From e4fc4ada127ffeb1f556ea4c2a670784c0285bc2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 21 May 2024 06:06:26 +0000
Subject: [PATCH 01/19] --- updated-dependencies: - dependency-name: requests
dependency-type: direct:production ...
Signed-off-by: dependabot[bot]
---
requirements.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/requirements.txt b/requirements.txt
index 555f27c8564..45a314ceff0 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -8,7 +8,7 @@ mitreattack-python==3.0.6
pelican==4.8.0
pyScss==1.4.0
python-dotenv==1.0.0
-requests==2.31.0
+requests==2.32.0
stix2==3.0.1
stix2-validator==3.1.3
toml==0.10.2
From b20f98f2c5d8755395f2560265ee527321da4b02 Mon Sep 17 00:00:00 2001
From: adpare
Date: Wed, 22 May 2024 16:17:37 -0400
Subject: [PATCH 02/19] updated attackcon location
---
data/resources_navigation.json | 12 ++--
data/use_cases.json | 2 +-
modules/resources/resources.py | 23 ++-----
modules/resources/resources_config.py | 10 +--
modules/resources/static_pages/attackcon.md | 3 +
.../templates}/attackcon-overview.html | 3 +-
modules/resources/templates/attackcon.html | 65 +++++++++++++++++++
.../templates/learn-more-about-attack.html | 38 -----------
8 files changed, 84 insertions(+), 72 deletions(-)
create mode 100644 modules/resources/static_pages/attackcon.md
rename {attack-theme/templates/general => modules/resources/templates}/attackcon-overview.html (96%)
create mode 100644 modules/resources/templates/attackcon.html
diff --git a/data/resources_navigation.json b/data/resources_navigation.json
index ac316d59b55..37cb2833f8c 100644
--- a/data/resources_navigation.json
+++ b/data/resources_navigation.json
@@ -19,12 +19,6 @@
"path": "/resources/learn-more-about-attack/presentation-archive/",
"children": []
},
- {
- "name": "ATT&CKcon Presentations",
- "id": "attackcon",
- "path": "/resources/learn-more-about-attack/attackcon/",
- "children": []
- },
{
"name": "Trainings",
"id": "training",
@@ -40,6 +34,12 @@
}
]
},
+ {
+ "name": "ATT&CKcon",
+ "id": "attackcon",
+ "path": "/resources/attackcon/",
+ "children": []
+ },
{
"name": "ATT&CK Data & Tools",
"id": "attack-data-and-tools",
diff --git a/data/use_cases.json b/data/use_cases.json
index 7eebdb5c0ed..588f486b5c7 100644
--- a/data/use_cases.json
+++ b/data/use_cases.json
@@ -37,7 +37,7 @@
"title": "ATT&CKcon 2018 presentations",
"date": "(October 2018)",
"description": "Many people in the ATT&CK community are doing excellent work with analytics and detection. We encourage you to take a look at these presentations for ideas.",
- "url": "/resources/learn-more-about-attack/attackcon/october-2018#presentations"
+ "url": "/resources/attackcon/october-2018#presentations"
}
]
},
diff --git a/modules/resources/resources.py b/modules/resources/resources.py
index 051044f5350..61f36cb4a09 100644
--- a/modules/resources/resources.py
+++ b/modules/resources/resources.py
@@ -133,9 +133,9 @@ def generate_attackcon_page():
attackcon_name.append(attackcon[i]["title"])
title = "Title: " + attackcon[i]["title"] + "\n"
name = attackcon[i]["date"].lower().replace(" ", "-")
- template = "Template: general/attackcon-overview\n"
- attackcon_path.append("/resources/learn-more-about-attack/attackcon/" + name + "/")
- save_as = "save_as: resources/learn-more-about-attack/attackcon/" + name + "/index.html\n"
+ template = "Template: resources/attackcon-overview\n"
+ attackcon_path.append("/resources/attackcon/" + name + "/")
+ save_as = "save_as: resources/attackcon/" + name + "/index.html\n"
data = "data: "
content = title + template + save_as + data
attackcon_md.append(content)
@@ -145,28 +145,19 @@ def generate_attackcon_page():
attackcon_list = attackcon_dict_list["attackcon_md"]
# Below code used to add the attackcon children to the resources sidebar
- attackcon_index = 0
learnmore_index = 0
temp_dict = {}
for i in range(len(site_config.resource_nav["children"])):
- if site_config.resource_nav["children"][i]["name"] == "Learn More about ATT&CK":
- for j in range(len(site_config.resource_nav["children"][i]["children"])):
- if site_config.resource_nav["children"][i]["children"][j]["name"] == "ATT&CKcon Presentations":
- learnmore_index = i
- attackcon_index = j
+ if site_config.resource_nav["children"][i]["name"] == "ATT&CKcon":
+ attackcon_index = i
for i in range(len(attackcon_dict_list["attackcon_name"])):
temp_dict["name"] = attackcon_dict_list["attackcon_name"][i]
temp_dict["path"] = attackcon_dict_list["attackcon_path"][i]
temp_dict["children"] = []
- site_config.resource_nav["children"][learnmore_index]["children"][attackcon_index]["children"].append(temp_dict.copy())
+ site_config.resource_nav["children"][attackcon_index]["children"].append(temp_dict.copy())
temp_dict = {}
- attackcon_content = resources_config.attackcon_md + json.dumps(attackcon[0])
-
- # write markdown to file
- with open(os.path.join(site_config.resources_markdown_path, "attackcon.md"), "w", encoding="utf8") as md_file:
- md_file.write(attackcon_content)
for i in range(len(attackcon_list)):
attackcon_content = attackcon_list[i] + json.dumps(attackcon[i])
f_name = "attackcon-" + attackcon[i]["date"].lower().replace(" ", "-") + ".md"
@@ -300,7 +291,7 @@ def generate_contribute_page():
# Generate redirections
util.buildhelpers.generate_redirections(
- redirections_filename=resources_config.contribute_redirection_location, redirect_md=site_config.redirect_md
+ redirections_filename=resources_config.contribute_redirections_location, redirect_md=site_config.redirect_md
)
ms = util.relationshipgetters.get_ms()
diff --git a/modules/resources/resources_config.py b/modules/resources/resources_config.py
index 16e4b68815c..ae80d529d22 100644
--- a/modules/resources/resources_config.py
+++ b/modules/resources/resources_config.py
@@ -12,14 +12,6 @@
# Path for docs
docs_path = "modules/resources/docs/"
-# ATT&CKcon md
-attackcon_md = (
- "Title: ATT&CKcon\n"
- "Template: general/attackcon-overview\n"
- "save_as: resources/learn-more-about-attack/attackcon/index.html\n"
- "data: "
-)
-
# Training md
training_md = (
"Title: ATT&CK Training\n"
@@ -50,7 +42,7 @@
"data: "
)
-contribute_redirection_location = "modules/resources/contribute_redirections.json"
+contribute_redirections_location = "modules/resources/contribute_redirections.json"
# Brand md
brand_md = (
diff --git a/modules/resources/static_pages/attackcon.md b/modules/resources/static_pages/attackcon.md
new file mode 100644
index 00000000000..3b6cd1a055a
--- /dev/null
+++ b/modules/resources/static_pages/attackcon.md
@@ -0,0 +1,3 @@
+Title: ATT&CKCon
+Template: resources/attackcon
+save_as: resources/attackcon/index.html
\ No newline at end of file
diff --git a/attack-theme/templates/general/attackcon-overview.html b/modules/resources/templates/attackcon-overview.html
similarity index 96%
rename from attack-theme/templates/general/attackcon-overview.html
rename to modules/resources/templates/attackcon-overview.html
index dfc34fb4b1f..fce2942bbb5 100644
--- a/attack-theme/templates/general/attackcon-overview.html
+++ b/modules/resources/templates/attackcon-overview.html
@@ -13,8 +13,7 @@
- Home
- Resources
- - Learn More about ATT&CK
- - ATT&CKcon
+ - ATT&CKcon
- {{ con.title }}
diff --git a/modules/resources/templates/attackcon.html b/modules/resources/templates/attackcon.html
new file mode 100644
index 00000000000..8fb8f901e3e
--- /dev/null
+++ b/modules/resources/templates/attackcon.html
@@ -0,0 +1,65 @@
+{% extends "general/two-column.html" %}
+{% set active_page = "resources" -%}
+{% set title = page.title + " | MITRE ATT&CK®" -%}
+{% import 'macros/navigation.html' as navigation %}
+{% import 'macros/contact_card.html' as contact_card %}
+
+{% block innerleft %}
+
+{% endblock %}
+
+{% block innerright %}
+
+ - Home
+ - Resources
+ - ATT&CKCon
+
+
+
+
+
ATT&CKCon
+
+
+ At MITRE ATT&CK's yearly conference, cybersecurity leaders and practitioners of all levels are
+ invited to strengthen capabilities and engage with others in the community through two days of programming,
+ featuring knowledgeable speakers, engaging content, and meaningful collaboration, all designed to help
+ leverage the ATT&CK framework. Browse the archive of presentations organized by event.
+
+
+ Learn about future ATT&CKcons by keeping up with us at Engage with ATT&CK
+
+
+ {{contact_card.render(
+ "ATT&CKcon 4.0",
+ "/resources/attackcon/october-2023/",
+ "October 24th - 25th, 2023
McLean, VA",
+ invert_icon=True)}}
+ {{contact_card.render(
+ "ATT&CKcon 3.0",
+ "/resources/attackcon/march-2022/",
+ "March 29th - 30th, 2022
McLean, VA",
+ invert_icon=True)}}
+ {{contact_card.render(
+ "ATT&CKcon PowerHour",
+ "/resources/attackcon/october-2020/",
+ "October 2020 - January 2021
Virtual",
+ invert_icon=True)}}
+
+
+ {{contact_card.render("ATT&CKcon 2.0", "/resources/attackcon/october-2019/", "
October 29th - 30th,
+ 2019McLean, VA",
+ invert_icon=True)}}
+ {{contact_card.render("ATT&CKcon 2018", "/resources/attackcon/october-2018/", "
October 23rd - 24th,
+ 2018McLean, VA",
+ invert_icon=True)}}
+
+
+
+
+
+{% endblock %}
+
+{% block scripts %} {{ super () }}
+
+
+{% endblock %}
\ No newline at end of file
diff --git a/modules/resources/templates/learn-more-about-attack.html b/modules/resources/templates/learn-more-about-attack.html
index 36ecd42a729..c6d5754be8c 100644
--- a/modules/resources/templates/learn-more-about-attack.html
+++ b/modules/resources/templates/learn-more-about-attack.html
@@ -49,44 +49,6 @@ Featured MITRE Presentations
Browse all MITRE presentations
-
-
ATT&CKCon Presentations
-
- At MITRE ATT&CK's yearly conference, cybersecurity leaders and practitioners of all levels are
- invited to strengthen capabilities and engage with others in the community through two days of programming,
- featuring knowledgeable speakers, engaging content, and meaningful collaboration, all designed to help
- leverage the ATT&CK framework. Browse the archive of presentations organized by event.
-
-
- Learn about future ATT&CKcons by keeping up with us at Engage with ATT&CK
-
-
- {{contact_card.render(
- "ATT&CKcon 4.0",
- "/resources/learn-more-about-attack/attackcon/october-2023/",
- "October 24th - 25th, 2023
McLean, VA",
- invert_icon=True)}}
- {{contact_card.render(
- "ATT&CKcon 3.0",
- "/resources/learn-more-about-attack/attackcon/march-2022/",
- "March 29th - 30th, 2022
McLean, VA",
- invert_icon=True)}}
- {{contact_card.render(
- "ATT&CKcon PowerHour",
- "/resources/learn-more-about-attack/attackcon/october-2020/",
- "October 2020 - January 2021
Virtual",
- invert_icon=True)}}
-
-
- {{contact_card.render("ATT&CKcon 2.0", "/resources/learn-more-about-attack/attackcon/october-2019/", "
October 29th - 30th,
- 2019McLean, VA",
- invert_icon=True)}}
- {{contact_card.render("ATT&CKcon 2018", "/resources/learn-more-about-attack/attackcon/october-2018/", "
October 23rd - 24th,
- 2018McLean, VA",
- invert_icon=True)}}
-
-
-
MITRE CTI Training
From 0f212e894ee22efdff197748f8162d9827e6845e Mon Sep 17 00:00:00 2001
From: adpare
Date: Wed, 22 May 2024 18:06:18 -0400
Subject: [PATCH 03/19] redirections
---
modules/redirections/redirections.json | 95 ++++++++++++++++---
modules/resources/resources.py | 2 +-
modules/resources/resources_config.py | 2 +-
...tions.json => resources_redirections.json} | 2 +-
4 files changed, 83 insertions(+), 18 deletions(-)
rename modules/resources/{contribute_redirections.json => resources_redirections.json} (75%)
diff --git a/modules/redirections/redirections.json b/modules/redirections/redirections.json
index 5be1ff3235a..21beaa32d9e 100644
--- a/modules/redirections/redirections.json
+++ b/modules/redirections/redirections.json
@@ -1,19 +1,4 @@
[
- {
- "title" : "Getting Started Redirect",
- "from" : "resources/getting-started",
- "to" : "/resources/"
- },
- {
- "title" : "Training Redirect",
- "from" : "training",
- "to" : "/resources/learn-more-about-attack/training"
- },
- {
- "title" : "CTI Training Redirect",
- "from" : "training/cti",
- "to" : "/resources/learn-more-about-attack/training/cti"
- },
{
"title": "enterprise-attack-matrix",
"from": "wiki/ATT&CK_Matrix",
@@ -278,5 +263,85 @@
"title": "azure-matrix",
"from": "matrices/enterprise/cloud/azure",
"to": "/matrices/enterprise/cloud/iaas"
+ },
+ {
+ "title" : "Getting Started Redirect",
+ "from" : "resources/getting-started",
+ "to" : "/resources/"
+ },
+ {
+ "title" : "Training Redirect",
+ "from" : "resources/training",
+ "to" : "/resources/learn-more-about-attack/training"
+ },
+ {
+ "title" : "CTI Training Redirect",
+ "from" : "resources/training/cti",
+ "to" : "/resources/learn-more-about-attack/training/cti"
+ },
+ {
+ "title" : "Working with ATT&CK Redirect",
+ "from" : "resources/working-with-attack",
+ "to" : "/resources/attack-data-and-tools/"
+ },
+ {
+ "title" : "Related Projects Redirect",
+ "from" : "resources/related-projects",
+ "to" : "/resources/attack-data-and-tools/"
+ },
+ {
+ "title" : "Brand Guide Redirect",
+ "from" : "resources/brand",
+ "to" : "/resources/legal-and-branding/"
+ },
+ {
+ "title" : "Privacy Redirect",
+ "from" : "resources/privacy",
+ "to" : "/resources/legal-and-branding/privacy/"
+ },
+ {
+ "title" : "Terms of Use Redirect",
+ "from" : "resources/terms-of-use",
+ "to" : "/resources/legal-and-branding/terms-of-use/"
+ },
+ {
+ "title" : "FAQ General Redirect",
+ "from" : "resources/faq/general",
+ "to" : "/resources/faq/#general-faq"
+ },
+ {
+ "title" : "FAQ Content Redirect",
+ "from" : "resources/faq/content",
+ "to" : "/resources/faq/#content-faq"
+ },
+ {
+ "title" : "FAQ Resources Redirect",
+ "from" : "resources/faq/resources",
+ "to" : "/resources/faq/#resources-faq"
+ },
+ {
+ "title" : "FAQ Staying Informed Redirect",
+ "from" : "resources/faq/staying-informed",
+ "to" : "/resources/faq/#staying-informed-faq"
+ },
+ {
+ "title" : "FAQ ATT&CK Other Models Redirect",
+ "from" : "resources/faq/attack-and-other-models",
+ "to" : "/resources/faq/#other-models-faq"
+ },
+ {
+ "title" : "FAQ Legal Redirect",
+ "from" : "resources/faq/legal",
+ "to" : "/resources/faq/#legal-faq"
+ },
+ {
+ "title" : "Contribute Redirect",
+ "from" : "resources/contribute",
+ "to" : "/resources/engage-with-attack/contribute/"
+ },
+ {
+ "title" : "Contact Redirect",
+ "from" : "contact",
+ "to" : "/resources/engage-with-attack/contact/"
}
]
\ No newline at end of file
diff --git a/modules/resources/resources.py b/modules/resources/resources.py
index 61f36cb4a09..91d686691dc 100644
--- a/modules/resources/resources.py
+++ b/modules/resources/resources.py
@@ -291,7 +291,7 @@ def generate_contribute_page():
# Generate redirections
util.buildhelpers.generate_redirections(
- redirections_filename=resources_config.contribute_redirections_location, redirect_md=site_config.redirect_md
+ redirections_filename=resources_config.resources_redirections_location, redirect_md=site_config.redirect_md
)
ms = util.relationshipgetters.get_ms()
diff --git a/modules/resources/resources_config.py b/modules/resources/resources_config.py
index ae80d529d22..a061ab5f4e0 100644
--- a/modules/resources/resources_config.py
+++ b/modules/resources/resources_config.py
@@ -42,7 +42,7 @@
"data: "
)
-contribute_redirections_location = "modules/resources/contribute_redirections.json"
+resources_redirections_location = "modules/resources/resources_redirections.json"
# Brand md
brand_md = (
diff --git a/modules/resources/contribute_redirections.json b/modules/resources/resources_redirections.json
similarity index 75%
rename from modules/resources/contribute_redirections.json
rename to modules/resources/resources_redirections.json
index 5a9abbd7683..5b784c22c90 100644
--- a/modules/resources/contribute_redirections.json
+++ b/modules/resources/resources_redirections.json
@@ -1,6 +1,6 @@
[
{
- "title": "Training Redirect",
+ "title": "Training Content Redirect",
"from": "docs/Contributing_to_MITRE_ATTACK.pdf/index.html",
"to": "/resources/engage-with-attack/contribute"
}
From 9fb41a8db63d7442dbc80aa5f45046f75f335085 Mon Sep 17 00:00:00 2001
From: Jared Ondricek
Date: Thu, 30 May 2024 11:16:54 -0500
Subject: [PATCH 04/19] Fix whitespace
---
modules/matrices/templates/matrix.html | 6 ++--
modules/techniques/templates/technique.html | 34 ++++++++++-----------
2 files changed, 20 insertions(+), 20 deletions(-)
diff --git a/modules/matrices/templates/matrix.html b/modules/matrices/templates/matrix.html
index e87e1778ad0..8bc96168fe5 100644
--- a/modules/matrices/templates/matrix.html
+++ b/modules/matrices/templates/matrix.html
@@ -1,4 +1,4 @@
-{% extends "general/two-column.html" %}
+{% extends "general/two-column.html" %}
{% set parsed = page.data | from_json %}
{% import 'macros/navigation.html' as navigation %}
{% import 'macros/matrix.html' as matrix_macros %}
@@ -61,7 +61,7 @@
{% if parsed.deprecated %}
-
{{parsed.name}}
+
{{parsed.name}}
{% if parsed.descr %}
{{deprecated.deprecated(clean_output.stixToHTML(parsed.descr, firstParagraphOnly=True))}}
{% else %}
@@ -73,7 +73,7 @@
{{parsed.name}}
{% set matrix_plural = "Matrices" if (parsed.matrices | length > 1) else "Matrix" %}
-
{{parsed.name}} {{matrix_plural}}
+
{{parsed.name}} {{matrix_plural}}
{{parsed.descr}}
diff --git a/modules/techniques/templates/technique.html b/modules/techniques/templates/technique.html
index 43259e9be5e..0f7bf8a82b0 100644
--- a/modules/techniques/templates/technique.html
+++ b/modules/techniques/templates/technique.html
@@ -1,4 +1,4 @@
-{% extends "general/two-column.html" -%}
+{% extends "general/two-column.html" -%}
{% set parsed = page.data | from_json %}
{% import 'macros/navigation.html' as navigation %}
{% import 'macros/deprecated.html' as deprecated %}
@@ -18,9 +18,9 @@
{% if parsed.domain == "mobile" %}
{% set title = title_prefix + parsed.name + ", " + title_type + " " + parsed.attack_id + " - Mobile | MITRE ATT&CK®" -%}
-{% elif parsed.domain == "enterprise" %}
+{% elif parsed.domain == "enterprise" %}
{% set title = title_prefix + parsed.name + ", " + title_type + " " + parsed.attack_id + " - Enterprise | MITRE ATT&CK®" -%}
-{% elif parsed.domain == "ics" %}
+{% elif parsed.domain == "ics" %}
{% set title = title_prefix + parsed.name + ", " + title_type + " " + parsed.attack_id + " - ICS | MITRE ATT&CK®" -%}
{% else %}
{% set title = title_prefix + parsed.name + ", " + title_type + " " + parsed.attack_id + " | MITRE ATT&CK®" -%}
@@ -76,7 +76,7 @@
{{parsed.parent_name}}:
{% endif %}
{{parsed.name}}
-
+
{% if parsed.deprecated %}
{% if parsed.descr %}
@@ -105,8 +105,8 @@
Sub-techniques ({{parsed.subtechniques|len
ID |
Name |
-
-
+
+
{% for subtechnique in parsed.subtechniques %}
{% if (output_file | clean_path) != subtechnique.path %}
@@ -120,19 +120,19 @@ Sub-techniques ({{parsed.subtechniques|len
{{subtechnique.id}}
|
-
+ |
{{subtechnique.name}}
|
{% endif %}
- {% endfor %}
-
+ {% endfor %}
+
- {% endif %}
+ {% endif %}
{% if parsed.descr %}
@@ -294,7 +294,7 @@
@@ -373,7 +373,7 @@ Procedure Examples
Targeted Assets
-
+
ID |
Asset |
@@ -398,7 +398,7 @@ Mitigations
-
+
ID |
Mitigation |
Description |
@@ -459,10 +459,10 @@ Difficulty for the Adversary
{% endif %}
{% endif %}
-
+
{{ citations.reference_section(parsed.citations) }}
- {% endif %}
+ {% endif %}
@@ -481,4 +481,4 @@ Difficulty for the Adversary
{% endif %}
-{% endblock %}
\ No newline at end of file
+{% endblock %}
\ No newline at end of file
From 8676ae4507bc037dd513cc9ddc3b8b72d0f32573 Mon Sep 17 00:00:00 2001
From: Jared Ondricek
Date: Thu, 30 May 2024 17:07:08 -0500
Subject: [PATCH 05/19] More whitespace fixing
---
modules/assets/templates/asset.html | 12 ++++++------
modules/datasources/templates/datasource.html | 12 ++++++------
modules/software/templates/software.html | 18 +++++++++---------
3 files changed, 21 insertions(+), 21 deletions(-)
diff --git a/modules/assets/templates/asset.html b/modules/assets/templates/asset.html
index 0dfb2452ac9..f6f3f21054c 100644
--- a/modules/assets/templates/asset.html
+++ b/modules/assets/templates/asset.html
@@ -1,6 +1,6 @@
{% extends "general/two-column.html" %}
{% set parsed = page.data | from_json %}
-{% set title = parsed.name + ", Asset " + parsed.attack_id + " | MITRE ATT&CK®" -%}
+{% set title = parsed.name + ", Asset " + parsed.attack_id + " | MITRE ATT&CK®" -%}
{% set active_page = "assets" -%}
{% import 'macros/deprecated.html' as deprecated %}
@@ -23,7 +23,7 @@
{% block innerleft %}
- {{ navigation.sidenav(parsed.side_menu_data, output_file) }}
+ {{ navigation.sidenav(parsed.side_menu_data, output_file) }}
{% endblock %}
@@ -82,14 +82,14 @@ {{ parsed.name }}
{% endif %}
{% if parsed.sectors %}
-
+
{{ "Sector" if parsed.sectors | length < 2 else "Sectors" }}: {{parsed.sectors}}
{% endif %}
{% if parsed.contributors_list %}
-
+
Contributors: {{ parsed.contributors_list|join("; ") }}
@@ -134,7 +134,7 @@
Description |
-
+
{% for related_asset in parsed.related_assets_table %}
{{ related_asset.name }} |
@@ -143,7 +143,7 @@
{{ clean_output.stixToHTML(related_asset.descr, parsed.citations) }}
- {% endfor %}
+ {% endfor %}
{% endif %}
diff --git a/modules/datasources/templates/datasource.html b/modules/datasources/templates/datasource.html
index 9ec60ae9daf..f6e5b33a6d4 100644
--- a/modules/datasources/templates/datasource.html
+++ b/modules/datasources/templates/datasource.html
@@ -1,10 +1,10 @@
{% extends "general/two-column.html" %}
{% set parsed = page.data | from_json %}
{% if parsed.aliases_list %}
- {% set alias_string = parsed.aliases_list|join(", ") %}
- {% set title = parsed.name + ", " + alias_string + ", Data Source " + parsed.attack_id + " | MITRE ATT&CK®" -%}
+ {% set alias_string = parsed.aliases_list|join(", ") %}
+ {% set title = parsed.name + ", " + alias_string + ", Data Source " + parsed.attack_id + " | MITRE ATT&CK®" -%}
{% else %}
- {% set title = parsed.name + ", Data Source " + parsed.attack_id + " | MITRE ATT&CK®" -%}
+ {% set title = parsed.name + ", Data Source " + parsed.attack_id + " | MITRE ATT&CK®" -%}
{% endif %}
{% set active_page = "datasources" -%}
@@ -28,7 +28,7 @@
{% block innerleft %}
- {{ navigation.sidenav(parsed.side_menu_data, output_file, true) }}
+ {{ navigation.sidenav(parsed.side_menu_data, output_file, true) }}
{% endblock %}
@@ -137,7 +137,7 @@
{% endif %}
-
+
{% if parsed.datacomponents_list %}
Data Components
@@ -188,7 +188,7 @@
{{parsed.name}}: {{datacomponent.name}}
{% endfor %}
{% endif %}
-
+
{{ citations.reference_section(parsed.citations) }}
{% endif %}
diff --git a/modules/software/templates/software.html b/modules/software/templates/software.html
index 3d606f47a9f..21555b6670c 100644
--- a/modules/software/templates/software.html
+++ b/modules/software/templates/software.html
@@ -1,6 +1,6 @@
-{% extends "general/two-column.html" %}
+{% extends "general/two-column.html" %}
{% set parsed = page.data | from_json %}
-{% set title = parsed.name + ", Software " + parsed.attack_id + " | MITRE ATT&CK®" -%}
+{% set title = parsed.name + ", Software " + parsed.attack_id + " | MITRE ATT&CK®" -%}
{% set active_page = "software" -%}
{% import 'macros/deprecated.html' as deprecated %}
{% import 'macros/navigator.html' as navigator %}
@@ -139,7 +139,7 @@
{% endif %}
-
+
{% if parsed.alias_descriptions %}
Associated Software Descriptions
@@ -150,7 +150,7 @@
Associated Software Descriptions
Description |
-
+
{% for alias in parsed.alias_descriptions %}
@@ -160,17 +160,17 @@ Associated Software Descriptions
{{clean_output.stixToHTML(alias.descr, parsed.citations)}}
|
- {% endfor %}
+ {% endfor %}
{% endif %}
-
+
{% if parsed.technique_table_data %}
{{navigator.layer_links(parsed.attack_id, "software", parsed.layers)}}
{{techniques_used.techniques_used(parsed.technique_table_data, "Techniques Used", true, "Use", parsed.citations)}}
{% endif %}
-
+
{% if parsed.groups %}
Groups That Use This Software
@@ -232,9 +232,9 @@
Campaigns
{% endif %}
-
+
{{ citations.reference_section(parsed.citations) }}
-
+
{% endif %}
From ba339addc1d72c0b20b3b73dccaf7e4eb457ff2d Mon Sep 17 00:00:00 2001
From: Jared Ondricek
Date: Thu, 30 May 2024 17:07:42 -0500
Subject: [PATCH 06/19] Update Matrix titles and breadcrumbs
---
modules/matrices/templates/matrix.html | 32 +++++++++++++++-----------
1 file changed, 19 insertions(+), 13 deletions(-)
diff --git a/modules/matrices/templates/matrix.html b/modules/matrices/templates/matrix.html
index 8bc96168fe5..672dcbe2a64 100644
--- a/modules/matrices/templates/matrix.html
+++ b/modules/matrices/templates/matrix.html
@@ -8,12 +8,20 @@
{% import 'macros/notes.html' as notes %}
{% if parsed.domain == "mobile" %}
- {% set title = "Matrix - Mobile | MITRE ATT&CK®" -%}
-{% elif parsed.domain == "enterprise" %}
- {% if parsed.platform %}
- {% set title = "Matrix - Enterprise - " + parsed.platform + " | MITRE ATT&CK®" -%}
+ {% if parsed.name == "Mobile" %}
+ {% set title = "Matrix - Mobile | MITRE ATT&CK®" -%}
{% else %}
+ {% set title = "Matrix - Mobile - " + parsed.name + " | MITRE ATT&CK®" -%}
+ {% endif %}
+
+{% elif parsed.domain == "ics" %}
+ {% set title = "Matrix - ICS | MITRE ATT&CK®" -%}
+
+{% elif parsed.domain == "enterprise" %}
+ {% if parsed.name == "Enterprise" %}
{% set title = "Matrix - Enterprise | MITRE ATT&CK®" -%}
+ {% else %}
+ {% set title = "Matrix - Enterprise - " + parsed.name + " | MITRE ATT&CK®" -%}
{% endif %}
{% else %}
{% set title = "Matrix | MITRE ATT&CK®" -%}
@@ -39,19 +47,17 @@
- Home
+ - Matrices
{% if parsed.domain == 'enterprise' %}
- - Matrices
+ - Enterprise
{% elif parsed.domain == 'mobile' %}
- - Matrices
+ - Mobile
+ {% elif parsed.domain == 'ics' %}
+ - ICS
{% else %}
- Matrices
{% endif %}
- {% if parsed.platform %}
- - Enterprise
- - {{parsed.platform}}
- {% else %}
- - {{parsed.name}}
- {% endif %}
+ - {{ parsed.name }}
@@ -92,7 +98,7 @@ {{parsed.name}} {{matrix_plural}}
- {% if parsed.navigator_link %}
+ {% if parsed.navigator_link %}
From 2a79712cdb211e6f7b8f2331be5f48e71787e037 Mon Sep 17 00:00:00 2001
From: adpare
Date: Wed, 26 Jun 2024 13:07:29 -0400
Subject: [PATCH 07/19] updated trainings
---
data/resources_navigation.json | 42 ++
data/trainings.json | 666 +++++++++++++++++-
modules/resources/resources.py | 50 ++
modules/resources/resources_config.py | 49 ++
.../templates/training-access-tokens.html | 126 ++++
.../training-adversary-emulation.html | 126 ++++
.../training-attack-fundamentals.html | 126 ++++
.../training-detection-engineering.html | 126 ++++
.../training-purple-teaming-fundamentals.html | 119 ++++
.../templates/training-soc-assessments.html | 126 ++++
.../templates/training-threat-hunting.html | 126 ++++
11 files changed, 1681 insertions(+), 1 deletion(-)
create mode 100644 modules/resources/templates/training-access-tokens.html
create mode 100644 modules/resources/templates/training-adversary-emulation.html
create mode 100644 modules/resources/templates/training-attack-fundamentals.html
create mode 100644 modules/resources/templates/training-detection-engineering.html
create mode 100644 modules/resources/templates/training-purple-teaming-fundamentals.html
create mode 100644 modules/resources/templates/training-soc-assessments.html
create mode 100644 modules/resources/templates/training-threat-hunting.html
diff --git a/data/resources_navigation.json b/data/resources_navigation.json
index 37cb2833f8c..7e393ff0dc0 100644
--- a/data/resources_navigation.json
+++ b/data/resources_navigation.json
@@ -29,6 +29,48 @@
"id": "cti",
"path": "/resources/learn-more-about-attack/training/cti/",
"children": []
+ },
+ {
+ "name": "Purple Teaming Fundamentals Training",
+ "id": "purple_teaming_fundamentals",
+ "path": "/resources/learn-more-about-attack/training/purple-teaming-fundamentals/",
+ "children": []
+ },
+ {
+ "name": "ATT&CK Fundamentals Training",
+ "id": "attack_fundamentals",
+ "path": "/resources/learn-more-about-attack/training/attack-fundamentals/",
+ "children": []
+ },
+ {
+ "name": "Adversary Emulation Training",
+ "id": "adversary_emulation",
+ "path": "/resources/learn-more-about-attack/training/adversary-emulation/",
+ "children": []
+ },
+ {
+ "name": "Access Tokens Technical Primer",
+ "id": "access_tokens",
+ "path": "/resources/learn-more-about-attack/training/access-tokens/",
+ "children": []
+ },
+ {
+ "name": "SOC Assessments Training",
+ "id": "soc_assessments",
+ "path": "/resources/learn-more-about-attack/training/soc-assessments/",
+ "children": []
+ },
+ {
+ "name": "Threat Hunting Training",
+ "id": "threat_hunting",
+ "path": "/resources/learn-more-about-attack/training/threat-hunting/",
+ "children": []
+ },
+ {
+ "name": "Detection Engineering Training",
+ "id": "detection_engineering",
+ "path": "/resources/learn-more-about-attack/training/detection-engineering/",
+ "children": []
}
]
}
diff --git a/data/trainings.json b/data/trainings.json
index 11533c9d022..99b9f37b4f3 100644
--- a/data/trainings.json
+++ b/data/trainings.json
@@ -123,7 +123,7 @@
"module3": {
"module": "MODULE 3",
"short_name": "Module 3: Storing and analyzing ATT&CK-mapped intelligence",
- "id": "mod4",
+ "id": "mod3",
"name": "Storing and analyzing ATT&CK-mapped intelligence",
"video": "https://www.youtube.com/watch?v=cO2JRZ53N2c&list=PLLGRmm150VfBd_bk6fGqTqxr8SBeDcprb&index=4",
"slides": "/docs/training-cti/Module%203%20Slides.pdf",
@@ -186,5 +186,669 @@
}
]
}
+ },
+ "purple_teaming_fundamentals": {
+ "module0": {
+ "module": "MODULE 0",
+ "short_name": "Module 0: Introduction",
+ "id": "mod0",
+ "name": "Introduction to Purple Teaming",
+ "video": "https://www.youtube.com/watch?v=CLkePP4aqL8&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n",
+ "exercises": []
+ },
+ "module1": {
+ "module": "MODULE 1",
+ "short_name": "Module 1: Planning",
+ "id": "mod1",
+ "name": "Planning",
+ "video": "https://www.youtube.com/watch?v=N2zwLZjhayw&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=2",
+ "exercises": []
+ },
+ "module2": {
+ "module": "MODULE 2",
+ "short_name": "Module 2: Execution",
+ "id": "mod2",
+ "name": "Execution",
+ "video": "https://www.youtube.com/watch?v=NAeUmsgurT8&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=3",
+ "exercises": []
+ },
+ "module3": {
+ "module": "MODULE 3",
+ "short_name": "Module 3: Follow-Up",
+ "id": "mod3",
+ "name": "Follow-Up",
+ "video": "https://www.youtube.com/watch?v=QqjiCfRM6k0&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=4",
+ "exercises": []
+ },
+ "module4": {
+ "module": "MODULE 4",
+ "short_name": "Module 4: Example",
+ "id": "mod4",
+ "name": "Example",
+ "video": "https://www.youtube.com/watch?v=OLxtDojHBHg&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=5",
+ "exercises": []
+ }
+ },
+ "attack_fundamentals": {
+ "module1": {
+ "module": "MODULE 1",
+ "short_name": "Module 1: Introduction",
+ "id": "mod1",
+ "name": "Understanding ATT&CK",
+ "video": "https://www.youtube.com/watch?v=THOGnEqoStQ&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=1",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "1.1",
+ "name": "Introduction to ATT&CK",
+ "video": "https://www.youtube.com/watch?v=THOGnEqoStQ&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=1"
+ },
+ {
+ "id": "1.2",
+ "name": "Matrices",
+ "video": "https://www.youtube.com/watch?v=jrTqDD9a3vo&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=2"
+ },
+ {
+ "id": "1.3",
+ "name": "Tactics",
+ "video": "https://www.youtube.com/watch?v=0a-Yitvodl0&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=3"
+ },
+ {
+ "id": "1.4",
+ "name": "Techniques & Sub-techniques",
+ "video": "https://www.youtube.com/watch?v=xGluIOA-S2M&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=4"
+ },
+ {
+ "id": "1.5",
+ "name": "Mitigations",
+ "video": "https://www.youtube.com/watch?v=CEi4AZ7nngM&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=5"
+ },
+ {
+ "id": "1.6",
+ "name": "Data Sources & Detections",
+ "video": "https://www.youtube.com/watch?v=b_Rfw5vKjHk&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=6"
+ },
+ {
+ "id": "1.7",
+ "name": "Groups & Software",
+ "video": "https://www.youtube.com/watch?v=FvP-2kCiQ0A&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=7"
+ },
+ {
+ "id": "1.8",
+ "name": "How ATT&CK Grows & Evolves",
+ "video": "https://www.youtube.com/watch?v=1imFkL3JuPs&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=8"
+ }
+ ]
+ },
+ "module2": {
+ "module": "MODULE 2",
+ "short_name": "Module 2: Benefits of using ATT&CK",
+ "id": "mod2",
+ "name": "Benefits of using ATT&CK",
+ "video": "https://www.youtube.com/watch?v=l7vj_L9GOL4&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=9",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "2.1",
+ "name": "Community Perspective",
+ "video": "https://www.youtube.com/watch?v=l7vj_L9GOL4&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=9"
+ },
+ {
+ "id": "2.2",
+ "name": "Common Language",
+ "video": "https://www.youtube.com/watch?v=rDj9bKL98eU&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=10"
+ },
+ {
+ "id": "2.3",
+ "name": "Quantitative Scorecard",
+ "video": "https://www.youtube.com/watch?v=2cWCbgeCYT4&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=11"
+ },
+ {
+ "id": "2.4",
+ "name": "ATT&CK Navigator",
+ "video": "https://www.youtube.com/watch?v=KcWo8FxF49Q&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=12"
+ }
+ ]
+ },
+ "module3": {
+ "module": "MODULE 3",
+ "short_name": "Module 3: Operationalizing ATT&CK",
+ "id": "mod3",
+ "name": "Operationalizing ATT&CK",
+ "video": "https://www.youtube.com/watch?v=r0FXhxjTN0c&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=13",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "3.1",
+ "name": "Cyber Threat Intelligence",
+ "video": "https://www.youtube.com/watch?v=r0FXhxjTN0c&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=13"
+ },
+ {
+ "id": "3.2",
+ "name": "Analytics & Detection",
+ "video": "https://www.youtube.com/watch?v=WZFrO-OYPcU&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=14"
+ },
+ {
+ "id": "3.3",
+ "name": "Threat Emulation",
+ "video": "https://www.youtube.com/watch?v=-UhRSTtWZkQ&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=15"
+ },
+ {
+ "id": "3.4",
+ "name": "Assessments & Engineering",
+ "video": "https://www.youtube.com/watch?v=kaL0o4NR-e0&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=16"
+ },
+ {
+ "id": "3.5",
+ "name": "Putting It All Together into Threat-Informed Defense",
+ "video": "https://www.youtube.com/watch?v=AZ6Oi6FKUE8&list=PLLGRmm150VfC6p5RMJDMe1ZgliqDfXhvd&index=17"
+ }
+ ]
+ }
+ },
+ "adversary_emulation": {
+ "module1": {
+ "module": "MODULE 1",
+ "short_name": "Module 1: Adversary Emulation - Technique Deep Dive Series",
+ "id": "mod1",
+ "name": "Adversary Emulation - Technique Deep Dive Series",
+ "video": "https://www.youtube.com/watch?v=IhdKy7XeG_M&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "1.1",
+ "name": "Token Impersonation and Theft",
+ "video": "https://www.youtube.com/watch?v=IhdKy7XeG_M&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS"
+ },
+ {
+ "id": "1.2",
+ "name": "Access Token Impersonation and Theft Review",
+ "video": "https://www.youtube.com/watch?v=Fkvq7S4uZ6g&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS&index=2"
+ },
+ {
+ "id": "1.3",
+ "name": "FIN8 Token Impersonation and Theft",
+ "video": "https://www.youtube.com/watch?v=485ZyE-ReQg&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS&index=3"
+ },
+ {
+ "id": "1.4",
+ "name": "FIN8 Emulation Considerations",
+ "video": "https://www.youtube.com/watch?v=k2D5vWLFFmw&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS&index=4"
+ },
+ {
+ "id": "1.5",
+ "name": "Shamoon Token Impersonation and Theft",
+ "video": "https://www.youtube.com/watch?v=pGKQj4GatLU&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS&index=5"
+ },
+ {
+ "id": "1.6",
+ "name": "Filling Shamoon Gaps",
+ "video": "https://www.youtube.com/watch?v=hizJz_qRVWA&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS&index=6"
+ },
+ {
+ "id": "1.7",
+ "name": "Shamoon Emulation Considerations",
+ "video": "https://www.youtube.com/watch?v=Mx6rcqr-6S8&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS&index=7"
+ },
+ {
+ "id": "1.8",
+ "name": "Summary",
+ "video": "https://www.youtube.com/watch?v=xi8CRxFWpfk&list=PLLGRmm150VfDeFZ7zRyz_nSn9Ult-AGDS&index=8"
+ }
+ ]
+ }
+ },
+ "access_tokens": {
+ "module1": {
+ "module": "MODULE 1",
+ "short_name": "Module 1: Access Tokens Technical Primer",
+ "id": "mod1",
+ "name": "Access Tokens Technical Primer",
+ "video": "https://www.youtube.com/watch?v=3KdIKwJGM_o&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=8",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "1.1",
+ "name": "Course Introduction",
+ "video": "https://www.youtube.com/watch?v=3KdIKwJGM_o&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=8"
+ },
+ {
+ "id": "1.2",
+ "name": "Logon Sessions",
+ "video": "https://www.youtube.com/watch?v=_DgGj-qPups&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=7"
+ },
+ {
+ "id": "1.3",
+ "name": "What Are Access Tokens?",
+ "video": "https://www.youtube.com/watch?v=-LGzQzlXlZ8&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=6"
+ },
+ {
+ "id": "1.4",
+ "name": "Primary vs. Impersonation Tokens",
+ "video": "https://www.youtube.com/watch?v=a6E5_5Ynh04&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=5"
+ },
+ {
+ "id": "1.5",
+ "name": "Verifying Access Using Access Tokens",
+ "video": "https://www.youtube.com/watch?v=lKfzp0MWCsw&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=4"
+ },
+ {
+ "id": "1.6",
+ "name": "Access Tokens and Network Authentication",
+ "video": "https://www.youtube.com/watch?v=y0_hTtZLt0g&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=3"
+ },
+ {
+ "id": "1.7",
+ "name": "Access Tokens and User Access Control",
+ "video": "https://www.youtube.com/watch?v=jGHDHlCF67Y&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=2"
+ },
+ {
+ "id": "1.8",
+ "name": "Wrap-Up",
+ "video": "https://www.youtube.com/watch?v=Y6tVjFSB02w&list=PLLGRmm150VfA2Oy7sMgTPwGJZ6x0T3nGQ&index=1"
+ }
+ ]
+ }
+ },
+ "soc_assessments": {
+ "module1": {
+ "module": "MODULE 1",
+ "short_name": "Module 1: Overview of ATT&CK Based SOC Assessments",
+ "id": "mod1",
+ "name": "Overview of ATT&CK Based SOC Assessments",
+ "video": "https://www.youtube.com/watch?v=lEXwtkJqlx4&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "1.1",
+ "name": "Why ATT&CK-based SOC Assessments?",
+ "video": "https://www.youtube.com/watch?v=lEXwtkJqlx4&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-"
+ },
+ {
+ "id": "1.2",
+ "name": "A Methodology for Assessments",
+ "video": "https://www.youtube.com/watch?v=lbcj7Av1BM0&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=15"
+ },
+ {
+ "id": "1.3",
+ "name": "Framing an Assessment",
+ "video": "https://www.youtube.com/watch?v=TGDIQpWu8P8&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=14"
+ },
+ {
+ "id": "1.4",
+ "name": "Scoping an Assessment",
+ "video": "https://www.youtube.com/watch?v=5vKyFv-2yhY&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=13"
+ }
+ ]
+ },
+ "module2": {
+ "module": "MODULE 2",
+ "short_name": "Module 2: Analyzing SOC Components with ATT&CK",
+ "id": "mod2",
+ "name": "Analyzing SOC Components with ATT&CK",
+ "video": "https://www.youtube.com/watch?v=TFgO_6pO0ww&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=12",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "2.1",
+ "name": "Setting a Coverage Rubric",
+ "video": "https://www.youtube.com/watch?v=TFgO_6pO0ww&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=12"
+ },
+ {
+ "id": "2.2",
+ "name": "Working with Data Sources Part 1",
+ "video": "https://www.youtube.com/watch?v=O-P7tZHl-gM&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=11"
+ },
+ {
+ "id": "2.3",
+ "name": "Working with Data Sources Part 2",
+ "video": "https://www.youtube.com/watch?v=TAyUZzPo8tg&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=10"
+ },
+ {
+ "id": "2.4",
+ "name": "Analyzing Analytics",
+ "video": "https://www.youtube.com/watch?v=ZevuFdf-_Bc&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=9"
+ },
+ {
+ "id": "2.5",
+ "name": "Breaking Down Tools",
+ "video": "https://www.youtube.com/watch?v=ZNhXIvJbLhM&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=8"
+ }
+ ]
+ },
+ "module3": {
+ "module": "MODULE 3",
+ "short_name": "Module 3: Synthesizing SOC Assessments",
+ "id": "mod3",
+ "name": "Synthesizing SOC Assessments",
+ "video": "https://www.youtube.com/watch?v=B_IDPp5STBY&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=7",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "3.1",
+ "name": "Interviewing Staff",
+ "video": "https://www.youtube.com/watch?v=LLURz7RLNPQ&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=6"
+ },
+ {
+ "id": "3.2",
+ "name": "Communicating with ATT&CK",
+ "video": "https://www.youtube.com/watch?v=pVj437kBM9I&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=5"
+ },
+ {
+ "id": "3.3",
+ "name": "Compiling a Final Heatmap Part 1",
+ "video": "https://www.youtube.com/watch?v=xR8xAdTg9UQ&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=4"
+ },
+ {
+ "id": "3.4",
+ "name": "Compiling a Final Heatmap Part 2",
+ "video": "https://www.youtube.com/watch?v=dA4sCMJyync&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=3"
+ },
+ {
+ "id": "3.5",
+ "name": "Proposing Recommendations Part 1",
+ "video": "https://www.youtube.com/watch?v=Uf0zlRzZsS0&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=2"
+ },
+ {
+ "id": "3.6",
+ "name": "Proposing Recommendations Part 2",
+ "video": "https://www.youtube.com/watch?v=wcNBemEyr1M&list=PLLGRmm150VfDQ295ZE9jxKszjoK2K93L-&index=1"
+ }
+ ]
+ }
+ },
+ "threat_hunting": {
+ "module1": {
+ "module": "MODULE 1",
+ "short_name": "Module 1: Threat Hunting Fundamentals",
+ "id": "mod1",
+ "name": "Threat Hunting Fundamentals",
+ "video": "https://www.youtube.com/watch?v=zSVnJWV5kpE&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "1.1",
+ "name": "Threat Hunting and Detection Engineering - Fundamentals Part 1",
+ "video": "https://www.youtube.com/watch?v=zSVnJWV5kpE&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd"
+ },
+ {
+ "id": "1.2",
+ "name": "Threat Hunting and Detection Engineering - Fundamentals Part 2",
+ "video": "https://www.youtube.com/watch?v=DsD9iXB8wJg&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=2"
+ },
+ {
+ "id": "1.3",
+ "name": "Threat Hunting and Detection Engineering - Fundamentals Part 3",
+ "video": "https://www.youtube.com/watch?v=emzUhkiXM0g&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=3"
+ },
+ {
+ "id": "1.4",
+ "name": "Threat Hunting and Detection Engineering - Fundamentals Part 4",
+ "video": "https://www.youtube.com/watch?v=-IPD2vRhq3k&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=4"
+ },
+ {
+ "id": "1.5",
+ "name": "Threat Hunting and Detection Engineering - Fundamentals Part 5",
+ "video": "https://www.youtube.com/watch?v=9KhSRm1sxnY&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=5"
+ }
+ ]
+ },
+ "module2": {
+ "module": "MODULE 2",
+ "short_name": "Module 2: Developing Hypotheses & Abstract Analysis",
+ "id": "mod2",
+ "name": "Developing Hypotheses & Abstract Analysis",
+ "video": "https://www.youtube.com/watch?v=fccC9koH4ak&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=6",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "2.1",
+ "name": "Threat Hunting and Detection Engineering - Hypotheses Part 1",
+ "video": "https://www.youtube.com/watch?v=fccC9koH4ak&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=6"
+ },
+ {
+ "id": "2.2",
+ "name": "Threat Hunting and Detection Engineering - Hypotheses Part 2",
+ "video": "https://www.youtube.com/watch?v=YfEu3TJo2SU&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=7"
+ },
+ {
+ "id": "2.3",
+ "name": "Threat Hunting and Detection Engineering - Hypotheses Part 3",
+ "video": "https://www.youtube.com/watch?v=UUu1fnAFViQ&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=8"
+ },
+ {
+ "id": "2.4",
+ "name": "Threat Hunting and Detection Engineering - Hypotheses Part 4",
+ "video": "https://www.youtube.com/watch?v=JUKFnMtfIqs&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=9"
+ },
+ {
+ "id": "2.5",
+ "name": "Threat Hunting and Detection Engineering - Hypotheses Part 5",
+ "video": "https://www.youtube.com/watch?v=qPkGHYq7Dek&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=10"
+ },
+ {
+ "id": "2.6",
+ "name": "Threat Hunting and Detection Engineering - Hypotheses Part 6",
+ "video": "https://www.youtube.com/watch?v=-X65d8lkk3Y&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=11"
+ },
+ {
+ "id": "2.7",
+ "name": "Threat Hunting and Detection Engineering - Hypotheses Part 7",
+ "video": "https://www.youtube.com/watch?v=qoQXyc88yYA&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=12"
+ },
+ {
+ "id": "2.8",
+ "name": "Threat Hunting and Detection Engineering - Hypotheses Part 8",
+ "video": "https://www.youtube.com/watch?v=3PMmdV3zD2w&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=13"
+ }
+ ]
+ },
+ "module3": {
+ "module": "MODULE 3",
+ "short_name": "Module 3: Determing Data Requirements",
+ "id": "mod3",
+ "name": "Determing Data Requirements",
+ "video": "https://www.youtube.com/watch?v=DbbiEPDeNXs&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=14",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "3.1",
+ "name": "Threat Hunting and Detection Engineering - Data Requirements Part 1",
+ "video": "https://www.youtube.com/watch?v=DbbiEPDeNXs&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=14"
+ },
+ {
+ "id": "3.2",
+ "name": "Threat Hunting and Detection Engineering - Data Requirements Part 2",
+ "video": "https://www.youtube.com/watch?v=WdDG2olS-Eo&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=15"
+ },
+ {
+ "id": "3.3",
+ "name": "Threat Hunting and Detection Engineering - Data Requirements Part 3",
+ "video": "https://www.youtube.com/watch?v=gRtf15ITfNw&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=16"
+ }
+ ]
+ },
+ "module4": {
+ "module": "MODULE 4",
+ "short_name": "Module 4: Identify and Mitigate Data Collection Gaps",
+ "id": "mod4",
+ "name": "Identify and Mitigate Data Collection Gaps",
+ "video": "https://www.youtube.com/watch?v=_rNG-EiPasM&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=17",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "4.1",
+ "name": "Threat Hunting and Detection Engineering - Addressing Data Collection Gaps Part 1",
+ "video": "https://www.youtube.com/watch?v=_rNG-EiPasM&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=17"
+ },
+ {
+ "id": "4.2",
+ "name": "Threat Hunting and Detection Engineering - Addressing Data Collection Gaps Part 2",
+ "video": "https://www.youtube.com/watch?v=ulNVHpR-VL8&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=18"
+ },
+ {
+ "id": "4.3",
+ "name": "Threat Hunting and Detection Engineering - Addressing Data Collection Gaps Part 3",
+ "video": "https://www.youtube.com/watch?v=gKYOOOXbteU&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=19"
+ },
+ {
+ "id": "4.4",
+ "name": "Threat Hunting and Detection Engineering - Addressing Data Collection Gaps Part 4",
+ "video": "https://www.youtube.com/watch?v=K7qE1mkdJA8&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=20"
+ },
+ {
+ "id": "4.5",
+ "name": "Threat Hunting and Detection Engineering - Addressing Data Collection Gaps Part 5",
+ "video": "https://www.youtube.com/watch?v=MraslvoUe6w&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=21"
+ },
+ {
+ "id": "4.6",
+ "name": "Threat Hunting and Detection Engineering - Addressing Data Collection Gaps Part 6",
+ "video": "https://www.youtube.com/watch?v=Gx9z9-5qx-0&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=22"
+ }
+ ]
+ },
+ "module5": {
+ "module": "MODULE 5",
+ "short_name": "Module 5: Implement and Test Analytics",
+ "id": "mod5",
+ "name": "Implement and Test Analytics",
+ "video": "https://www.youtube.com/watch?v=gc3QcPdZaQU&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=23",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "5.1",
+ "name": "Threat Hunting and Detection Engineering - Tuning Analytics Part 1",
+ "video": "https://www.youtube.com/watch?v=gc3QcPdZaQU&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=23"
+ },
+ {
+ "id": "5.2",
+ "name": "Threat Hunting and Detection Engineering - Tuning Analytics Part 2",
+ "video": "https://www.youtube.com/watch?v=j8W-ABrQnLo&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=24"
+ },
+ {
+ "id": "5.3",
+ "name": "Threat Hunting and Detection Engineering - Tuning Analytics Part 3",
+ "video": "https://www.youtube.com/watch?v=RRdeMIRj6S0&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=25"
+ },
+ {
+ "id": "5.4",
+ "name": "Threat Hunting and Detection Engineering - Tuning Analytics Part 4",
+ "video": "https://www.youtube.com/watch?v=4v0P2ZQjaGo&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=26"
+ },
+ {
+ "id": "5.5",
+ "name": "Threat Hunting and Detection Engineering - Tuning Analytics Part 5",
+ "video": "https://www.youtube.com/watch?v=G4o6p1PVPrk&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=27"
+ },
+ {
+ "id": "5.6",
+ "name": "Threat Hunting and Detection Engineering - Tuning Analytics Part 6",
+ "video": "https://www.youtube.com/watch?v=TuNKYP3Dz20&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=28"
+ }
+ ]
+ },
+ "module6": {
+ "module": "MODULE 6",
+ "short_name": "Module 6: Hunt and Investigation",
+ "id": "mod6",
+ "name": "Hunt and Investigation",
+ "video": "https://www.youtube.com/watch?v=jtBnbpi7q1s&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=29",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "6.1",
+ "name": "Threat Hunting and Detection Engineering - Application Part 1",
+ "video": "https://www.youtube.com/watch?v=jtBnbpi7q1s&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=29"
+ },
+ {
+ "id": "6.2",
+ "name": "Threat Hunting and Detection Engineering - Application Part 2",
+ "video": "https://www.youtube.com/watch?v=gdyk9bDeLDo&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=30"
+ },
+ {
+ "id": "6.3",
+ "name": "Threat Hunting and Detection Engineering - Application Part 3",
+ "video": "https://www.youtube.com/watch?v=u3m-JRT0ItU&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=31"
+ },
+ {
+ "id": "6.4",
+ "name": "Threat Hunting and Detection Engineering - Application Part 4",
+ "video": "https://www.youtube.com/watch?v=E6F_mhOGex8&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=32"
+ },
+ {
+ "id": "6.5",
+ "name": "Threat Hunting and Detection Engineering - Application Part 5",
+ "video": "https://www.youtube.com/watch?v=K0_5lhzKuKU&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=33"
+ },
+ {
+ "id": "6.6",
+ "name": "Threat Hunting and Detection Engineering - Application Part 6",
+ "video": "https://www.youtube.com/watch?v=XiwOVAi7qxA&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=34"
+ },
+ {
+ "id": "6.7",
+ "name": "Threat Hunting and Detection Engineering - Application Part 7",
+ "video": "https://www.youtube.com/watch?v=5Kg2pLvpe-c&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=35"
+ },
+ {
+ "id": "6.8",
+ "name": "Threat Hunting and Detection Engineering - Application Part 8",
+ "video": "https://www.youtube.com/watch?v=T-_ELI3CYOY&list=PLLGRmm150VfCIl0QnKoHBgALhUdidMNVd&index=36"
+ }
+ ]
+ }
+ },
+ "detection_engineering": {
+ "module1": {
+ "module": "MODULE 1",
+ "short_name": "Module 1: ATT&CK Detection Engineering: T1134.001 (Token Impersonation and Theft)",
+ "id": "mod1",
+ "name": "ATT&CK Detection Engineering: T1134.001 (Token Impersonation and Theft)",
+ "video": "https://www.youtube.com/watch?v=pZ3hzeBi-Ek&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "1.1",
+ "name": "Introduction",
+ "video": "https://www.youtube.com/watch?v=pZ3hzeBi-Ek&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY"
+ },
+ {
+ "id": "1.2",
+ "name": "Researching Token Impersonation and Theft",
+ "video": "https://www.youtube.com/watch?v=dcVSr598TrY&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY&index=2"
+ },
+ {
+ "id": "1.3",
+ "name": "Testing and Emulation",
+ "video": "https://www.youtube.com/watch?v=Z77TpfqDWHs&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY&index=3"
+ },
+ {
+ "id": "1.4",
+ "name": "Analyzing Testing Results: ImpersonateLoggedOnUser",
+ "video": "https://www.youtube.com/watch?v=_OGmeVP0azU&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY&index=4"
+ },
+ {
+ "id": "1.5",
+ "name": "Analyzing Testing Results: SetThreadToken",
+ "video": "https://www.youtube.com/watch?v=qyS4eS3_ByE&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY&index=5"
+ },
+ {
+ "id": "1.6",
+ "name": "Building Analytics",
+ "video": "https://www.youtube.com/watch?v=g1h3hOEMdQk&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY&index=6"
+ },
+ {
+ "id": "1.7",
+ "name": "Sharing Results",
+ "video": "https://www.youtube.com/watch?v=Q0buPVyGh_o&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY&index=7"
+ },
+ {
+ "id": "1.8",
+ "name": "Conclusion",
+ "video": "https://www.youtube.com/watch?v=OiWJ6VLJRz8&list=PLLGRmm150VfDoylWB03PuVWf-bxj2hMSY&index=8"
+ }
+ ]
+ }
}
}
\ No newline at end of file
diff --git a/modules/resources/resources.py b/modules/resources/resources.py
index 91d686691dc..9ea8627c39e 100644
--- a/modules/resources/resources.py
+++ b/modules/resources/resources.py
@@ -87,6 +87,7 @@ def generate_training_pages():
# load training data
with open(os.path.join(site_config.data_directory, "trainings.json"), "r", encoding="utf8") as f:
trainings = json.load(f)
+ print(trainings)
# get markdown
training_md = resources_config.training_md
@@ -101,6 +102,55 @@ def generate_training_pages():
# write markdown to file
with open(os.path.join(site_config.resources_markdown_path, "training_cti.md"), "w", encoding="utf8") as md_file:
md_file.write(training_cti_md)
+
+ # Purple teaming fundamentals training
+ training_purple_teaming_fundamentals_md = resources_config.training_purple_teaming_fundamentals_md + json.dumps(trainings)
+
+ # write markdown to file
+ with open(os.path.join(site_config.resources_markdown_path, "training_purple_teaming_fundamentals.md"), "w", encoding="utf8") as md_file:
+ md_file.write(training_purple_teaming_fundamentals_md)
+
+ # ATT&CK fundamentals training
+ training_attack_fundamentals_md = resources_config.training_attack_fundamentals_md + json.dumps(trainings)
+
+ # write markdown to file
+ with open(os.path.join(site_config.resources_markdown_path, "training_attack_fundamentals.md"), "w", encoding="utf8") as md_file:
+ md_file.write(training_attack_fundamentals_md)
+
+ # ATT&CK adversary emulation training
+ training_adversary_emulation_md = resources_config.training_adversary_emulation_md + json.dumps(trainings)
+
+ # write markdown to file
+ with open(os.path.join(site_config.resources_markdown_path, "training_adversary_emulation.md"), "w", encoding="utf8") as md_file:
+ md_file.write(training_adversary_emulation_md)
+
+ # ATT&CK access tokens technical primer training
+ training_access_tokens_md = resources_config.training_access_tokens_md + json.dumps(trainings)
+
+ # write markdown to file
+ with open(os.path.join(site_config.resources_markdown_path, "training_access_tokens.md"), "w", encoding="utf8") as md_file:
+ md_file.write(training_access_tokens_md)
+
+ # ATT&CK soc assessments training
+ training_soc_assessments_md = resources_config.training_soc_assessments_md + json.dumps(trainings)
+
+ # write markdown to file
+ with open(os.path.join(site_config.resources_markdown_path, "training_soc_assessments.md"), "w", encoding="utf8") as md_file:
+ md_file.write(training_soc_assessments_md)
+
+ # ATT&CK threat hunting training
+ training_threat_hunting_md = resources_config.training_threat_hunting_md + json.dumps(trainings)
+
+ # write markdown to file
+ with open(os.path.join(site_config.resources_markdown_path, "training_threat_hunting.md"), "w", encoding="utf8") as md_file:
+ md_file.write(training_threat_hunting_md)
+
+ # ATT&CK detection engineering training
+ training_detection_engineering_md = resources_config.training_detection_engineering_md + json.dumps(trainings)
+
+ # write markdown to file
+ with open(os.path.join(site_config.resources_markdown_path, "training_detection_engineering.md"), "w", encoding="utf8") as md_file:
+ md_file.write(training_detection_engineering_md)
def generate_brand_page():
diff --git a/modules/resources/resources_config.py b/modules/resources/resources_config.py
index a061ab5f4e0..8a46608b937 100644
--- a/modules/resources/resources_config.py
+++ b/modules/resources/resources_config.py
@@ -26,6 +26,55 @@
"data: "
)
+training_purple_teaming_fundamentals_md = (
+ "Title: ATT&CK For Purple Teaming Fundamentals Training\n"
+ "Template: resources/training-purple-teaming-fundamentals\n"
+ "save_as: resources/learn-more-about-attack/training/purple-teaming-fundamentals/index.html\n"
+ "data: "
+)
+
+training_attack_fundamentals_md = (
+ "Title: ATT&CK Fundamentals Training\n"
+ "Template: resources/training-attack-fundamentals\n"
+ "save_as: resources/learn-more-about-attack/training/attack-fundamentals/index.html\n"
+ "data: "
+)
+
+training_adversary_emulation_md = (
+ "Title: ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft)\n"
+ "Template: resources/training-adversary-emulation\n"
+ "save_as: resources/learn-more-about-attack/training/adversary-emulation/index.html\n"
+ "data: "
+)
+
+training_access_tokens_md = (
+ "Title: Access Tokens Technical Primer\n"
+ "Template: resources/training-access-tokens\n"
+ "save_as: resources/learn-more-about-attack/training/access-tokens/index.html\n"
+ "data: "
+)
+
+training_soc_assessments_md = (
+ "Title: Overview of ATT&CK Based SOC Assessments\n"
+ "Template: resources/training-soc-assessments\n"
+ "save_as: resources/learn-more-about-attack/training/soc-assessments/index.html\n"
+ "data: "
+)
+
+training_threat_hunting_md = (
+ "Title: TTP-Based Threat Hunting and Detection Engineering\n"
+ "Template: resources/training-threat-hunting\n"
+ "save_as: resources/learn-more-about-attack/training/threat-hunting/index.html\n"
+ "data: "
+)
+
+training_detection_engineering_md = (
+ "Title: ATT&CK Detection Engineering\n"
+ "Template: resources/training-detection-engineering\n"
+ "save_as: resources/learn-more-about-attack/training/detection-engineering/index.html\n"
+ "data: "
+)
+
# FAQ md
faq_md = (
"Title: Frequently Asked Questions\n"
diff --git a/modules/resources/templates/training-access-tokens.html b/modules/resources/templates/training-access-tokens.html
new file mode 100644
index 00000000000..7b5618f6303
--- /dev/null
+++ b/modules/resources/templates/training-access-tokens.html
@@ -0,0 +1,126 @@
+{% extends "general/two-column.html" %}
+{% set active_page = "resources" -%}
+{% set title = "ATT&CK Access Tokens Technical Primer | MITRE ATT&CK®" -%}
+{% set parsed = page.data | from_json %}
+{% import 'macros/navigation.html' as navigation %}
+
+{% block innerleft %}
+
+{% endblock %}
+
+{% block innerright %}
+
+
+ - Home
+ - Resources
+ - Learn More about ATT&CK
+ - Training
+ - ATT&CK Access Tokens Technical Primer
+
+
+
+
+
+
+
+
+
ATT&CK Access Tokens Technical Primer Training
+
+
Modules
+
+ {% for training in parsed.access_tokens.values() %}
+
+
+
+
+
+ {% for exercise in training.exercises %}
+
+
{{ exercise.name }}
+
+
+ {% for resource in exercise.resources %}
+
+
{{ resource.name }}
+ {% for link in resource.links %}
+
+ {% endfor %}
+
+ {% endfor %}
+
+
+ {% endfor %}
+
+
+ {% endfor %}
+
+
+
+
+
+
+
+{% endblock %} {% block scripts %} {{ super() }}
+
+
+{% endblock %}
+
\ No newline at end of file
diff --git a/modules/resources/templates/training-adversary-emulation.html b/modules/resources/templates/training-adversary-emulation.html
new file mode 100644
index 00000000000..dc1c87df37b
--- /dev/null
+++ b/modules/resources/templates/training-adversary-emulation.html
@@ -0,0 +1,126 @@
+{% extends "general/two-column.html" %}
+{% set active_page = "resources" -%}
+{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%}
+{% set parsed = page.data | from_json %}
+{% import 'macros/navigation.html' as navigation %}
+
+{% block innerleft %}
+
+{% endblock %}
+
+{% block innerright %}
+
+
+ - Home
+ - Resources
+ - Learn More about ATT&CK
+ - Training
+ - ATT&CK Adversary Emulation
+
+
+
+
+
+
+
+
+
ATT&CK Adversary Emulation Training
+
+
Modules
+
+ {% for training in parsed.adversary_emulation.values() %}
+
+
+
+
+
+ {% for exercise in training.exercises %}
+
+
{{ exercise.name }}
+
+
+ {% for resource in exercise.resources %}
+
+
{{ resource.name }}
+ {% for link in resource.links %}
+
+ {% endfor %}
+
+ {% endfor %}
+
+
+ {% endfor %}
+
+
+ {% endfor %}
+
+
+
+
+
+
+
+{% endblock %} {% block scripts %} {{ super() }}
+
+
+{% endblock %}
+
\ No newline at end of file
diff --git a/modules/resources/templates/training-attack-fundamentals.html b/modules/resources/templates/training-attack-fundamentals.html
new file mode 100644
index 00000000000..7baf96f8e41
--- /dev/null
+++ b/modules/resources/templates/training-attack-fundamentals.html
@@ -0,0 +1,126 @@
+{% extends "general/two-column.html" %}
+{% set active_page = "resources" -%}
+{% set title = "ATT&CK Fundamentals | MITRE ATT&CK®" -%}
+{% set parsed = page.data | from_json %}
+{% import 'macros/navigation.html' as navigation %}
+
+{% block innerleft %}
+
+{% endblock %}
+
+{% block innerright %}
+
+
+ - Home
+ - Resources
+ - Learn More about ATT&CK
+ - Training
+ - ATT&CK Fundamentals Training
+
+
+
+
+
+
+
+
+
ATT&CK Fundamentals Training
+
+
Modules
+
+ {% for training in parsed.attack_fundamentals.values() %}
+
+
+
+
+
+ {% for exercise in training.exercises %}
+
+
{{ exercise.name }}
+
+
+ {% for resource in exercise.resources %}
+
+
{{ resource.name }}
+ {% for link in resource.links %}
+
+ {% endfor %}
+
+ {% endfor %}
+
+
+ {% endfor %}
+
+
+ {% endfor %}
+
+
+
+
+
+
+
+{% endblock %} {% block scripts %} {{ super() }}
+
+
+{% endblock %}
+
\ No newline at end of file
diff --git a/modules/resources/templates/training-detection-engineering.html b/modules/resources/templates/training-detection-engineering.html
new file mode 100644
index 00000000000..038f679c71d
--- /dev/null
+++ b/modules/resources/templates/training-detection-engineering.html
@@ -0,0 +1,126 @@
+{% extends "general/two-column.html" %}
+{% set active_page = "resources" -%}
+{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%}
+{% set parsed = page.data | from_json %}
+{% import 'macros/navigation.html' as navigation %}
+
+{% block innerleft %}
+
+{% endblock %}
+
+{% block innerright %}
+
+
+ - Home
+ - Resources
+ - Learn More about ATT&CK
+ - Training
+ - ATT&CK Detection Engineering
+
+
+
+
+
+
+
+
+
ATT&CK Detection Engineering Training
+
+
Modules
+
+ {% for training in parsed.detection_engineering.values() %}
+
+
+
+
+
+ {% for exercise in training.exercises %}
+
+
{{ exercise.name }}
+
+
+ {% for resource in exercise.resources %}
+
+
{{ resource.name }}
+ {% for link in resource.links %}
+
+ {% endfor %}
+
+ {% endfor %}
+
+
+ {% endfor %}
+
+
+ {% endfor %}
+
+
+
+
+
+
+
+{% endblock %} {% block scripts %} {{ super() }}
+
+
+{% endblock %}
+
\ No newline at end of file
diff --git a/modules/resources/templates/training-purple-teaming-fundamentals.html b/modules/resources/templates/training-purple-teaming-fundamentals.html
new file mode 100644
index 00000000000..42707085722
--- /dev/null
+++ b/modules/resources/templates/training-purple-teaming-fundamentals.html
@@ -0,0 +1,119 @@
+{% extends "general/two-column.html" %}
+{% set active_page = "resources" -%}
+{% set title = "Using ATT&CK for Purple Teaming | MITRE ATT&CK®" -%}
+{% set parsed = page.data | from_json %}
+{% import 'macros/navigation.html' as navigation %}
+
+{% block innerleft %}
+
+{% endblock %}
+
+{% block innerright %}
+
+
+ - Home
+ - Resources
+ - Learn More about ATT&CK
+ - Training
+ - Purple Teaming Fundamentals Training
+
+
+
+
+
+
+
+
+
Purple Teaming Fundamentals Training
+
+
Modules
+
+ {% for training in parsed.purple_teaming_fundamentals.values() %}
+
+
+
+
+ {% for exercise in training.exercises %}
+
+
{{ exercise.name }}
+
+
+ {% for resource in exercise.resources %}
+
+
{{ resource.name }}
+ {% for link in resource.links %}
+
+ {% endfor %}
+
+ {% endfor %}
+
+
+ {% endfor %}
+
+
+ {% endfor %}
+
+
+
+
+
+
+
+{% endblock %} {% block scripts %} {{ super() }}
+
+
+{% endblock %}
+
\ No newline at end of file
diff --git a/modules/resources/templates/training-soc-assessments.html b/modules/resources/templates/training-soc-assessments.html
new file mode 100644
index 00000000000..e639abc6953
--- /dev/null
+++ b/modules/resources/templates/training-soc-assessments.html
@@ -0,0 +1,126 @@
+{% extends "general/two-column.html" %}
+{% set active_page = "resources" -%}
+{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%}
+{% set parsed = page.data | from_json %}
+{% import 'macros/navigation.html' as navigation %}
+
+{% block innerleft %}
+
+{% endblock %}
+
+{% block innerright %}
+
+
+ - Home
+ - Resources
+ - Learn More about ATT&CK
+ - Training
+ - ATT&CK Based SOC Assessments
+
+
+
+
+
+
+
+
+
ATT&CK Based SOC Assessments Training
+
+
Modules
+
+ {% for training in parsed.soc_assessments.values() %}
+
+
+
+
+
+ {% for exercise in training.exercises %}
+
+
{{ exercise.name }}
+
+
+ {% for resource in exercise.resources %}
+
+
{{ resource.name }}
+ {% for link in resource.links %}
+
+ {% endfor %}
+
+ {% endfor %}
+
+
+ {% endfor %}
+
+
+ {% endfor %}
+
+
+
+
+
+
+
+{% endblock %} {% block scripts %} {{ super() }}
+
+
+{% endblock %}
+
\ No newline at end of file
diff --git a/modules/resources/templates/training-threat-hunting.html b/modules/resources/templates/training-threat-hunting.html
new file mode 100644
index 00000000000..1e7b8751069
--- /dev/null
+++ b/modules/resources/templates/training-threat-hunting.html
@@ -0,0 +1,126 @@
+{% extends "general/two-column.html" %}
+{% set active_page = "resources" -%}
+{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%}
+{% set parsed = page.data | from_json %}
+{% import 'macros/navigation.html' as navigation %}
+
+{% block innerleft %}
+
+{% endblock %}
+
+{% block innerright %}
+
+
+ - Home
+ - Resources
+ - Learn More about ATT&CK
+ - Training
+ - TTP-Based Threat Hunting and Detection Engineering
+
+
+
+
+
+
+
+
+
TTP-Based Threat Hunting and Detection Engineering Training
+
+
Modules
+
+ {% for training in parsed.threat_hunting.values() %}
+
+
+
+
+
+ {% for exercise in training.exercises %}
+
+
{{ exercise.name }}
+
+
+ {% for resource in exercise.resources %}
+
+
{{ resource.name }}
+ {% for link in resource.links %}
+
+ {% endfor %}
+
+ {% endfor %}
+
+
+ {% endfor %}
+
+
+ {% endfor %}
+
+
+
+
+
+
+
+{% endblock %} {% block scripts %} {{ super() }}
+
+
+{% endblock %}
+
\ No newline at end of file
From 916f49be6e772cfbe001cae46318a596697e66d1 Mon Sep 17 00:00:00 2001
From: Charissa Miller <48832936+clemiller@users.noreply.github.com>
Date: Thu, 27 Jun 2024 12:41:44 -0400
Subject: [PATCH 08/19] typo
---
modules/resources/templates/training-cti.html | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules/resources/templates/training-cti.html b/modules/resources/templates/training-cti.html
index 0f5f420b3f4..3c3ac1e8bfe 100644
--- a/modules/resources/templates/training-cti.html
+++ b/modules/resources/templates/training-cti.html
@@ -61,7 +61,7 @@ CTI Trainings
A copy of all slides from the training are here.
- Note:This training assumes an existing knowledge of ATT&CK and its primary concepts. We recommend reviewing the content from our ATT&CK Fundimentals Training before taking this training.
+ Note:This training assumes an existing knowledge of ATT&CK and its primary concepts. We recommend reviewing the content from our ATT&CK Fundamentals Training before taking this training.
Note: The exercises in this training are based on a previous version of ATT&CK. We suggest using ATT&CK v8 and ATT&CK Navigator with ATT&CK v8 if you want exercise results to exactly match the training.
From 9de55c5ca0be688d7229c2b14a91f1fffcec00fd Mon Sep 17 00:00:00 2001
From: Charissa Miller <48832936+clemiller@users.noreply.github.com>
Date: Thu, 27 Jun 2024 12:41:57 -0400
Subject: [PATCH 09/19] move modules to lessons
---
data/trainings.json | 67 +++++++++----------
.../training-purple-teaming-fundamentals.html | 7 ++
2 files changed, 38 insertions(+), 36 deletions(-)
diff --git a/data/trainings.json b/data/trainings.json
index 99b9f37b4f3..b43822ab620 100644
--- a/data/trainings.json
+++ b/data/trainings.json
@@ -188,45 +188,40 @@
}
},
"purple_teaming_fundamentals": {
- "module0": {
- "module": "MODULE 0",
- "short_name": "Module 0: Introduction",
- "id": "mod0",
- "name": "Introduction to Purple Teaming",
- "video": "https://www.youtube.com/watch?v=CLkePP4aqL8&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n",
- "exercises": []
- },
"module1": {
"module": "MODULE 1",
- "short_name": "Module 1: Planning",
+ "short_name": "Module 1: Introduction",
"id": "mod1",
- "name": "Planning",
- "video": "https://www.youtube.com/watch?v=N2zwLZjhayw&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=2",
- "exercises": []
- },
- "module2": {
- "module": "MODULE 2",
- "short_name": "Module 2: Execution",
- "id": "mod2",
- "name": "Execution",
- "video": "https://www.youtube.com/watch?v=NAeUmsgurT8&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=3",
- "exercises": []
- },
- "module3": {
- "module": "MODULE 3",
- "short_name": "Module 3: Follow-Up",
- "id": "mod3",
- "name": "Follow-Up",
- "video": "https://www.youtube.com/watch?v=QqjiCfRM6k0&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=4",
- "exercises": []
- },
- "module4": {
- "module": "MODULE 4",
- "short_name": "Module 4: Example",
- "id": "mod4",
- "name": "Example",
- "video": "https://www.youtube.com/watch?v=OLxtDojHBHg&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=5",
- "exercises": []
+ "name": "Purple Teaming Fundamentals",
+ "video": "https://www.youtube.com/watch?v=CLkePP4aqL8&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n",
+ "exercises": [],
+ "lessons": [
+ {
+ "id": "1.1",
+ "name": "Introduction to Purple Teaming",
+ "video": "https://www.youtube.com/watch?v=CLkePP4aqL8&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n"
+ },
+ {
+ "id": "1.2",
+ "name": "Planning",
+ "video": "https://www.youtube.com/watch?v=N2zwLZjhayw&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=2"
+ },
+ {
+ "id": "1.3",
+ "name": "Execution",
+ "video": "https://www.youtube.com/watch?v=NAeUmsgurT8&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=3"
+ },
+ {
+ "id": "1.4",
+ "name": "Follow-Up",
+ "video": "https://www.youtube.com/watch?v=QqjiCfRM6k0&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=4"
+ },
+ {
+ "id": "1.5",
+ "name": "Example",
+ "video": "https://www.youtube.com/watch?v=OLxtDojHBHg&list=PLLGRmm150VfDasoKHAkz0m6z6z4Jy0q_n&index=5"
+ }
+ ]
}
},
"attack_fundamentals": {
diff --git a/modules/resources/templates/training-purple-teaming-fundamentals.html b/modules/resources/templates/training-purple-teaming-fundamentals.html
index 42707085722..6d4a69b9035 100644
--- a/modules/resources/templates/training-purple-teaming-fundamentals.html
+++ b/modules/resources/templates/training-purple-teaming-fundamentals.html
@@ -75,6 +75,13 @@
Modules
+
{% for exercise in training.exercises %}
{{ exercise.name }}
From 1e99da63a3b868c2a3e2df4a7a1107b5898b218c Mon Sep 17 00:00:00 2001
From: adpare
Date: Mon, 15 Jul 2024 15:24:23 -0400
Subject: [PATCH 10/19] add attackcon to header
---
modules/resources/__init__.py | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/modules/resources/__init__.py b/modules/resources/__init__.py
index ca71b5d84d6..2a7d5b82f68 100644
--- a/modules/resources/__init__.py
+++ b/modules/resources/__init__.py
@@ -27,6 +27,12 @@ def get_menu():
"external_link": False,
"children": [],
},
+ {
+ "display_name": "ATT&CKcon",
+ "url": "/resources/attackcon/",
+ "external_link": False,
+ "children": []
+ },
{
"display_name": "ATT&CK Data & Tools",
"url": "/resources/attack-data-and-tools/",
From f5bd5a8e18eb417d20e43ca2a51e63c47b738b25 Mon Sep 17 00:00:00 2001
From: adpare
Date: Wed, 17 Jul 2024 16:57:51 -0400
Subject: [PATCH 11/19] added attackcon 5
---
data/attackcon.json | 7 ++++++
.../templates/attackcon-overview.html | 6 +++--
modules/resources/templates/attackcon.html | 25 +++++++++++--------
3 files changed, 26 insertions(+), 12 deletions(-)
diff --git a/data/attackcon.json b/data/attackcon.json
index eea866476c3..3470c68b29a 100644
--- a/data/attackcon.json
+++ b/data/attackcon.json
@@ -1,4 +1,11 @@
[{
+ "date": "October 2024",
+ "title": "ATT&CKcon 5.0",
+ "description": "On October 22 and 23, 2024, join fellow cyber professionals at MITRE ATT&CK’s headquarters in McLean, VA for two days of programming, featuring knowledgeable speakers, engaging content, and meaningful collaboration, all designed to help you leverage the ATT&CK framework.
To visit the registration portal, click here
",
+ "sponsors_img_list": [],
+ "presentations": []
+ },
+ {
"date": "October 2023",
"title": "ATT&CKcon 4.0",
"description": "We are thrilled and express our gratitude to everyone who participated in ATT&CKcon 4.0!
This year we were privileged to have another range of speakers who shared their unique insights and experiences, further enriching the knowledge pool of our ATT&CK community. We invite you to continue to watch and share these insightful talks!
Click here to explore the talks from ATT&CKcon 4.0 on our YouTube playlist!",
diff --git a/modules/resources/templates/attackcon-overview.html b/modules/resources/templates/attackcon-overview.html
index fce2942bbb5..5435b9938f1 100644
--- a/modules/resources/templates/attackcon-overview.html
+++ b/modules/resources/templates/attackcon-overview.html
@@ -21,9 +21,9 @@
{% set conID = "-".join(con.date.split(' ')) %}
{% if "sponsors_img_list" in con %}
-
{{ con.title }} Presentations and Sponsors
+
{{ con.title }}
{% else %}
-
{{ con.title }} Presentations
+
{{ con.title }}
{% endif %}
{% set ifSponsor = "sponsors_img_list" in con %}
@@ -43,6 +43,7 @@
{{ con.title }} Presentations
src="/theme/images/external-site-dark.jpeg" alt="External site" class="external-icon">
{% endif %}
+ {% if "banner_img" in con %}
+ {% endif %}
{% endblock %}
diff --git a/modules/resources/templates/attackcon.html b/modules/resources/templates/attackcon.html
index 8fb8f901e3e..0909c0a50d5 100644
--- a/modules/resources/templates/attackcon.html
+++ b/modules/resources/templates/attackcon.html
@@ -29,30 +29,35 @@ ATT&CKCon
Learn about future ATT&CKcons by keeping up with us at Engage with ATT&CK
- {{contact_card.render(
+ {{contact_card.render(
+ "ATT&CKcon 5.0",
+ "/resources/attackcon/october-2024/",
+ "October 22nd - 23rd, 2024
McLean, VA",
+ invert_icon=True)}}
+ {{contact_card.render(
"ATT&CKcon 4.0",
"/resources/attackcon/october-2023/",
"October 24th - 25th, 2023
McLean, VA",
invert_icon=True)}}
- {{contact_card.render(
+ {{contact_card.render(
"ATT&CKcon 3.0",
"/resources/attackcon/march-2022/",
"March 29th - 30th, 2022
McLean, VA",
invert_icon=True)}}
- {{contact_card.render(
- "ATT&CKcon PowerHour",
- "/resources/attackcon/october-2020/",
- "October 2020 - January 2021
Virtual",
- invert_icon=True)}}
+
- {{contact_card.render("ATT&CKcon 2.0", "/resources/attackcon/october-2019/", "
October 29th - 30th,
+ {{contact_card.render(
+ "ATT&CKcon PowerHour",
+ "/resources/attackcon/october-2020/",
+ "October 2020 - January 2021
Virtual",
+ invert_icon=True)}}
+ {{contact_card.render("ATT&CKcon 2.0", "/resources/attackcon/october-2019/", "October 29th - 30th,
2019
McLean, VA",
invert_icon=True)}}
- {{contact_card.render("ATT&CKcon 2018", "/resources/attackcon/october-2018/", "October 23rd - 24th,
+ {{contact_card.render("ATT&CKcon 2018", "/resources/attackcon/october-2018/", "October 23rd - 24th,
2018
McLean, VA",
invert_icon=True)}}
-
From 698fa96fa8aaec65392e37685ebccb40988d80f6 Mon Sep 17 00:00:00 2001
From: Jared Ondricek
Date: Wed, 17 Jul 2024 16:04:00 -0500
Subject: [PATCH 12/19] Update titles
---
modules/resources/templates/training-access-tokens.html | 2 +-
modules/resources/templates/training-adversary-emulation.html | 2 +-
modules/resources/templates/training-attack-fundamentals.html | 4 ++--
modules/resources/templates/training-cti.html | 4 ++--
.../resources/templates/training-detection-engineering.html | 2 +-
.../templates/training-purple-teaming-fundamentals.html | 4 ++--
modules/resources/templates/training-soc-assessments.html | 2 +-
modules/resources/templates/training-threat-hunting.html | 2 +-
8 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/modules/resources/templates/training-access-tokens.html b/modules/resources/templates/training-access-tokens.html
index 7b5618f6303..27149ec8a5d 100644
--- a/modules/resources/templates/training-access-tokens.html
+++ b/modules/resources/templates/training-access-tokens.html
@@ -1,6 +1,6 @@
{% extends "general/two-column.html" %}
{% set active_page = "resources" -%}
-{% set title = "ATT&CK Access Tokens Technical Primer | MITRE ATT&CK®" -%}
+{% set title = "ATT&CK Access Tokens Technical Primer Training | MITRE ATT&CK®" -%}
{% set parsed = page.data | from_json %}
{% import 'macros/navigation.html' as navigation %}
diff --git a/modules/resources/templates/training-adversary-emulation.html b/modules/resources/templates/training-adversary-emulation.html
index dc1c87df37b..8015dadad75 100644
--- a/modules/resources/templates/training-adversary-emulation.html
+++ b/modules/resources/templates/training-adversary-emulation.html
@@ -1,6 +1,6 @@
{% extends "general/two-column.html" %}
{% set active_page = "resources" -%}
-{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%}
+{% set title = "ATT&CK Adversary Emulation Training | MITRE ATT&CK®" -%}
{% set parsed = page.data | from_json %}
{% import 'macros/navigation.html' as navigation %}
diff --git a/modules/resources/templates/training-attack-fundamentals.html b/modules/resources/templates/training-attack-fundamentals.html
index 7baf96f8e41..03ca2014e65 100644
--- a/modules/resources/templates/training-attack-fundamentals.html
+++ b/modules/resources/templates/training-attack-fundamentals.html
@@ -1,6 +1,6 @@
{% extends "general/two-column.html" %}
{% set active_page = "resources" -%}
-{% set title = "ATT&CK Fundamentals | MITRE ATT&CK®" -%}
+{% set title = "ATT&CK Fundamentals Training | MITRE ATT&CK®" -%}
{% set parsed = page.data | from_json %}
{% import 'macros/navigation.html' as navigation %}
@@ -15,7 +15,7 @@
Resources
Learn More about ATT&CK
Training
- ATT&CK Fundamentals Training
+ ATT&CK Fundamentals
diff --git a/modules/resources/templates/training-cti.html b/modules/resources/templates/training-cti.html
index 3c3ac1e8bfe..96807720386 100644
--- a/modules/resources/templates/training-cti.html
+++ b/modules/resources/templates/training-cti.html
@@ -1,6 +1,6 @@
{% extends "general/two-column.html" %}
{% set active_page = "resources" -%}
-{% set title = "Using ATT&CK for CTI Training | MITRE ATT&CK®" -%}
+{% set title = "CTI Training | MITRE ATT&CK®" -%}
{% set parsed = page.data | from_json %}
{% import 'macros/navigation.html' as navigation %}
@@ -35,7 +35,7 @@
-
CTI Trainings
+
CTI Training
The goal of this training is for students to understand the following:
diff --git a/modules/resources/templates/training-detection-engineering.html b/modules/resources/templates/training-detection-engineering.html
index 038f679c71d..7bd53a6fee7 100644
--- a/modules/resources/templates/training-detection-engineering.html
+++ b/modules/resources/templates/training-detection-engineering.html
@@ -1,6 +1,6 @@
{% extends "general/two-column.html" %}
{% set active_page = "resources" -%}
-{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%}
+{% set title = "ATT&CK Detection Engineering Training | MITRE ATT&CK®" -%}
{% set parsed = page.data | from_json %}
{% import 'macros/navigation.html' as navigation %}
diff --git a/modules/resources/templates/training-purple-teaming-fundamentals.html b/modules/resources/templates/training-purple-teaming-fundamentals.html
index 6d4a69b9035..20504611fbc 100644
--- a/modules/resources/templates/training-purple-teaming-fundamentals.html
+++ b/modules/resources/templates/training-purple-teaming-fundamentals.html
@@ -1,6 +1,6 @@
{% extends "general/two-column.html" %}
{% set active_page = "resources" -%}
-{% set title = "Using ATT&CK for Purple Teaming | MITRE ATT&CK®" -%}
+{% set title = "Purple Teaming Fundamentals Training | MITRE ATT&CK®" -%}
{% set parsed = page.data | from_json %}
{% import 'macros/navigation.html' as navigation %}
@@ -15,7 +15,7 @@
Resources
Learn More about ATT&CK
Training
-
Purple Teaming Fundamentals Training
+
Purple Teaming Fundamentals
diff --git a/modules/resources/templates/training-soc-assessments.html b/modules/resources/templates/training-soc-assessments.html
index e639abc6953..03c99325eba 100644
--- a/modules/resources/templates/training-soc-assessments.html
+++ b/modules/resources/templates/training-soc-assessments.html
@@ -1,6 +1,6 @@
{% extends "general/two-column.html" %}
{% set active_page = "resources" -%}
-{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%}
+{% set title = "ATT&CK Based SOC Assessments Training | MITRE ATT&CK®" -%}
{% set parsed = page.data | from_json %}
{% import 'macros/navigation.html' as navigation %}
diff --git a/modules/resources/templates/training-threat-hunting.html b/modules/resources/templates/training-threat-hunting.html
index 1e7b8751069..275f42cdea8 100644
--- a/modules/resources/templates/training-threat-hunting.html
+++ b/modules/resources/templates/training-threat-hunting.html
@@ -1,6 +1,6 @@
{% extends "general/two-column.html" %}
{% set active_page = "resources" -%}
-{% set title = "ATT&CK Adversary Emulation: T1134.001 (Token Impersonation and Theft) | MITRE ATT&CK®" -%}
+{% set title = "TTP-Based Threat Hunting and Detection Engineering Training | MITRE ATT&CK®" -%}
{% set parsed = page.data | from_json %}
{% import 'macros/navigation.html' as navigation %}
From c706a72f855006cd86cf147cc48c5462129faa2b Mon Sep 17 00:00:00 2001
From: adpare
Date: Thu, 18 Jul 2024 13:44:47 -0400
Subject: [PATCH 13/19] rename trainings
---
data/resources_navigation.json | 14 +++++++-------
.../resources/templates/attackcon-overview.html | 8 ++------
2 files changed, 9 insertions(+), 13 deletions(-)
diff --git a/data/resources_navigation.json b/data/resources_navigation.json
index 7e393ff0dc0..c266449492d 100644
--- a/data/resources_navigation.json
+++ b/data/resources_navigation.json
@@ -25,25 +25,25 @@
"path": "/resources/learn-more-about-attack/training/",
"children": [
{
- "name": "CTI Training",
+ "name": "CTI",
"id": "cti",
"path": "/resources/learn-more-about-attack/training/cti/",
"children": []
},
{
- "name": "Purple Teaming Fundamentals Training",
+ "name": "Purple Teaming Fundamentals",
"id": "purple_teaming_fundamentals",
"path": "/resources/learn-more-about-attack/training/purple-teaming-fundamentals/",
"children": []
},
{
- "name": "ATT&CK Fundamentals Training",
+ "name": "ATT&CK Fundamentals",
"id": "attack_fundamentals",
"path": "/resources/learn-more-about-attack/training/attack-fundamentals/",
"children": []
},
{
- "name": "Adversary Emulation Training",
+ "name": "Adversary Emulation",
"id": "adversary_emulation",
"path": "/resources/learn-more-about-attack/training/adversary-emulation/",
"children": []
@@ -55,19 +55,19 @@
"children": []
},
{
- "name": "SOC Assessments Training",
+ "name": "SOC Assessments",
"id": "soc_assessments",
"path": "/resources/learn-more-about-attack/training/soc-assessments/",
"children": []
},
{
- "name": "Threat Hunting Training",
+ "name": "Threat Hunting",
"id": "threat_hunting",
"path": "/resources/learn-more-about-attack/training/threat-hunting/",
"children": []
},
{
- "name": "Detection Engineering Training",
+ "name": "Detection Engineering",
"id": "detection_engineering",
"path": "/resources/learn-more-about-attack/training/detection-engineering/",
"children": []
diff --git a/modules/resources/templates/attackcon-overview.html b/modules/resources/templates/attackcon-overview.html
index 5435b9938f1..9e3e2b33ea3 100644
--- a/modules/resources/templates/attackcon-overview.html
+++ b/modules/resources/templates/attackcon-overview.html
@@ -20,12 +20,8 @@
{% set conID = "-".join(con.date.split(' ')) %}
- {% if "sponsors_img_list" in con %}
-
{{ con.title }}
- {% else %}
-
{{ con.title }}
- {% endif %}
-
+
{{ con.title }}
+
{% set ifSponsor = "sponsors_img_list" in con %}
{% if "banner_img" in con %}
From 23cf43979821fe578230dae46ce8dc469f52af7a Mon Sep 17 00:00:00 2001
From: adpare
Date: Thu, 18 Jul 2024 14:14:58 -0400
Subject: [PATCH 14/19] training landing page content
---
modules/resources/templates/training.html | 23 ++++++++++++++++++++++-
1 file changed, 22 insertions(+), 1 deletion(-)
diff --git a/modules/resources/templates/training.html b/modules/resources/templates/training.html
index b17c6005107..dcb2ef67744 100644
--- a/modules/resources/templates/training.html
+++ b/modules/resources/templates/training.html
@@ -21,7 +21,28 @@
ATT&CK Training
From 9bbacc3b5a9f561399bbb4c3b3eba25b82c69b59 Mon Sep 17 00:00:00 2001
From: adpare
Date: Thu, 18 Jul 2024 14:27:06 -0400
Subject: [PATCH 15/19] trainings landing page update
---
modules/resources/templates/training.html | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/modules/resources/templates/training.html b/modules/resources/templates/training.html
index dcb2ef67744..60e46f4deb2 100644
--- a/modules/resources/templates/training.html
+++ b/modules/resources/templates/training.html
@@ -21,28 +21,28 @@
ATT&CK Training
From 409f3505561ef46c855cc2d0e8396f9e0b5dc0a7 Mon Sep 17 00:00:00 2001
From: Jared Ondricek
Date: Thu, 18 Jul 2024 14:17:19 -0500
Subject: [PATCH 16/19] Refactor trainings section
---
modules/resources/resources.py | 82 ++++++++--------------------------
1 file changed, 18 insertions(+), 64 deletions(-)
diff --git a/modules/resources/resources.py b/modules/resources/resources.py
index 9ea8627c39e..ca4a97ac58d 100644
--- a/modules/resources/resources.py
+++ b/modules/resources/resources.py
@@ -87,71 +87,25 @@ def generate_training_pages():
# load training data
with open(os.path.join(site_config.data_directory, "trainings.json"), "r", encoding="utf8") as f:
trainings = json.load(f)
- print(trainings)
-
- # get markdown
- training_md = resources_config.training_md
-
- # write markdown to file
- with open(os.path.join(site_config.resources_markdown_path, "training.md"), "w", encoding="utf8") as md_file:
- md_file.write(training_md)
-
- # CTI training
- training_cti_md = resources_config.training_cti_md + json.dumps(trainings)
-
- # write markdown to file
- with open(os.path.join(site_config.resources_markdown_path, "training_cti.md"), "w", encoding="utf8") as md_file:
- md_file.write(training_cti_md)
-
- # Purple teaming fundamentals training
- training_purple_teaming_fundamentals_md = resources_config.training_purple_teaming_fundamentals_md + json.dumps(trainings)
-
- # write markdown to file
- with open(os.path.join(site_config.resources_markdown_path, "training_purple_teaming_fundamentals.md"), "w", encoding="utf8") as md_file:
- md_file.write(training_purple_teaming_fundamentals_md)
-
- # ATT&CK fundamentals training
- training_attack_fundamentals_md = resources_config.training_attack_fundamentals_md + json.dumps(trainings)
-
- # write markdown to file
- with open(os.path.join(site_config.resources_markdown_path, "training_attack_fundamentals.md"), "w", encoding="utf8") as md_file:
- md_file.write(training_attack_fundamentals_md)
-
- # ATT&CK adversary emulation training
- training_adversary_emulation_md = resources_config.training_adversary_emulation_md + json.dumps(trainings)
-
- # write markdown to file
- with open(os.path.join(site_config.resources_markdown_path, "training_adversary_emulation.md"), "w", encoding="utf8") as md_file:
- md_file.write(training_adversary_emulation_md)
-
- # ATT&CK access tokens technical primer training
- training_access_tokens_md = resources_config.training_access_tokens_md + json.dumps(trainings)
-
- # write markdown to file
- with open(os.path.join(site_config.resources_markdown_path, "training_access_tokens.md"), "w", encoding="utf8") as md_file:
- md_file.write(training_access_tokens_md)
-
- # ATT&CK soc assessments training
- training_soc_assessments_md = resources_config.training_soc_assessments_md + json.dumps(trainings)
-
- # write markdown to file
- with open(os.path.join(site_config.resources_markdown_path, "training_soc_assessments.md"), "w", encoding="utf8") as md_file:
- md_file.write(training_soc_assessments_md)
-
- # ATT&CK threat hunting training
- training_threat_hunting_md = resources_config.training_threat_hunting_md + json.dumps(trainings)
-
- # write markdown to file
- with open(os.path.join(site_config.resources_markdown_path, "training_threat_hunting.md"), "w", encoding="utf8") as md_file:
- md_file.write(training_threat_hunting_md)
-
- # ATT&CK detection engineering training
- training_detection_engineering_md = resources_config.training_detection_engineering_md + json.dumps(trainings)
-
- # write markdown to file
- with open(os.path.join(site_config.resources_markdown_path, "training_detection_engineering.md"), "w", encoding="utf8") as md_file:
- md_file.write(training_detection_engineering_md)
+ # Define a dictionary of training pages and their corresponding markdown templates
+ training_pages = {
+ "training": resources_config.training_md,
+ "training_cti": resources_config.training_cti_md,
+ "training_purple_teaming_fundamentals": resources_config.training_purple_teaming_fundamentals_md,
+ "training_attack_fundamentals": resources_config.training_attack_fundamentals_md,
+ "training_adversary_emulation": resources_config.training_adversary_emulation_md,
+ "training_access_tokens": resources_config.training_access_tokens_md,
+ "training_soc_assessments": resources_config.training_soc_assessments_md,
+ "training_threat_hunting": resources_config.training_threat_hunting_md,
+ "training_detection_engineering": resources_config.training_detection_engineering_md,
+ }
+
+ # Generate markdown for each training page and write it to a file
+ for page_name, page_template in training_pages.items():
+ page_content = page_template + json.dumps(trainings)
+ with open(os.path.join(site_config.resources_markdown_path, f"{page_name}.md"), "w", encoding="utf8") as md_file:
+ md_file.write(page_content)
def generate_brand_page():
"""Responsible for generating the markdown pages of the training pages."""
From 8bbc30dda00d4a4bb709cdde01751f67eb9c3307 Mon Sep 17 00:00:00 2001
From: Jared Ondricek
Date: Thu, 18 Jul 2024 14:22:01 -0500
Subject: [PATCH 17/19] Minor wording tweaks
---
modules/resources/templates/attackcon-overview.html | 2 +-
modules/resources/templates/attackcon.html | 7 ++++---
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/modules/resources/templates/attackcon-overview.html b/modules/resources/templates/attackcon-overview.html
index 9e3e2b33ea3..135bb546423 100644
--- a/modules/resources/templates/attackcon-overview.html
+++ b/modules/resources/templates/attackcon-overview.html
@@ -21,7 +21,7 @@
{% set conID = "-".join(con.date.split(' ')) %}
{{ con.title }}
-
+
{% set ifSponsor = "sponsors_img_list" in con %}
{% if "banner_img" in con %}
diff --git a/modules/resources/templates/attackcon.html b/modules/resources/templates/attackcon.html
index 0909c0a50d5..0fea914da0c 100644
--- a/modules/resources/templates/attackcon.html
+++ b/modules/resources/templates/attackcon.html
@@ -20,10 +20,11 @@
ATT&CKCon
- At MITRE ATT&CK's yearly conference, cybersecurity leaders and practitioners of all levels are
- invited to strengthen capabilities and engage with others in the community through two days of programming,
+ At MITRE ATT&CK's annual conference, cybersecurity leaders and practitioners of all levels are
+ invited to strengthen capabilities and engage with others in the community through multiple days of programming,
featuring knowledgeable speakers, engaging content, and meaningful collaboration, all designed to help
- leverage the ATT&CK framework. Browse the archive of presentations organized by event.
+ leverage the ATT&CK framework.
+ Browse the archive of presentations below.
Learn about future ATT&CKcons by keeping up with us at Engage with ATT&CK
From f4dc4b48d8b257b540ed709a5ad7aff2bda32b2a Mon Sep 17 00:00:00 2001
From: Jared Ondricek
Date: Thu, 18 Jul 2024 14:40:11 -0500
Subject: [PATCH 18/19] Update python version
---
.python-version | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.python-version b/.python-version
index 09dcc780875..1445aee866c 100644
--- a/.python-version
+++ b/.python-version
@@ -1 +1 @@
-3.10.11
+3.10.14
From b03bb5598a376e603ba077774d0236b4c76d12c6 Mon Sep 17 00:00:00 2001
From: Jared Ondricek
Date: Thu, 18 Jul 2024 14:46:09 -0500
Subject: [PATCH 19/19] Update website to 4.1.5
---
CHANGELOG.md | 11 +++++++++--
pyproject.toml | 2 +-
2 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index fda852bc9ee..f7c6be33387 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,9 +1,16 @@
+# v4.1.5 (2024-07-18)
+
+## Misc
+
+* Added new ATT&CK trainings.
+* Moved sidebar headings around to add ATT&CKcon to be at the top level.
+
# v4.1.4 (2024-06-19)
## Misc
-* Updated CTI Training to latest version
-* Updated banner related to ATT&CKcon 5.0
+* Updated CTI Training to latest version.
+* Updated banner related to ATT&CKcon 5.0.
# v4.1.3 (2024-05-02)
diff --git a/pyproject.toml b/pyproject.toml
index 26dcebd5e63..df3cbb5945d 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -6,7 +6,7 @@ profile = "black"
[tool.towncrier]
name = "ATT&CK website"
- version = "4.1.4"
+ version = "4.1.5"
filename = "CHANGELOG.md"
issue_format = "[#{issue}](https://github.com/mitre-attack/attack-website/issues/{issue})"
template = ".towncrier.template.md"