gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-01-26 03:04:56 -08:00
Code Issues Packages Projects Releases Wiki Activity

linter: improve linter-data.json opening and add documentation

Browse Source 
- Open linter-data.json in byte mode
- Add a comment explaining how to invoke the script
This commit is contained in:
Baptistin Boilot
2022-01-24 22:48:59 +01:00
parent 0c978a8def
commit 377c805fe7
2 changed files with 36 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
scripts/lint.py
View File

@@ -24,7 +24,6 @@ import difflib
import hashlib import hashlib
import inspect import inspect
import logging import logging
import os.path
import pathlib import pathlib
import argparse import argparse
import itertools import itertools
@@ -236,7 +235,7 @@ class InvalidAttckOrMbcTechnique(Lint):
super(InvalidAttckOrMbcTechnique, self).__init__() super(InvalidAttckOrMbcTechnique, self).__init__()
try: try:
with open("scripts/linter-data.json", "r") as fd: with open(f"{os.path.dirname(__file__)}/linter-data.json", "rb") as fd:
self.data = json.load(fd) self.data = json.load(fd)
self.enabled_frameworks = self.data.keys() self.enabled_frameworks = self.data.keys()
except BaseException: except BaseException:
@@ -247,7 +246,7 @@ class InvalidAttckOrMbcTechnique(Lint):
) )
self.enabled_frameworks = [] self.enabled_frameworks = []
# This regex match the format defined in the recommendation attribute # This regex matches the format defined in the recommendation attribute
self.reg = re.compile("^([a-zA-Z| ]+)::(.*) \[([A-Za-z0-9.]+)\]$") self.reg = re.compile("^([a-zA-Z| ]+)::(.*) \[([A-Za-z0-9.]+)\]$")
def _entry_check(self, framework, category, entry, eid): def _entry_check(self, framework, category, entry, eid):

34
scripts/setup-linter-dependencies.py
View File

@@ -1,3 +1,37 @@
"""
Generate capa linter-data.json, used to validate Att&ck/MBC IDs and names.
Use the --extractor option to extract data from Att&ck or MBC (or both) frameworks.
Use the --output to choose the output json file.
By default, the script will create a linter-data.json in the scripts/ directory for both frameworks.
Note: The capa rules linter will try to load from its default location (scripts/linter-data.json).
Usage:
usage: setup-linter-dependencies.py [-h] [--extractor {both,mbc,att&ck}] [--output OUTPUT]
Setup linter dependencies.
optional arguments:
-h, --help show this help message and exit
--extractor {both,mbc,att&ck}
Extractor that will be run
--output OUTPUT, -o OUTPUT
Path to output file (lint.py will be looking for linter-data.json)
Example:
$ python3 setup-linter-dependencies.py
2022-01-24 22:35:06,901 [INFO] Extracting Mitre Att&ck techniques...
2022-01-24 22:35:06,901 [INFO] Downloading STIX data at: https://raw.githubusercontent.com/mitre-attack/attack-stix-data/master/enterprise-attack/enterprise-attack.json
2022-01-24 22:35:13,001 [INFO] Starting extraction...
2022-01-24 22:35:39,395 [INFO] Extracting MBC behaviors...
2022-01-24 22:35:39,395 [INFO] Downloading STIX data at: https://raw.githubusercontent.com/MBCProject/mbc-stix2/master/mbc/mbc.json
2022-01-24 22:35:39,839 [INFO] Starting extraction...
2022-01-24 22:35:42,632 [INFO] Writing results to linter-data.json
"""
import json import json
import logging import logging
import argparse import argparse