 +459,10 @@

Difficulty for the Adversary

{% endif %} {% endif %} - + {{ citations.reference_section(parsed.citations) }} - {% endif %} + {% endif %} @@ -481,4 +481,4 @@

Difficulty for the Adversary

{% endif %} -{% endblock %} \ No newline at end of file +{% endblock %} \ No newline at end of file From 8676ae4507bc037dd513cc9ddc3b8b72d0f32573 Mon Sep 17 00:00:00 2001 From: Jared Ondricek Date: Thu, 30 May 2024 17:07:08 -0500 Subject: [PATCH 05/19] More whitespace fixing --- modules/assets/templates/asset.html | 12 ++++++------ modules/datasources/templates/datasource.html | 12 ++++++------ modules/software/templates/software.html | 18 +++++++++--------- 3 files changed, 21 insertions(+), 21 deletions(-) diff --git a/modules/assets/templates/asset.html b/modules/assets/templates/asset.html index 0dfb2452ac9..f6f3f21054c 100644 --- a/modules/assets/templates/asset.html +++ b/modules/assets/templates/asset.html @@ -1,6 +1,6 @@ {% extends "general/two-column.html" %} {% set parsed = page.data | from_json %} -{% set title = parsed.name + ", Asset " + parsed.attack_id + " | MITRE ATT&CK®" -%} +{% set title = parsed.name + ", Asset " + parsed.attack_id + " | MITRE ATT&CK®" -%} {% set active_page = "assets" -%} {% import 'macros/deprecated.html' as deprecated %} @@ -23,7 +23,7 @@ {% block innerleft %}
- {{ navigation.sidenav(parsed.side_menu_data, output_file) }} + {{ navigation.sidenav(parsed.side_menu_data, output_file) }}
{% endblock %} @@ -82,14 +82,14 @@

{{ parsed.name }}

{% endif %} {% if parsed.sectors %} -
+
{{ "Sector" if parsed.sectors | length < 2 else "Sectors" }}: {{parsed.sectors}}
{% endif %} {% if parsed.contributors_list %} -
+
Contributors: {{ parsed.contributors_list|join("; ") }}
@@ -134,7 +134,7 @@

Related Assets

- + {% for related_asset in parsed.related_assets_table %} @@ -143,7 +143,7 @@

Related Assets

{{ clean_output.stixToHTML(related_asset.descr, parsed.citations) }} - {% endfor %} + {% endfor %}
ID Mitigation Description Description
{{ related_asset.name }}
{% endif %} diff --git a/modules/datasources/templates/datasource.html b/modules/datasources/templates/datasource.html index 9ec60ae9daf..f6e5b33a6d4 100644 --- a/modules/datasources/templates/datasource.html +++ b/modules/datasources/templates/datasource.html @@ -1,10 +1,10 @@ {% extends "general/two-column.html" %} {% set parsed = page.data | from_json %} {% if parsed.aliases_list %} - {% set alias_string = parsed.aliases_list|join(", ") %} - {% set title = parsed.name + ", " + alias_string + ", Data Source " + parsed.attack_id + " | MITRE ATT&CK®" -%} + {% set alias_string = parsed.aliases_list|join(", ") %} + {% set title = parsed.name + ", " + alias_string + ", Data Source " + parsed.attack_id + " | MITRE ATT&CK®" -%} {% else %} - {% set title = parsed.name + ", Data Source " + parsed.attack_id + " | MITRE ATT&CK®" -%} + {% set title = parsed.name + ", Data Source " + parsed.attack_id + " | MITRE ATT&CK®" -%} {% endif %} {% set active_page = "datasources" -%} @@ -28,7 +28,7 @@ {% block innerleft %}
- {{ navigation.sidenav(parsed.side_menu_data, output_file, true) }} + {{ navigation.sidenav(parsed.side_menu_data, output_file, true) }}
{% endblock %} @@ -137,7 +137,7 @@

{% endif %}

- + {% if parsed.datacomponents_list %}

Data Components

{% endif %} - + {{ citations.reference_section(parsed.citations) }} {% endif %} diff --git a/modules/software/templates/software.html b/modules/software/templates/software.html index 3d606f47a9f..21555b6670c 100644 --- a/modules/software/templates/software.html +++ b/modules/software/templates/software.html @@ -1,6 +1,6 @@ -{% extends "general/two-column.html" %} +{% extends "general/two-column.html" %} {% set parsed = page.data | from_json %} -{% set title = parsed.name + ", Software " + parsed.attack_id + " | MITRE ATT&CK®" -%} +{% set title = parsed.name + ", Software " + parsed.attack_id + " | MITRE ATT&CK®" -%} {% set active_page = "software" -%} {% import 'macros/deprecated.html' as deprecated %} {% import 'macros/navigator.html' as navigator %} @@ -139,7 +139,7 @@

{% endif %} - + {% if parsed.alias_descriptions %}

Associated Software Descriptions

@@ -150,7 +150,7 @@

Associated Software Descriptions

Description - + {% for alias in parsed.alias_descriptions %} @@ -160,17 +160,17 @@

Associated Software Descriptions

{{clean_output.stixToHTML(alias.descr, parsed.citations)}} - {% endfor %} + {% endfor %}
{% endif %} - + {% if parsed.technique_table_data %} {{navigator.layer_links(parsed.attack_id, "software", parsed.layers)}} {{techniques_used.techniques_used(parsed.technique_table_data, "Techniques Used", true, "Use", parsed.citations)}} {% endif %} - + {% if parsed.groups %}

Groups That Use This Software

@@ -232,9 +232,9 @@

Campaigns

{% endif %} - + {{ citations.reference_section(parsed.citations) }} - + {% endif %} From ba339addc1d72c0b20b3b73dccaf7e4eb457ff2d Mon Sep 17 00:00:00 2001 From: Jared Ondricek Date: Thu, 30 May 2024 17:07:42 -0500 Subject: [PATCH 06/19] Update Matrix titles and breadcrumbs --- modules/matrices/templates/matrix.html | 32 +++++++++++++++----------- 1 file changed, 19 insertions(+), 13 deletions(-) diff --git a/modules/matrices/templates/matrix.html b/modules/matrices/templates/matrix.html index 8bc96168fe5..672dcbe2a64 100644 --- a/modules/matrices/templates/matrix.html +++ b/modules/matrices/templates/matrix.html @@ -8,12 +8,20 @@ {% import 'macros/notes.html' as notes %} {% if parsed.domain == "mobile" %} - {% set title = "Matrix - Mobile | MITRE ATT&CK®" -%} -{% elif parsed.domain == "enterprise" %} - {% if parsed.platform %} - {% set title = "Matrix - Enterprise - " + parsed.platform + " | MITRE ATT&CK®" -%} + {% if parsed.name == "Mobile" %} + {% set title = "Matrix - Mobile | MITRE ATT&CK®" -%} {% else %} + {% set title = "Matrix - Mobile - " + parsed.name + " | MITRE ATT&CK®" -%} + {% endif %} + +{% elif parsed.domain == "ics" %} + {% set title = "Matrix - ICS | MITRE ATT&CK®" -%} + +{% elif parsed.domain == "enterprise" %} + {% if parsed.name == "Enterprise" %} {% set title = "Matrix - Enterprise | MITRE ATT&CK®" -%} + {% else %} + {% set title = "Matrix - Enterprise - " + parsed.name + " | MITRE ATT&CK®" -%} {% endif %} {% else %} {% set title = "Matrix | MITRE ATT&CK®" -%} @@ -39,19 +47,17 @@
@@ -92,7 +98,7 @@

{{parsed.name}} {{matrix_plural}}

- {% if parsed.navigator_link %} + {% if parsed.navigator_link %} From 2a79712cdb211e6f7b8f2331be5f48e71787e037 Mon Sep 17 00:00:00 2001 From: adpare Date: Wed, 26 Jun 2024 13:07:29 -0400 Subject: [PATCH 07/19] updated trainings --- data/resources_navigation.json | 42 ++ data/trainings.json | 666 +++++++++++++++++- modules/resources/resources.py | 50 ++ modules/resources/resources_config.py | 49 ++ .../templates/training-access-tokens.html | 126 ++++ .../training-adversary-emulation.html | 126 ++++ .../training-attack-fundamentals.html | 126 ++++ .../training-detection-engineering.html | 126 ++++ .../training-purple-teaming-fundamentals.html | 119 ++++ .../templates/training-soc-assessments.html | 126 ++++ .../templates/training-threat-hunting.html | 126 ++++ 11 files changed, 1681 insertions(+), 1 deletion(-) create mode 100644 modules/resources/templates/training-access-tokens.html create mode 100644 modules/resources/templates/training-adversary-emulation.html create mode 100644 modules/resources/templates/training-attack-fundamentals.html create mode 100644 modules/resources/templates/training-detection-engineering.html create mode 100644 modules/resources/templates/training-purple-teaming-fundamentals.html create mode 100644 modules/resources/templates/training-soc-assessments.html create mode 100644 modules/resources/templates/training-threat-hunting.html diff --git a/data/resources_navigation.json b/data/resources_navigation.json index 37cb2833f8c..7e393ff0dc0 100644 --- a/data/resources_navigation.json +++ b/data/resources_navigation.json @@ -29,6 +29,48 @@ "id": "cti", "path": "/resources/learn-more-about-attack/training/cti/", "children": [] + }, + { + "name": "Purple Teaming Fundamentals Training", + "id": "purple_teaming_fundamentals", + "path": "/resources/learn-more-about-attack/training/purple-teaming-fundamentals/", + "children": [] + }, + { + "name": "ATT&CK Fundamentals Training", + "id": "attack_fundamentals", + "path": "/resources/learn-more-about-attack/training/attack-fundamentals/", + "children": [] + }, + { + "name": "Adversary Emulation Training", + "id": "adversary_emulation", + "path": "/resources/learn-more-about-attack/training/adversary-emulation/", + "children": [] + }, + { + "name": "Access Tokens Technical Primer", + "id": "access_tokens", + "path": "/resources/learn-more-about-attack/training/access-tokens/", + "children": [] + }, + { + "name": "SOC Assessments Training", + "id": "soc_assessments", + "path": "/resources/learn-more-about-attack/training/soc-assessments/", + "children": [] + }, + { + "name": "Threat Hunting Training", + "id": "threat_hunting", + "path": "/resources/learn-more-about-attack/training/threat-hunting/", + "children": [] + }, + { + "name": "Detection Engineering Training", + "id": "detection_engineering", + "path": "/resources/learn-more-about-attack/training/detection-engineering/", + "children": [] } ] } diff --git a/data/trainings.json b/data/trainings.json index 11533c9d022..99b9f37b4f3 100644 --- a/data/trainings.json +++ b/data/trainings.json @@ -123,7 +123,7 @@ "module3": { "module": "MODULE 3", "short_name": "Module 3: Storing and analyzing ATT&CK-mapped intelligence", - "id": "mod4", + "id": "mod3", "name": "Storing and analyzing ATT&CK-mapped intelligence", "video": "https://www.youtube.com/watch?v=cO2JRZ53N2c&list=PLLGRmm150VfBd_bk6fGqTqxr8SBeDcprb&index=4", "slides": "/docs/training-cti/Module%203%20Slides.pdf", @@ -186,5 +186,669 @@ } ] } + }, + "purple_teaming_fundamentals": { + "module0": { + "module": "MODULE 0", + "short_name": "Module 0: Introduction", + "id": "mod0", + "name": "Introduction to Purple Teaming", + "video": "https://www.youtube.com/watch?v=CLkePP4aqL8&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n", + "exercises": [] + }, + "module1": { + "module": "MODULE 1", + "short_name": "Module 1: Planning", + "id": "mod1", + "name": "Planning", + "video": "https://www.youtube.com/watch?v=N2zwLZjhayw&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=2", + "exercises": [] + }, + "module2": { + "module": "MODULE 2", + "short_name": "Module 2: Execution", + "id": "mod2", + "name": "Execution", + "video": "https://www.youtube.com/watch?v=NAeUmsgurT8&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=3", + "exercises": [] + }, + "module3": { + "module": "MODULE 3", + "short_name": "Module 3: Follow-Up", + "id": "mod3", + "name": "Follow-Up", + "video": "https://www.youtube.com/watch?v=QqjiCfRM6k0&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=4", + "exercises": [] + }, + "module4": { + "module": "MODULE 4", + "short_name": "Module 4: Example", + "id": "mod4", + "name": "Example", + "video": "https://www.youtube.com/watch?v=OLxtDojHBHg&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=5", + "exercises": [] + } + }, + "attack_fundamentals": { + "module1": { + "module": "MODULE 1", + "short_name": "Module 1: Introduction", + "id": "mod1", + "name": "Understanding ATT&CK", + "video": "https://www.youtube.com/watch?v=THOGnEqoStQ&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=1", + "exercises": [], + "lessons": [ + { + "id": "1.1", + "name": "Introduction to ATT&CK", + "video": "https://www.youtube.com/watch?v=THOGnEqoStQ&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=1" + }, + { + "id": "1.2", + "name": "Matrices", + "video": "https://www.youtube.com/watch?v=jrTqDD9a3vo&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=2" + }, + { + "id": "1.3", + "name": "Tactics", + "video": "https://www.youtube.com/watch?v=0a-Yitvodl0&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=3" + }, + { + "id": "1.4", + "name": "Techniques & Sub-techniques", + "video": "https://www.youtube.com/watch?v=xGluIOA-S2M&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=4" + }, + { + "id": "1.5", + "name": "Mitigations", + "video": "https://www.youtube.com/watch?v=CEi4AZ7nngM&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=5" + }, + { + "id": "1.6", + "name": "Data Sources & Detections", + "video": "https://www.youtube.com/watch?v=b_Rfw5vKjHk&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=6" + }, + { + "id": "1.7", + "name": "Groups & Software", + "video": "https://www.youtube.com/watch?v=FvP-2kCiQ0A&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=7" + }, + { + "id": "1.8", + "name": "How ATT&CK Grows & Evolves", + "video": "https://www.youtube.com/watch?v=1imFkL3JuPs&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=8" + } + ] + }, + "module2": { + "module": "MODULE 2", + "short_name": "Module 2: Benefits of using ATT&CK", + "id": "mod2", + "name": "Benefits of using ATT&CK", + "video": "https://www.youtube.com/watch?v=l7vj_L9GOL4&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=9", + "exercises": [], + "lessons": [ + { + "id": "2.1", + "name": "Community Perspective", + "video": "https://www.youtube.com/watch?v=l7vj_L9GOL4&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=9" + }, + { + "id": "2.2", + "name": "Common Language", + "video": "https://www.youtube.com/watch?v=rDj9bKL98eU&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=10" + }, + { + "id": "2.3", + "name": "Quantitative Scorecard", + "video": "https://www.youtube.com/watch?v=2cWCbgeCYT4&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=11" + }, + { + "id": "2.4", + "name": "ATT&CK Navigator", + "video": "https://www.youtube.com/watch?v=KcWo8FxF49Q&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=12" + } + ] + }, + "module3": { + "module": "MODULE 3", + "short_name": "Module 3: Operationalizing ATT&CK", + "id": "mod3", + "name": "Operationalizing ATT&CK", + "video": "https://www.youtube.com/watch?v=r0FXhxjTN0c&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=13", + "exercises": [], + "lessons": [ + { + "id": "3.1", + "name": "Cyber Threat Intelligence", + "video": "https://www.youtube.com/watch?v=r0FXhxjTN0c&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=13" + }, + { + "id": "3.2", + "name": "Analytics & Detection", + "video": "https://www.youtube.com/watch?v=WZFrO-OYPcU&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=14" + }, + { + "id": "3.3", + "name": "Threat Emulation", + "video": "https://www.youtube.com/watch?v=-UhRSTtWZkQ&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=15" + }, + { + "id": "3.4", + "name": "Assessments & Engineering", + "video": "https://www.youtube.com/watch?v=kaL0o4NR-e0&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=16" + }, + { + "id": "3.5", + "name": "Putting It All Together into Threat-Informed Defense", + "video": "https://www.youtube.com/watch?v=AZ6Oi6FKUE8&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=17" + } + ] + } + }, + "adversary_emulation": { + "module1": { + "module": "MODULE 1", + "short_name": "Module 1: Adversary Emulation - Technique Deep Dive Series", + "id": "mod1", + "name": "Adversary Emulation - Technique Deep Dive Series", + "video": "https://www.youtube.com/watch?v=IhdKy7XeG_M&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS", + "exercises": [], + "lessons": [ + { + "id": "1.1", + "name": "Token Impersonation and Theft", + "video": "https://www.youtube.com/watch?v=IhdKy7XeG_M&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS" + }, + { + "id": "1.2", + "name": "Access Token Impersonation and Theft Review", + "video": "https://www.youtube.com/watch?v=Fkvq7S4uZ6g&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS&index=2" + }, + { + "id": "1.3", + "name": "FIN8 Token Impersonation and Theft", + "video": "https://www.youtube.com/watch?v=485ZyE-ReQg&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS&index=3" + }, + { + "id": "1.4", + "name": "FIN8 Emulation Considerations", + "video": "https://www.youtube.com/watch?v=k2D5vWLFFmw&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS&index=4" + }, + { + "id": "1.5", + "name": "Shamoon Token Impersonation and Theft", + "video": "https://www.youtube.com/watch?v=pGKQj4GatLU&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS&index=5" + }, + { + "id": "1.6", + "name": "Filling Shamoon Gaps", + "video": "https://www.youtube.com/watch?v=hizJz_qRVWA&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS&index=6" + }, + { + "id": "1.7", + "name": "Shamoon Emulation Considerations", + "video": "https://www.youtube.com/watch?v=Mx6rcqr-6S8&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS&index=7" + }, + { + "id": "1.8", + "name": "Summary", + "video": "https://www.youtube.com/watch?v=xi8CRxFWpfk&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS&index=8" + } + ] + } + }, + "access_tokens": { + "module1": { + "module": "MODULE 1", + "short_name": "Module 1: Access Tokens Technical Primer", + "id": "mod1", + "name": "Access Tokens Technical Primer", + "video": "https://www.youtube.com/watch?v=3KdIKwJGM_o&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=8", + "exercises": [], + "lessons": [ + { + "id": "1.1", + "name": "Course Introduction", + "video": "https://www.youtube.com/watch?v=3KdIKwJGM_o&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=8" + }, + { + "id": "1.2", + "name": "Logon Sessions", + "video": "https://www.youtube.com/watch?v=_DgGj-qPups&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=7" + }, + { + "id": "1.3", + "name": "What Are Access Tokens?", + "video": "https://www.youtube.com/watch?v=-LGzQzlXlZ8&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=6" + }, + { + "id": "1.4", + "name": "Primary vs. Impersonation Tokens", + "video": "https://www.youtube.com/watch?v=a6E5_5Ynh04&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=5" + }, + { + "id": "1.5", + "name": "Verifying Access Using Access Tokens", + "video": "https://www.youtube.com/watch?v=lKfzp0MWCsw&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=4" + }, + { + "id": "1.6", + "name": "Access Tokens and Network Authentication", + "video": "https://www.youtube.com/watch?v=y0_hTtZLt0g&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=3" + }, + { + "id": "1.7", + "name": "Access Tokens and User Access Control", + "video": "https://www.youtube.com/watch?v=jGHDHlCF67Y&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=2" + }, + { + "id": "1.8", + "name": "Wrap-Up", + "video": "https://www.youtube.com/watch?v=Y6tVjFSB02w&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=1" + } + ] + } + }, + "soc_assessments": { + "module1": { + "module": "MODULE 1", + "short_name": "Module 1: Overview of ATT&CK Based SOC Assessments", + "id": "mod1", + "name": "Overview of ATT&CK Based SOC Assessments", + "video": "https://www.youtube.com/watch?v=lEXwtkJqlx4&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-", + "exercises": [], + "lessons": [ + { + "id": "1.1", + "name": "Why ATT&CK-based SOC Assessments?", + "video": "https://www.youtube.com/watch?v=lEXwtkJqlx4&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-" + }, + { + "id": "1.2", + "name": "A Methodology for Assessments", + "video": "https://www.youtube.com/watch?v=lbcj7Av1BM0&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=15" + }, + { + "id": "1.3", + "name": "Framing an Assessment", + "video": "https://www.youtube.com/watch?v=TGDIQpWu8P8&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=14" + }, + { + "id": "1.4", + "name": "Scoping an Assessment", + "video": "https://www.youtube.com/watch?v=5vKyFv-2yhY&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=13" + } + ] + }, + "module2": { + "module": "MODULE 2", + "short_name": "Module 2: Analyzing SOC Components with ATT&CK", + "id": "mod2", + "name": "Analyzing SOC Components with ATT&CK", + "video": "https://www.youtube.com/watch?v=TFgO_6pO0ww&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=12", + "exercises": [], + "lessons": [ + { + "id": "2.1", + "name": "Setting a Coverage Rubric", + "video": "https://www.youtube.com/watch?v=TFgO_6pO0ww&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=12" + }, + { + "id": "2.2", + "name": "Working with Data Sources Part 1", + "video": "https://www.youtube.com/watch?v=O-P7tZHl-gM&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=11" + }, + { + "id": "2.3", + "name": "Working with Data Sources Part 2", + "video": "https://www.youtube.com/watch?v=TAyUZzPo8tg&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=10" + }, + { + "id": "2.4", + "name": "Analyzing Analytics", + "video": "https://www.youtube.com/watch?v=ZevuFdf-_Bc&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=9" + }, + { + "id": "2.5", + "name": "Breaking Down Tools", + "video": "https://www.youtube.com/watch?v=ZNhXIvJbLhM&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=8" + } + ] + }, + "module3": { + "module": "MODULE 3", + "short_name": "Module 3: Synthesizing SOC Assessments", + "id": "mod3", + "name": "Synthesizing SOC Assessments", + "video": "https://www.youtube.com/watch?v=B_IDPp5STBY&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=7", + "exercises": [], + "lessons": [ + { + "id": "3.1", + "name": "Interviewing Staff", + "video": "https://www.youtube.com/watch?v=LLURz7RLNPQ&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=6" + }, + { + "id": "3.2", + "name": "Communicating with ATT&CK", + "video": "https://www.youtube.com/watch?v=pVj437kBM9I&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=5" + }, + { + "id": "3.3", + "name": "Compiling a Final Heatmap Part 1", + "video": "https://www.youtube.com/watch?v=xR8xAdTg9UQ&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=4" + }, + { + "id": "3.4", + "name": "Compiling a Final Heatmap Part 2", + "video": "https://www.youtube.com/watch?v=dA4sCMJyync&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=3" + }, + { + "id": "3.5", + "name": "Proposing Recommendations Part 1", + "video": "https://www.youtube.com/watch?v=Uf0zlRzZsS0&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=2" + }, + { + "id": "3.6", + "name": "Proposing Recommendations Part 2", + "video": "https://www.youtube.com/watch?v=wcNBemEyr1M&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=1" + } + ] + } + }, + "threat_hunting": { + "module1": { + "module": "MODULE 1", + "short_name": "Module 1: Threat Hunting Fundamentals", + "id": "mod1", + "name": "Threat Hunting Fundamentals", + "video": "https://www.youtube.com/watch?v=zSVnJWV5kpE&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd", + "exercises": [], + "lessons": [ + { + "id": "1.1", + "name": "Threat Hunting and Detection Engineering - Fundamentals Part 1", + "video": "https://www.youtube.com/watch?v=zSVnJWV5kpE&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd" + }, + { + "id": "1.2", + "name": "Threat Hunting and Detection Engineering - Fundamentals Part 2", + "video": "https://www.youtube.com/watch?v=DsD9iXB8wJg&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=2" + }, + { + "id": "1.3", + "name": "Threat Hunting and Detection Engineering - Fundamentals Part 3", + "video": "https://www.youtube.com/watch?v=emzUhkiXM0g&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=3" + }, + { + "id": "1.4", + "name": "Threat Hunting and Detection Engineering - Fundamentals Part 4", + "video": "https://www.youtube.com/watch?v=-IPD2vRhq3k&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=4" + }, + { + "id": "1.5", + "name": "Threat Hunting and Detection Engineering - Fundamentals Part 5", + "video": "https://www.youtube.com/watch?v=9KhSRm1sxnY&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=5" + } + ] + }, + "module2": { + "module": "MODULE 2", + "short_name": "Module 2: Developing Hypotheses & Abstract Analysis", + "id": "mod2", + "name": "Developing Hypotheses & Abstract Analysis", + "video": "https://www.youtube.com/watch?v=fccC9koH4ak&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=6", + "exercises": [], + "lessons": [ + { + "id": "2.1", + "name": "Threat Hunting and Detection Engineering - Hypotheses Part 1", + "video": "https://www.youtube.com/watch?v=fccC9koH4ak&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=6" + }, + { + "id": "2.2", + "name": "Threat Hunting and Detection Engineering - Hypotheses Part 2", + "video": "https://www.youtube.com/watch?v=YfEu3TJo2SU&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=7" + }, + { + "id": "2.3", + "name": "Threat Hunting and Detection Engineering - Hypotheses Part 3", + "video": "https://www.youtube.com/watch?v=UUu1fnAFViQ&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=8" + }, + { + "id": "2.4", + "name": "Threat Hunting and Detection Engineering - Hypotheses Part 4", + "video": "https://www.youtube.com/watch?v=JUKFnMtfIqs&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=9" + }, + { + "id": "2.5", + "name": "Threat Hunting and Detection Engineering - Hypotheses Part 5", + "video": "https://www.youtube.com/watch?v=qPkGHYq7Dek&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=10" + }, + { + "id": "2.6", + "name": "Threat Hunting and Detection Engineering - Hypotheses Part 6", + "video": "https://www.youtube.com/watch?v=-X65d8lkk3Y&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=11" + }, + { + "id": "2.7", + "name": "Threat Hunting and Detection Engineering - Hypotheses Part 7", + "video": "https://www.youtube.com/watch?v=qoQXyc88yYA&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=12" + }, + { + "id": "2.8", + "name": "Threat Hunting and Detection Engineering - Hypotheses Part 8", + "video": "https://www.youtube.com/watch?v=3PMmdV3zD2w&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=13" + } + ] + }, + "module3": { + "module": "MODULE 3", + "short_name": "Module 3: Determing Data Requirements", + "id": "mod3", + "name": "Determing Data Requirements", + "video": "https://www.youtube.com/watch?v=DbbiEPDeNXs&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=14", + "exercises": [], + "lessons": [ + { + "id": "3.1", + "name": "Threat Hunting and Detection Engineering - Data Requirements Part 1", + "video": "https://www.youtube.com/watch?v=DbbiEPDeNXs&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=14" + }, + { + "id": "3.2", + "name": "Threat Hunting and Detection Engineering - Data Requirements Part 2", + "video": "https://www.youtube.com/watch?v=WdDG2olS-Eo&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=15" + }, + { + "id": "3.3", + "name": "Threat Hunting and Detection Engineering - Data Requirements Part 3", + "video": "https://www.youtube.com/watch?v=gRtf15ITfNw&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=16" + } + ] + }, + "module4": { + "module": "MODULE 4", + "short_name": "Module 4: Identify and Mitigate Data Collection Gaps", + "id": "mod4", + "name": "Identify and Mitigate Data Collection Gaps", + "video": "https://www.youtube.com/watch?v=_rNG-EiPasM&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=17", + "exercises": [], + "lessons": [ + { + "id": "4.1", + "name": "Threat Hunting and Detection Engineering - Addressing Data Collection Gaps Part 1", + "video": "https://www.youtube.com/watch?v=_rNG-EiPasM&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=17" + }, + { + "id": "4.2", + "name": "Threat Hunting and Detection Engineering - Addressing Data Collection Gaps Part 2", + "video": "https://www.youtube.com/watch?v=ulNVHpR-VL8&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=18" + }, + { + "id": "4.3", + "name": "Threat Hunting and Detection Engineering - Addressing Data Collection Gaps Part 3", + "video": "https://www.youtube.com/watch?v=gKYOOOXbteU&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=19" + }, + { + "id": "4.4", + "name": "Threat Hunting and Detection Engineering - Addressing Data Collection Gaps Part 4", + "video": "https://www.youtube.com/watch?v=K7qE1mkdJA8&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=20" + }, + { + "id": "4.5", + "name": "Threat Hunting and Detection Engineering - Addressing Data Collection Gaps Part 5", + "video": "https://www.youtube.com/watch?v=MraslvoUe6w&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=21" + }, + { + "id": "4.6", + "name": "Threat Hunting and Detection Engineering - Addressing Data Collection Gaps Part 6", + "video": "https://www.youtube.com/watch?v=Gx9z9-5qx-0&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=22" + } + ] + }, + "module5": { + "module": "MODULE 5", + "short_name": "Module 5: Implement and Test Analytics", + "id": "mod5", + "name": "Implement and Test Analytics", + "video": "https://www.youtube.com/watch?v=gc3QcPdZaQU&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=23", + "exercises": [], + "lessons": [ + { + "id": "5.1", + "name": "Threat Hunting and Detection Engineering - Tuning Analytics Part 1", + "video": "https://www.youtube.com/watch?v=gc3QcPdZaQU&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=23" + }, + { + "id": "5.2", + "name": "Threat Hunting and Detection Engineering - Tuning Analytics Part 2", + "video": "https://www.youtube.com/watch?v=j8W-ABrQnLo&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=24" + }, + { + "id": "5.3", + "name": "Threat Hunting and Detection Engineering - Tuning Analytics Part 3", + "video": "https://www.youtube.com/watch?v=RRdeMIRj6S0&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=25" + }, + { + "id": "5.4", + "name": "Threat Hunting and Detection Engineering - Tuning Analytics Part 4", + "video": "https://www.youtube.com/watch?v=4v0P2ZQjaGo&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=26" + }, + { + "id": "5.5", + "name": "Threat Hunting and Detection Engineering - Tuning Analytics Part 5", + "video": "https://www.youtube.com/watch?v=G4o6p1PVPrk&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=27" + }, + { + "id": "5.6", + "name": "Threat Hunting and Detection Engineering - Tuning Analytics Part 6", + "video": "https://www.youtube.com/watch?v=TuNKYP3Dz20&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=28" + } + ] + }, + "module6": { + "module": "MODULE 6", + "short_name": "Module 6: Hunt and Investigation", + "id": "mod6", + "name": "Hunt and Investigation", + "video": "https://www.youtube.com/watch?v=jtBnbpi7q1s&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=29", + "exercises": [], + "lessons": [ + { + "id": "6.1", + "name": "Threat Hunting and Detection Engineering - Application Part 1", + "video": "https://www.youtube.com/watch?v=jtBnbpi7q1s&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=29" + }, + { + "id": "6.2", + "name": "Threat Hunting and Detection Engineering - Application Part 2", + "video": "https://www.youtube.com/watch?v=gdyk9bDeLDo&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=30" + }, + { + "id": "6.3", + "name": "Threat Hunting and Detection Engineering - Application Part 3", + "video": "https://www.youtube.com/watch?v=u3m-JRT0ItU&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=31" + }, + { + "id": "6.4", + "name": "Threat Hunting and Detection Engineering - Application Part 4", + "video": "https://www.youtube.com/watch?v=E6F_mhOGex8&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=32" + }, + { + "id": "6.5", + "name": "Threat Hunting and Detection Engineering - Application Part 5", + "video": "https://www.youtube.com/watch?v=K0_5lhzKuKU&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=33" + }, + { + "id": "6.6", + "name": "Threat Hunting and Detection Engineering - Application Part 6", + "video": "https://www.youtube.com/watch?v=XiwOVAi7qxA&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=34" + }, + { + "id": "6.7", + "name": "Threat Hunting and Detection Engineering - Application Part 7", + "video": "https://www.youtube.com/watch?v=5Kg2pLvpe-c&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=35" + }, + { + "id": "6.8", + "name": "Threat Hunting and Detection Engineering - Application Part 8", + "video": "https://www.youtube.com/watch?v=T-_ELI3CYOY&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=36" + } + ] + } + }, + "detection_engineering": { + "module1": { + "module": "MODULE 1", + "short_name": "Module 1: ATT&CK Detection Engineering: T1134.001 (Token Impersonation and Theft)", + "id": "mod1", + "name": "ATT&CK Detection Engineering: T1134.001 (Token Impersonation and Theft)", + "video": "https://www.youtube.com/watch?v=pZ3hzeBi-Ek&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY", + "exercises": [], + "lessons": [ + { + "id": "1.1", + "name": "Introduction", + "video": "https://www.youtube.com/watch?v=pZ3hzeBi-Ek&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY" + }, + { + "id": "1.2", + "name": "Researching Token Impersonation and Theft", + "video": "https://www.youtube.com/watch?v=dcVSr598TrY&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY&index=2" + }, + { + "id": "1.3", + "name": "Testing and Emulation", + "video": "https://www.youtube.com/watch?v=Z77TpfqDWHs&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY&index=3" + }, + { + "id": "1.4", + "name": "Analyzing Testing Results: ImpersonateLoggedOnUser", + "video": "https://www.youtube.com/watch?v=_OGmeVP0azU&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY&index=4" + }, + { + "id": "1.5", + "name": "Analyzing Testing Results: SetThreadToken", + "video": "https://www.youtube.com/watch?v=qyS4eS3_ByE&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY&index=5" + }, + { + "id": "1.6", + "name": "Building Analytics", + "video": "https://www.youtube.com/watch?v=g1h3hOEMdQk&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY&index=6" + }, + { + "id": "1.7", + "name": "Sharing Results", + "video": "https://www.youtube.com/watch?v=Q0buPVyGh_o&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY&index=7" + }, + { + "id": "1.8", + "name": "Conclusion", + "video": "https://www.youtube.com/watch?v=OiWJ6VLJRz8&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY&index=8" + } + ] + } } } \ No newline at end of file diff --git a/modules/resources/resources.py b/modules/resources/resources.py index 91d686691dc..9ea8627c39e 100644 --- a/modules/resources/resources.py +++ b/modules/resources/resources.py @@ -87,6 +87,7 @@ def generate_training_pages(): # load training data with open(os.path.join(site_config.data_directory, "trainings.json"), "r", encoding="utf8") as f: trainings = json.load(f) + print(trainings) # get markdown training_md = resources_config.training_md @@ -101,6 +102,55 @@ def generate_training_pages(): # write markdown to file with open(os.path.join(site_config.resources_markdown_path, "training_cti.md"), "w", encoding="utf8") as md_file: md_file.write(training_cti_md) + + # Purple teaming fundamentals training + training_purple_teaming_fundamentals_md = resources_config.training_purple_teaming_fundamentals_md + json.dumps(trainings) + + # write markdown to file + with open(os.path.join(site_config.resources_markdown_path, "training_purple_teaming_fundamentals.md"), "w", encoding="utf8") as md_file: + md_file.write(training_purple_teaming_fundamentals_md) + + # ATT&CK fundamentals training + training_attack_fundamentals_md = resources_config.training_attack_fundamentals_md + json.dumps(trainings) + + # write markdown to file + with open(os.path.join(site_config.resources_markdown_path, "training_attack_fundamentals.md"), "w", encoding="utf8") as md_file: + md_file.write(training_attack_fundamentals_md) + + # ATT&CK adversary emulation training + training_adversary_emulation_md = resources_config.training_adversary_emulation_md + json.dumps(trainings) + + # write markdown to file + with open(os.path.join(site_config.resources_markdown_path, "training_adversary_emulation.md"), "w", encoding="utf8") as md_file: + md_file.write(training_adversary_emulation_md) + + # ATT&CK access tokens technical primer training + training_access_tokens_md = resources_config.training_access_tokens_md + json.dumps(trainings) + + # write markdown to file + with open(os.path.join(site_config.resources_markdown_path, "training_access_tokens.md"), "w", encoding="utf8") as md_file: + md_file.write(training_access_tokens_md) + + # ATT&CK soc assessments training + training_soc_assessments_md = resources_config.training_soc_assessments_md + json.dumps(trainings) + + # write markdown to file + with open(os.path.join(site_config.resources_markdown_path, "training_soc_assessments.md"), "w", encoding="utf8") as md_file: + md_file.write(training_soc_assessments_md) + + # ATT&CK threat hunting training + training_threat_hunting_md = resources_config.training_threat_hunting_md + json.dumps(trainings) + + # write markdown to file + with open(os.path.join(site_config.resources_markdown_path, "training_threat_hunting.md"), "w", encoding="utf8") as md_file: + md_file.write(training_threat_hunting_md) + + # ATT&CK detection engineering training + training_detection_engineering_md = resources_config.training_detection_engineering_md + json.dumps(trainings) + + # write markdown to file + with open(os.path.join(site_config.resources_markdown_path, "training_detection_engineering.md"), "w", encoding="utf8") as md_file: + md_file.write(training_detection_engineering_md) def generate_brand_page(): diff --git a/modules/resources/resources_config.py b/modules/resources/resources_config.py index a061ab5f4e0..8a46608b937 100644 --- a/modules/resources/resources_config.py +++ b/modules/resources/resources_config.py @@ -26,6 +26,55 @@ "data: " ) +training_purple_teaming_fundamentals_md = ( + "Title: ATT&CK For Purple Teaming Fundamentals Training\n" + "Template: resources/training-purple-teaming-fundamentals\n" + "save_as: resources/learn-more-about-attack/training/purple-teaming-fundamentals/index.html\n" + "data: " +) + +training_attack_fundamentals_md = ( + "Title: ATT&CK Fundamentals Training\n" + "Template: resources/training-attack-fundamentals\n" + "save_as: resources/learn-more-about-attack/training/attack-fundamentals/index.html\n" + "data: " +) + +training_adversary_emulation_md = ( + "Title: ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft)\n" + "Template: resources/training-adversary-emulation\n" + "save_as: resources/learn-more-about-attack/training/adversary-emulation/index.html\n" + "data: " +) + +training_access_tokens_md = ( + "Title: Access Tokens Technical Primer\n" + "Template: resources/training-access-tokens\n" + "save_as: resources/learn-more-about-attack/training/access-tokens/index.html\n" + "data: " +) + +training_soc_assessments_md = ( + "Title: Overview of ATT&CK Based SOC Assessments\n" + "Template: resources/training-soc-assessments\n" + "save_as: resources/learn-more-about-attack/training/soc-assessments/index.html\n" + "data: " +) + +training_threat_hunting_md = ( + "Title: TTP-Based Threat Hunting and Detection Engineering\n" + "Template: resources/training-threat-hunting\n" + "save_as: resources/learn-more-about-attack/training/threat-hunting/index.html\n" + "data: " +) + +training_detection_engineering_md = ( + "Title: ATT&CK Detection Engineering\n" + "Template: resources/training-detection-engineering\n" + "save_as: resources/learn-more-about-attack/training/detection-engineering/index.html\n" + "data: " +) + # FAQ md faq_md = ( "Title: Frequently Asked Questions\n" diff --git a/modules/resources/templates/training-access-tokens.html b/modules/resources/templates/training-access-tokens.html new file mode 100644 index 00000000000..7b5618f6303 --- /dev/null +++ b/modules/resources/templates/training-access-tokens.html @@ -0,0 +1,126 @@ +{% extends "general/two-column.html" %} +{% set active_page = "resources" -%} +{% set title = "ATT&CK Access Tokens Technical Primer | MITRE ATT&CK®" -%} +{% set parsed = page.data | from_json %} +{% import 'macros/navigation.html' as navigation %} + +{% block innerleft %} + +{% endblock %} + +{% block innerright %} + + + +
+
+
+
+
+
+ Jump to Section + +
+
+
+

ATT&CK Access Tokens Technical Primer Training

+
+

Modules

+
+ {% for training in parsed.access_tokens.values() %} +
+
+
+
+
+ {{ training.name }} +
{{ training.module }}
+
+
+
+ + + + {% if "slides" in training %} + + + + {% endif %} +
+
+
+ + {% for exercise in training.exercises %} +
+ {{ exercise.name }} + +
+ {% for resource in exercise.resources %} +
+ {{ resource.name }} + {% for link in resource.links %} + + {% endfor %} +
+ {% endfor %} +
+
+ {% endfor %} +
+
+ {% endfor %} +
+
+
+
+
+ + +{% endblock %} {% block scripts %} {{ super() }} + + +{% endblock %} +
\ No newline at end of file diff --git a/modules/resources/templates/training-adversary-emulation.html b/modules/resources/templates/training-adversary-emulation.html new file mode 100644 index 00000000000..dc1c87df37b --- /dev/null +++ b/modules/resources/templates/training-adversary-emulation.html @@ -0,0 +1,126 @@ +{% extends "general/two-column.html" %} +{% set active_page = "resources" -%} +{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%} +{% set parsed = page.data | from_json %} +{% import 'macros/navigation.html' as navigation %} + +{% block innerleft %} + +{% endblock %} + +{% block innerright %} + + + +
+
+
+
+
+
+ Jump to Section + +
+
+
+

ATT&CK Adversary Emulation Training

+
+

Modules

+
+ {% for training in parsed.adversary_emulation.values() %} +
+
+
+
+
+ {{ training.name }} +
{{ training.module }}
+
+
+
+ + + + {% if "slides" in training %} + + + + {% endif %} +
+
+
+ + {% for exercise in training.exercises %} +
+ {{ exercise.name }} + +
+ {% for resource in exercise.resources %} +
+ {{ resource.name }} + {% for link in resource.links %} + + {% endfor %} +
+ {% endfor %} +
+
+ {% endfor %} +
+
+ {% endfor %} +
+
+
+
+
+ + +{% endblock %} {% block scripts %} {{ super() }} + + +{% endblock %} +
\ No newline at end of file diff --git a/modules/resources/templates/training-attack-fundamentals.html b/modules/resources/templates/training-attack-fundamentals.html new file mode 100644 index 00000000000..7baf96f8e41 --- /dev/null +++ b/modules/resources/templates/training-attack-fundamentals.html @@ -0,0 +1,126 @@ +{% extends "general/two-column.html" %} +{% set active_page = "resources" -%} +{% set title = "ATT&CK Fundamentals | MITRE ATT&CK®" -%} +{% set parsed = page.data | from_json %} +{% import 'macros/navigation.html' as navigation %} + +{% block innerleft %} + +{% endblock %} + +{% block innerright %} + + + +
+
+
+
+
+
+ Jump to Section + +
+
+
+

ATT&CK Fundamentals Training

+
+

Modules

+
+ {% for training in parsed.attack_fundamentals.values() %} +
+
+
+
+
+ {{ training.name }} +
{{ training.module }}
+
+
+
+ + + + {% if "slides" in training %} + + + + {% endif %} +
+
+
+ + {% for exercise in training.exercises %} +
+ {{ exercise.name }} + +
+ {% for resource in exercise.resources %} +
+ {{ resource.name }} + {% for link in resource.links %} + + {% endfor %} +
+ {% endfor %} +
+
+ {% endfor %} +
+
+ {% endfor %} +
+
+
+
+
+ + +{% endblock %} {% block scripts %} {{ super() }} + + +{% endblock %} + \ No newline at end of file diff --git a/modules/resources/templates/training-detection-engineering.html b/modules/resources/templates/training-detection-engineering.html new file mode 100644 index 00000000000..038f679c71d --- /dev/null +++ b/modules/resources/templates/training-detection-engineering.html @@ -0,0 +1,126 @@ +{% extends "general/two-column.html" %} +{% set active_page = "resources" -%} +{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%} +{% set parsed = page.data | from_json %} +{% import 'macros/navigation.html' as navigation %} + +{% block innerleft %} + +{% endblock %} + +{% block innerright %} + + + +
+
+
+
+
+
+ Jump to Section + +
+
+
+

ATT&CK Detection Engineering Training

+
+

Modules

+
+ {% for training in parsed.detection_engineering.values() %} +
+
+
+
+
+ {{ training.name }} +
{{ training.module }}
+
+
+
+ + + + {% if "slides" in training %} + + + + {% endif %} +
+
+
+ + {% for exercise in training.exercises %} +
+ {{ exercise.name }} + +
+ {% for resource in exercise.resources %} +
+ {{ resource.name }} + {% for link in resource.links %} + + {% endfor %} +
+ {% endfor %} +
+
+ {% endfor %} +
+
+ {% endfor %} +
+
+
+
+
+ + +{% endblock %} {% block scripts %} {{ super() }} + + +{% endblock %} + \ No newline at end of file diff --git a/modules/resources/templates/training-purple-teaming-fundamentals.html b/modules/resources/templates/training-purple-teaming-fundamentals.html new file mode 100644 index 00000000000..42707085722 --- /dev/null +++ b/modules/resources/templates/training-purple-teaming-fundamentals.html @@ -0,0 +1,119 @@ +{% extends "general/two-column.html" %} +{% set active_page = "resources" -%} +{% set title = "Using ATT&CK for Purple Teaming | MITRE ATT&CK®" -%} +{% set parsed = page.data | from_json %} +{% import 'macros/navigation.html' as navigation %} + +{% block innerleft %} + +{% endblock %} + +{% block innerright %} + + + +
+
+
+
+
+
+ Jump to Section +
    + {% for training in parsed.purple_teaming_fundamentals.values() %} +
  • + {{training.short_name}} +
  • + {% endfor %} +
+
+
+
+

Purple Teaming Fundamentals Training

+
+

Modules

+
+ {% for training in parsed.purple_teaming_fundamentals.values() %} +
+
+
+
+
+ {{ training.name }} +
{{ training.module }}
+
+
+
+ + + + {% if "slides" in training %} + + + + {% endif %} +
+
+
+ {% for exercise in training.exercises %} +
+ {{ exercise.name }} + +
+ {% for resource in exercise.resources %} +
+ {{ resource.name }} + {% for link in resource.links %} + + {% endfor %} +
+ {% endfor %} +
+
+ {% endfor %} +
+
+ {% endfor %} +
+
+
+
+
+ + +{% endblock %} {% block scripts %} {{ super() }} + + +{% endblock %} + \ No newline at end of file diff --git a/modules/resources/templates/training-soc-assessments.html b/modules/resources/templates/training-soc-assessments.html new file mode 100644 index 00000000000..e639abc6953 --- /dev/null +++ b/modules/resources/templates/training-soc-assessments.html @@ -0,0 +1,126 @@ +{% extends "general/two-column.html" %} +{% set active_page = "resources" -%} +{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%} +{% set parsed = page.data | from_json %} +{% import 'macros/navigation.html' as navigation %} + +{% block innerleft %} + +{% endblock %} + +{% block innerright %} + + + +
+
+
+
+
+
+ Jump to Section + +
+
+
+

ATT&CK Based SOC Assessments Training

+
+

Modules

+
+ {% for training in parsed.soc_assessments.values() %} +
+
+
+
+
+ {{ training.name }} +
{{ training.module }}
+
+
+
+ + + + {% if "slides" in training %} + + + + {% endif %} +
+
+
+ + {% for exercise in training.exercises %} +
+ {{ exercise.name }} + +
+ {% for resource in exercise.resources %} +
+ {{ resource.name }} + {% for link in resource.links %} + + {% endfor %} +
+ {% endfor %} +
+
+ {% endfor %} +
+
+ {% endfor %} +
+
+
+
+
+ + +{% endblock %} {% block scripts %} {{ super() }} + + +{% endblock %} + \ No newline at end of file diff --git a/modules/resources/templates/training-threat-hunting.html b/modules/resources/templates/training-threat-hunting.html new file mode 100644 index 00000000000..1e7b8751069 --- /dev/null +++ b/modules/resources/templates/training-threat-hunting.html @@ -0,0 +1,126 @@ +{% extends "general/two-column.html" %} +{% set active_page = "resources" -%} +{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%} +{% set parsed = page.data | from_json %} +{% import 'macros/navigation.html' as navigation %} + +{% block innerleft %} + +{% endblock %} + +{% block innerright %} + + + +
+
+
+
+
+
+ Jump to Section + +
+
+
+

TTP-Based Threat Hunting and Detection Engineering Training

+
+

Modules

+
+ {% for training in parsed.threat_hunting.values() %} +
+
+
+
+
+ {{ training.name }} +
{{ training.module }}
+
+
+
+ + + + {% if "slides" in training %} + + + + {% endif %} +
+
+
+ + {% for exercise in training.exercises %} +
+ {{ exercise.name }} + +
+ {% for resource in exercise.resources %} +
+ {{ resource.name }} + {% for link in resource.links %} + + {% endfor %} +
+ {% endfor %} +
+
+ {% endfor %} +
+
+ {% endfor %} +
+
+
+
+
+ + +{% endblock %} {% block scripts %} {{ super() }} + + +{% endblock %} + \ No newline at end of file From 916f49be6e772cfbe001cae46318a596697e66d1 Mon Sep 17 00:00:00 2001 From: Charissa Miller <48832936+clemiller@users.noreply.github.com> Date: Thu, 27 Jun 2024 12:41:44 -0400 Subject: [PATCH 08/19] typo --- modules/resources/templates/training-cti.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/resources/templates/training-cti.html b/modules/resources/templates/training-cti.html index 0f5f420b3f4..3c3ac1e8bfe 100644 --- a/modules/resources/templates/training-cti.html +++ b/modules/resources/templates/training-cti.html @@ -61,7 +61,7 @@

CTI Trainings

A copy of all slides from the training are here.

- Note:This training assumes an existing knowledge of ATT&CK and its primary concepts. We recommend reviewing the content from our ATT&CK Fundimentals Training before taking this training. + Note:This training assumes an existing knowledge of ATT&CK and its primary concepts. We recommend reviewing the content from our ATT&CK Fundamentals Training before taking this training.

Note: The exercises in this training are based on a previous version of ATT&CK. We suggest using ATT&CK v8 and ATT&CK Navigator with ATT&CK v8 if you want exercise results to exactly match the training. From 9de55c5ca0be688d7229c2b14a91f1fffcec00fd Mon Sep 17 00:00:00 2001 From: Charissa Miller <48832936+clemiller@users.noreply.github.com> Date: Thu, 27 Jun 2024 12:41:57 -0400 Subject: [PATCH 09/19] move modules to lessons --- data/trainings.json | 67 +++++++++---------- .../training-purple-teaming-fundamentals.html | 7 ++ 2 files changed, 38 insertions(+), 36 deletions(-) diff --git a/data/trainings.json b/data/trainings.json index 99b9f37b4f3..b43822ab620 100644 --- a/data/trainings.json +++ b/data/trainings.json @@ -188,45 +188,40 @@ } }, "purple_teaming_fundamentals": { - "module0": { - "module": "MODULE 0", - "short_name": "Module 0: Introduction", - "id": "mod0", - "name": "Introduction to Purple Teaming", - "video": "https://www.youtube.com/watch?v=CLkePP4aqL8&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n", - "exercises": [] - }, "module1": { "module": "MODULE 1", - "short_name": "Module 1: Planning", + "short_name": "Module 1: Introduction", "id": "mod1", - "name": "Planning", - "video": "https://www.youtube.com/watch?v=N2zwLZjhayw&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=2", - "exercises": [] - }, - "module2": { - "module": "MODULE 2", - "short_name": "Module 2: Execution", - "id": "mod2", - "name": "Execution", - "video": "https://www.youtube.com/watch?v=NAeUmsgurT8&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=3", - "exercises": [] - }, - "module3": { - "module": "MODULE 3", - "short_name": "Module 3: Follow-Up", - "id": "mod3", - "name": "Follow-Up", - "video": "https://www.youtube.com/watch?v=QqjiCfRM6k0&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=4", - "exercises": [] - }, - "module4": { - "module": "MODULE 4", - "short_name": "Module 4: Example", - "id": "mod4", - "name": "Example", - "video": "https://www.youtube.com/watch?v=OLxtDojHBHg&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=5", - "exercises": [] + "name": "Purple Teaming Fundamentals", + "video": "https://www.youtube.com/watch?v=CLkePP4aqL8&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n", + "exercises": [], + "lessons": [ + { + "id": "1.1", + "name": "Introduction to Purple Teaming", + "video": "https://www.youtube.com/watch?v=CLkePP4aqL8&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n" + }, + { + "id": "1.2", + "name": "Planning", + "video": "https://www.youtube.com/watch?v=N2zwLZjhayw&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=2" + }, + { + "id": "1.3", + "name": "Execution", + "video": "https://www.youtube.com/watch?v=NAeUmsgurT8&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=3" + }, + { + "id": "1.4", + "name": "Follow-Up", + "video": "https://www.youtube.com/watch?v=QqjiCfRM6k0&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=4" + }, + { + "id": "1.5", + "name": "Example", + "video": "https://www.youtube.com/watch?v=OLxtDojHBHg&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=5" + } + ] } }, "attack_fundamentals": { diff --git a/modules/resources/templates/training-purple-teaming-fundamentals.html b/modules/resources/templates/training-purple-teaming-fundamentals.html index 42707085722..6d4a69b9035 100644 --- a/modules/resources/templates/training-purple-teaming-fundamentals.html +++ b/modules/resources/templates/training-purple-teaming-fundamentals.html @@ -75,6 +75,13 @@

Modules

+ {% for exercise in training.exercises %}
{{ exercise.name }} From 1e99da63a3b868c2a3e2df4a7a1107b5898b218c Mon Sep 17 00:00:00 2001 From: adpare Date: Mon, 15 Jul 2024 15:24:23 -0400 Subject: [PATCH 10/19] add attackcon to header --- modules/resources/__init__.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/modules/resources/__init__.py b/modules/resources/__init__.py index ca71b5d84d6..2a7d5b82f68 100644 --- a/modules/resources/__init__.py +++ b/modules/resources/__init__.py @@ -27,6 +27,12 @@ def get_menu(): "external_link": False, "children": [], }, + { + "display_name": "ATT&CKcon", + "url": "/resources/attackcon/", + "external_link": False, + "children": [] + }, { "display_name": "ATT&CK Data & Tools", "url": "/resources/attack-data-and-tools/", From f5bd5a8e18eb417d20e43ca2a51e63c47b738b25 Mon Sep 17 00:00:00 2001 From: adpare Date: Wed, 17 Jul 2024 16:57:51 -0400 Subject: [PATCH 11/19] added attackcon 5 --- data/attackcon.json | 7 ++++++ .../templates/attackcon-overview.html | 6 +++-- modules/resources/templates/attackcon.html | 25 +++++++++++-------- 3 files changed, 26 insertions(+), 12 deletions(-) diff --git a/data/attackcon.json b/data/attackcon.json index eea866476c3..3470c68b29a 100644 --- a/data/attackcon.json +++ b/data/attackcon.json @@ -1,4 +1,11 @@ [{ + "date": "October 2024", + "title": "ATT&CKcon 5.0", + "description": "

On October 22 and 23, 2024, join fellow cyber professionals at MITRE ATT&CK’s headquarters in McLean, VA for two days of programming, featuring knowledgeable speakers, engaging content, and meaningful collaboration, all designed to help you leverage the ATT&CK framework.

To visit the registration portal, click here

", + "sponsors_img_list": [], + "presentations": [] + }, + { "date": "October 2023", "title": "ATT&CKcon 4.0", "description": "We are thrilled and express our gratitude to everyone who participated in ATT&CKcon 4.0!

This year we were privileged to have another range of speakers who shared their unique insights and experiences, further enriching the knowledge pool of our ATT&CK community. We invite you to continue to watch and share these insightful talks!

Click here to explore the talks from ATT&CKcon 4.0 on our YouTube playlist!", diff --git a/modules/resources/templates/attackcon-overview.html b/modules/resources/templates/attackcon-overview.html index fce2942bbb5..5435b9938f1 100644 --- a/modules/resources/templates/attackcon-overview.html +++ b/modules/resources/templates/attackcon-overview.html @@ -21,9 +21,9 @@ {% set conID = "-".join(con.date.split(' ')) %}
{% if "sponsors_img_list" in con %} -

{{ con.title }} Presentations and Sponsors

+

{{ con.title }}

{% else %} -

{{ con.title }} Presentations

+

{{ con.title }}

{% endif %} {% set ifSponsor = "sponsors_img_list" in con %} @@ -43,6 +43,7 @@

{{ con.title }} Presentations

src="/theme/images/external-site-dark.jpeg" alt="External site" class="external-icon">

{% endif %}
+ {% if "banner_img" in con %}
Sponsors {% endif %}
+ {% endif %}
{% endblock %} diff --git a/modules/resources/templates/attackcon.html b/modules/resources/templates/attackcon.html index 8fb8f901e3e..0909c0a50d5 100644 --- a/modules/resources/templates/attackcon.html +++ b/modules/resources/templates/attackcon.html @@ -29,30 +29,35 @@

ATT&CKCon

Learn about future ATT&CKcons by keeping up with us at Engage with ATT&CK

- {{contact_card.render( + {{contact_card.render( + "ATT&CKcon 5.0", + "/resources/attackcon/october-2024/", + "October 22nd - 23rd, 2024
McLean, VA", + invert_icon=True)}} + {{contact_card.render( "ATT&CKcon 4.0", "/resources/attackcon/october-2023/", "October 24th - 25th, 2023
McLean, VA", invert_icon=True)}} - {{contact_card.render( + {{contact_card.render( "ATT&CKcon 3.0", "/resources/attackcon/march-2022/", "March 29th - 30th, 2022
McLean, VA", invert_icon=True)}} - {{contact_card.render( - "ATT&CKcon PowerHour", - "/resources/attackcon/october-2020/", - "October 2020 - January 2021
Virtual", - invert_icon=True)}}
+
- {{contact_card.render("ATT&CKcon 2.0", "/resources/attackcon/october-2019/", "October 29th - 30th, + {{contact_card.render( + "ATT&CKcon PowerHour", + "/resources/attackcon/october-2020/", + "October 2020 - January 2021
Virtual", + invert_icon=True)}} + {{contact_card.render("ATT&CKcon 2.0", "/resources/attackcon/october-2019/", "October 29th - 30th, 2019
McLean, VA", invert_icon=True)}} - {{contact_card.render("ATT&CKcon 2018", "/resources/attackcon/october-2018/", "October 23rd - 24th, + {{contact_card.render("ATT&CKcon 2018", "/resources/attackcon/october-2018/", "October 23rd - 24th, 2018
McLean, VA", invert_icon=True)}} -
From 698fa96fa8aaec65392e37685ebccb40988d80f6 Mon Sep 17 00:00:00 2001 From: Jared Ondricek Date: Wed, 17 Jul 2024 16:04:00 -0500 Subject: [PATCH 12/19] Update titles --- modules/resources/templates/training-access-tokens.html | 2 +- modules/resources/templates/training-adversary-emulation.html | 2 +- modules/resources/templates/training-attack-fundamentals.html | 4 ++-- modules/resources/templates/training-cti.html | 4 ++-- .../resources/templates/training-detection-engineering.html | 2 +- .../templates/training-purple-teaming-fundamentals.html | 4 ++-- modules/resources/templates/training-soc-assessments.html | 2 +- modules/resources/templates/training-threat-hunting.html | 2 +- 8 files changed, 11 insertions(+), 11 deletions(-) diff --git a/modules/resources/templates/training-access-tokens.html b/modules/resources/templates/training-access-tokens.html index 7b5618f6303..27149ec8a5d 100644 --- a/modules/resources/templates/training-access-tokens.html +++ b/modules/resources/templates/training-access-tokens.html @@ -1,6 +1,6 @@ {% extends "general/two-column.html" %} {% set active_page = "resources" -%} -{% set title = "ATT&CK Access Tokens Technical Primer | MITRE ATT&CK®" -%} +{% set title = "ATT&CK Access Tokens Technical Primer Training | MITRE ATT&CK®" -%} {% set parsed = page.data | from_json %} {% import 'macros/navigation.html' as navigation %} diff --git a/modules/resources/templates/training-adversary-emulation.html b/modules/resources/templates/training-adversary-emulation.html index dc1c87df37b..8015dadad75 100644 --- a/modules/resources/templates/training-adversary-emulation.html +++ b/modules/resources/templates/training-adversary-emulation.html @@ -1,6 +1,6 @@ {% extends "general/two-column.html" %} {% set active_page = "resources" -%} -{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%} +{% set title = "ATT&CK Adversary Emulation Training | MITRE ATT&CK®" -%} {% set parsed = page.data | from_json %} {% import 'macros/navigation.html' as navigation %} diff --git a/modules/resources/templates/training-attack-fundamentals.html b/modules/resources/templates/training-attack-fundamentals.html index 7baf96f8e41..03ca2014e65 100644 --- a/modules/resources/templates/training-attack-fundamentals.html +++ b/modules/resources/templates/training-attack-fundamentals.html @@ -1,6 +1,6 @@ {% extends "general/two-column.html" %} {% set active_page = "resources" -%} -{% set title = "ATT&CK Fundamentals | MITRE ATT&CK®" -%} +{% set title = "ATT&CK Fundamentals Training | MITRE ATT&CK®" -%} {% set parsed = page.data | from_json %} {% import 'macros/navigation.html' as navigation %} @@ -15,7 +15,7 @@ - +
diff --git a/modules/resources/templates/training-cti.html b/modules/resources/templates/training-cti.html index 3c3ac1e8bfe..96807720386 100644 --- a/modules/resources/templates/training-cti.html +++ b/modules/resources/templates/training-cti.html @@ -1,6 +1,6 @@ {% extends "general/two-column.html" %} {% set active_page = "resources" -%} -{% set title = "Using ATT&CK for CTI Training | MITRE ATT&CK®" -%} +{% set title = "CTI Training | MITRE ATT&CK®" -%} {% set parsed = page.data | from_json %} {% import 'macros/navigation.html' as navigation %} @@ -35,7 +35,7 @@
-

CTI Trainings

+

CTI Training

The goal of this training is for students to understand the following:

diff --git a/modules/resources/templates/training-detection-engineering.html b/modules/resources/templates/training-detection-engineering.html index 038f679c71d..7bd53a6fee7 100644 --- a/modules/resources/templates/training-detection-engineering.html +++ b/modules/resources/templates/training-detection-engineering.html @@ -1,6 +1,6 @@ {% extends "general/two-column.html" %} {% set active_page = "resources" -%} -{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%} +{% set title = "ATT&CK Detection Engineering Training | MITRE ATT&CK®" -%} {% set parsed = page.data | from_json %} {% import 'macros/navigation.html' as navigation %} diff --git a/modules/resources/templates/training-purple-teaming-fundamentals.html b/modules/resources/templates/training-purple-teaming-fundamentals.html index 6d4a69b9035..20504611fbc 100644 --- a/modules/resources/templates/training-purple-teaming-fundamentals.html +++ b/modules/resources/templates/training-purple-teaming-fundamentals.html @@ -1,6 +1,6 @@ {% extends "general/two-column.html" %} {% set active_page = "resources" -%} -{% set title = "Using ATT&CK for Purple Teaming | MITRE ATT&CK®" -%} +{% set title = "Purple Teaming Fundamentals Training | MITRE ATT&CK®" -%} {% set parsed = page.data | from_json %} {% import 'macros/navigation.html' as navigation %} @@ -15,7 +15,7 @@ - +
diff --git a/modules/resources/templates/training-soc-assessments.html b/modules/resources/templates/training-soc-assessments.html index e639abc6953..03c99325eba 100644 --- a/modules/resources/templates/training-soc-assessments.html +++ b/modules/resources/templates/training-soc-assessments.html @@ -1,6 +1,6 @@ {% extends "general/two-column.html" %} {% set active_page = "resources" -%} -{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%} +{% set title = "ATT&CK Based SOC Assessments Training | MITRE ATT&CK®" -%} {% set parsed = page.data | from_json %} {% import 'macros/navigation.html' as navigation %} diff --git a/modules/resources/templates/training-threat-hunting.html b/modules/resources/templates/training-threat-hunting.html index 1e7b8751069..275f42cdea8 100644 --- a/modules/resources/templates/training-threat-hunting.html +++ b/modules/resources/templates/training-threat-hunting.html @@ -1,6 +1,6 @@ {% extends "general/two-column.html" %} {% set active_page = "resources" -%} -{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%} +{% set title = "TTP-Based Threat Hunting and Detection Engineering Training | MITRE ATT&CK®" -%} {% set parsed = page.data | from_json %} {% import 'macros/navigation.html' as navigation %} From c706a72f855006cd86cf147cc48c5462129faa2b Mon Sep 17 00:00:00 2001 From: adpare Date: Thu, 18 Jul 2024 13:44:47 -0400 Subject: [PATCH 13/19] rename trainings --- data/resources_navigation.json | 14 +++++++------- .../resources/templates/attackcon-overview.html | 8 ++------ 2 files changed, 9 insertions(+), 13 deletions(-) diff --git a/data/resources_navigation.json b/data/resources_navigation.json index 7e393ff0dc0..c266449492d 100644 --- a/data/resources_navigation.json +++ b/data/resources_navigation.json @@ -25,25 +25,25 @@ "path": "/resources/learn-more-about-attack/training/", "children": [ { - "name": "CTI Training", + "name": "CTI", "id": "cti", "path": "/resources/learn-more-about-attack/training/cti/", "children": [] }, { - "name": "Purple Teaming Fundamentals Training", + "name": "Purple Teaming Fundamentals", "id": "purple_teaming_fundamentals", "path": "/resources/learn-more-about-attack/training/purple-teaming-fundamentals/", "children": [] }, { - "name": "ATT&CK Fundamentals Training", + "name": "ATT&CK Fundamentals", "id": "attack_fundamentals", "path": "/resources/learn-more-about-attack/training/attack-fundamentals/", "children": [] }, { - "name": "Adversary Emulation Training", + "name": "Adversary Emulation", "id": "adversary_emulation", "path": "/resources/learn-more-about-attack/training/adversary-emulation/", "children": [] @@ -55,19 +55,19 @@ "children": [] }, { - "name": "SOC Assessments Training", + "name": "SOC Assessments", "id": "soc_assessments", "path": "/resources/learn-more-about-attack/training/soc-assessments/", "children": [] }, { - "name": "Threat Hunting Training", + "name": "Threat Hunting", "id": "threat_hunting", "path": "/resources/learn-more-about-attack/training/threat-hunting/", "children": [] }, { - "name": "Detection Engineering Training", + "name": "Detection Engineering", "id": "detection_engineering", "path": "/resources/learn-more-about-attack/training/detection-engineering/", "children": [] diff --git a/modules/resources/templates/attackcon-overview.html b/modules/resources/templates/attackcon-overview.html index 5435b9938f1..9e3e2b33ea3 100644 --- a/modules/resources/templates/attackcon-overview.html +++ b/modules/resources/templates/attackcon-overview.html @@ -20,12 +20,8 @@
{% set conID = "-".join(con.date.split(' ')) %}
- {% if "sponsors_img_list" in con %} -

{{ con.title }}

- {% else %} -

{{ con.title }}

- {% endif %} - +

{{ con.title }}

+ {% set ifSponsor = "sponsors_img_list" in con %} {% if "banner_img" in con %}

From 23cf43979821fe578230dae46ce8dc469f52af7a Mon Sep 17 00:00:00 2001 From: adpare Date: Thu, 18 Jul 2024 14:14:58 -0400 Subject: [PATCH 14/19] training landing page content --- modules/resources/templates/training.html | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/modules/resources/templates/training.html b/modules/resources/templates/training.html index b17c6005107..dcb2ef67744 100644 --- a/modules/resources/templates/training.html +++ b/modules/resources/templates/training.html @@ -21,7 +21,28 @@

ATT&CK Training

From 9bbacc3b5a9f561399bbb4c3b3eba25b82c69b59 Mon Sep 17 00:00:00 2001 From: adpare Date: Thu, 18 Jul 2024 14:27:06 -0400 Subject: [PATCH 15/19] trainings landing page update --- modules/resources/templates/training.html | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/modules/resources/templates/training.html b/modules/resources/templates/training.html index dcb2ef67744..60e46f4deb2 100644 --- a/modules/resources/templates/training.html +++ b/modules/resources/templates/training.html @@ -21,28 +21,28 @@

ATT&CK Training

From 409f3505561ef46c855cc2d0e8396f9e0b5dc0a7 Mon Sep 17 00:00:00 2001 From: Jared Ondricek Date: Thu, 18 Jul 2024 14:17:19 -0500 Subject: [PATCH 16/19] Refactor trainings section --- modules/resources/resources.py | 82 ++++++++-------------------------- 1 file changed, 18 insertions(+), 64 deletions(-) diff --git a/modules/resources/resources.py b/modules/resources/resources.py index 9ea8627c39e..ca4a97ac58d 100644 --- a/modules/resources/resources.py +++ b/modules/resources/resources.py @@ -87,71 +87,25 @@ def generate_training_pages(): # load training data with open(os.path.join(site_config.data_directory, "trainings.json"), "r", encoding="utf8") as f: trainings = json.load(f) - print(trainings) - - # get markdown - training_md = resources_config.training_md - - # write markdown to file - with open(os.path.join(site_config.resources_markdown_path, "training.md"), "w", encoding="utf8") as md_file: - md_file.write(training_md) - - # CTI training - training_cti_md = resources_config.training_cti_md + json.dumps(trainings) - - # write markdown to file - with open(os.path.join(site_config.resources_markdown_path, "training_cti.md"), "w", encoding="utf8") as md_file: - md_file.write(training_cti_md) - - # Purple teaming fundamentals training - training_purple_teaming_fundamentals_md = resources_config.training_purple_teaming_fundamentals_md + json.dumps(trainings) - - # write markdown to file - with open(os.path.join(site_config.resources_markdown_path, "training_purple_teaming_fundamentals.md"), "w", encoding="utf8") as md_file: - md_file.write(training_purple_teaming_fundamentals_md) - - # ATT&CK fundamentals training - training_attack_fundamentals_md = resources_config.training_attack_fundamentals_md + json.dumps(trainings) - - # write markdown to file - with open(os.path.join(site_config.resources_markdown_path, "training_attack_fundamentals.md"), "w", encoding="utf8") as md_file: - md_file.write(training_attack_fundamentals_md) - - # ATT&CK adversary emulation training - training_adversary_emulation_md = resources_config.training_adversary_emulation_md + json.dumps(trainings) - - # write markdown to file - with open(os.path.join(site_config.resources_markdown_path, "training_adversary_emulation.md"), "w", encoding="utf8") as md_file: - md_file.write(training_adversary_emulation_md) - - # ATT&CK access tokens technical primer training - training_access_tokens_md = resources_config.training_access_tokens_md + json.dumps(trainings) - - # write markdown to file - with open(os.path.join(site_config.resources_markdown_path, "training_access_tokens.md"), "w", encoding="utf8") as md_file: - md_file.write(training_access_tokens_md) - - # ATT&CK soc assessments training - training_soc_assessments_md = resources_config.training_soc_assessments_md + json.dumps(trainings) - - # write markdown to file - with open(os.path.join(site_config.resources_markdown_path, "training_soc_assessments.md"), "w", encoding="utf8") as md_file: - md_file.write(training_soc_assessments_md) - - # ATT&CK threat hunting training - training_threat_hunting_md = resources_config.training_threat_hunting_md + json.dumps(trainings) - - # write markdown to file - with open(os.path.join(site_config.resources_markdown_path, "training_threat_hunting.md"), "w", encoding="utf8") as md_file: - md_file.write(training_threat_hunting_md) - - # ATT&CK detection engineering training - training_detection_engineering_md = resources_config.training_detection_engineering_md + json.dumps(trainings) - - # write markdown to file - with open(os.path.join(site_config.resources_markdown_path, "training_detection_engineering.md"), "w", encoding="utf8") as md_file: - md_file.write(training_detection_engineering_md) + # Define a dictionary of training pages and their corresponding markdown templates + training_pages = { + "training": resources_config.training_md, + "training_cti": resources_config.training_cti_md, + "training_purple_teaming_fundamentals": resources_config.training_purple_teaming_fundamentals_md, + "training_attack_fundamentals": resources_config.training_attack_fundamentals_md, + "training_adversary_emulation": resources_config.training_adversary_emulation_md, + "training_access_tokens": resources_config.training_access_tokens_md, + "training_soc_assessments": resources_config.training_soc_assessments_md, + "training_threat_hunting": resources_config.training_threat_hunting_md, + "training_detection_engineering": resources_config.training_detection_engineering_md, + } + + # Generate markdown for each training page and write it to a file + for page_name, page_template in training_pages.items(): + page_content = page_template + json.dumps(trainings) + with open(os.path.join(site_config.resources_markdown_path, f"{page_name}.md"), "w", encoding="utf8") as md_file: + md_file.write(page_content) def generate_brand_page(): """Responsible for generating the markdown pages of the training pages.""" From 8bbc30dda00d4a4bb709cdde01751f67eb9c3307 Mon Sep 17 00:00:00 2001 From: Jared Ondricek Date: Thu, 18 Jul 2024 14:22:01 -0500 Subject: [PATCH 17/19] Minor wording tweaks --- modules/resources/templates/attackcon-overview.html | 2 +- modules/resources/templates/attackcon.html | 7 ++++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/modules/resources/templates/attackcon-overview.html b/modules/resources/templates/attackcon-overview.html index 9e3e2b33ea3..135bb546423 100644 --- a/modules/resources/templates/attackcon-overview.html +++ b/modules/resources/templates/attackcon-overview.html @@ -21,7 +21,7 @@ {% set conID = "-".join(con.date.split(' ')) %}

{{ con.title }}

- + {% set ifSponsor = "sponsors_img_list" in con %} {% if "banner_img" in con %}

diff --git a/modules/resources/templates/attackcon.html b/modules/resources/templates/attackcon.html index 0909c0a50d5..0fea914da0c 100644 --- a/modules/resources/templates/attackcon.html +++ b/modules/resources/templates/attackcon.html @@ -20,10 +20,11 @@

ATT&CKCon

- At MITRE ATT&CK's yearly conference, cybersecurity leaders and practitioners of all levels are - invited to strengthen capabilities and engage with others in the community through two days of programming, + At MITRE ATT&CK's annual conference, cybersecurity leaders and practitioners of all levels are + invited to strengthen capabilities and engage with others in the community through multiple days of programming, featuring knowledgeable speakers, engaging content, and meaningful collaboration, all designed to help - leverage the ATT&CK framework. Browse the archive of presentations organized by event. + leverage the ATT&CK framework. + Browse the archive of presentations below.

Learn about future ATT&CKcons by keeping up with us at Engage with ATT&CK From f4dc4b48d8b257b540ed709a5ad7aff2bda32b2a Mon Sep 17 00:00:00 2001 From: Jared Ondricek Date: Thu, 18 Jul 2024 14:40:11 -0500 Subject: [PATCH 18/19] Update python version --- .python-version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.python-version b/.python-version index 09dcc780875..1445aee866c 100644 --- a/.python-version +++ b/.python-version @@ -1 +1 @@ -3.10.11 +3.10.14 From b03bb5598a376e603ba077774d0236b4c76d12c6 Mon Sep 17 00:00:00 2001 From: Jared Ondricek Date: Thu, 18 Jul 2024 14:46:09 -0500 Subject: [PATCH 19/19] Update website to 4.1.5 --- CHANGELOG.md | 11 +++++++++-- pyproject.toml | 2 +- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fda852bc9ee..f7c6be33387 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,9 +1,16 @@ +# v4.1.5 (2024-07-18) + +## Misc + +* Added new ATT&CK trainings. +* Moved sidebar headings around to add ATT&CKcon to be at the top level. + # v4.1.4 (2024-06-19) ## Misc -* Updated CTI Training to latest version -* Updated banner related to ATT&CKcon 5.0 +* Updated CTI Training to latest version. +* Updated banner related to ATT&CKcon 5.0. # v4.1.3 (2024-05-02) diff --git a/pyproject.toml b/pyproject.toml index 26dcebd5e63..df3cbb5945d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ profile = "black" [tool.towncrier] name = "ATT&CK website" - version = "4.1.4" + version = "4.1.5" filename = "CHANGELOG.md" issue_format = "[#{issue}](https://github.com/mitre-attack/attack-website/issues/{issue})" template = ".towncrier.template.md"