Skip to content
This repository has been archived by the owner on Feb 8, 2019. It is now read-only.
/ stix-capecbuilder Public archive

CAPEC builder script that generates STIX TTP objects

License

Notifications You must be signed in to change notification settings

ukncsc/stix-capecbuilder

Repository files navigation

Copyright (c) 2016 Crown Copyright (NCSC)

Permission is hereby granted, free of charge, to use, copy, modify, merge, distribute and/or sub-licence the software together with any associated documentation provided that it is solely for your own internal use and subject to the following conditions:

(1) The above copyright notice and this permission notice shall be included in all copies or substantial portions of the software.

(2) THIS SOFTWARE IS PROVIDED "AS IS" WITHOUT ANY WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN ANY ACTION FOR CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

CAPEC-Builder

Code Health

CAPEC Builder script that generates STIX TTP objects.

This script will looks at the first argument given to the script as a CAPCE ID and look it up from the CAPCE XML file (capec_2-8.xml). The output will be a TTP object based from that CAPEC ID including the following information:

  • Referenced CAPEC ID
  • Description
  • Title
  • Related TTPs
  • Information Source

Status

The script is still under active development and as such shouldn't be considered a finished product.

Setup

To install the script you can clone the repository using git clone.

Before using the script you will need setup the config file with your own settings:

Before using this script you will need to setup the configuration file with your own settings:

  1. Make a copy of the config.json.template file and rename it to config.json.
  2. Enter your own settings inside your config.json file.
  • The stix key defines your namespace and prefix.
  • The capec-file key defines the location and name of the CAPEC XML content file.

Once setup your file should look like this:

{
  "capec-file": "capec_2-8.xml",
  "ingest": [
    {
      "active": false,
      "endpoint": "http://kb.avengers.com/adapter/certuk_mod/import/",
      "user": "bot"
    }
  ],
  "stix": [
    {
      "ns": "http://avengers.com",
      "ns_prefix": "avengers"
    }
  ],
  "taxii": [
    {
      "active": false,
      "binding": "urn:stix.mitre.org:xml:1.1.1",
      "discovery_path": "/taxii-discovery-service",
      "host": "kb.avengers.com",
      "inbox_path": "/taxii-data",
      "password": "password",
      "ssl": false,
      "username": "username"
    }
  ]
}

Usage

From a terminal/command prompt your can specify the CAPEC ID as the argument to build a TTP based on that CAPEC.

$ python capecbuilder.py 202

Example Output

An example output can be found in the Example file. This examples uses CAPEC 202.

About

CAPEC builder script that generates STIX TTP objects

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages