update example scripts

examples/get_all_mitigations_mitigating_all_techniques.py

@@ -9,7 +9,7 @@ def main():
 
     print(f"Mitigations mitigating techniques ({len(mitigations_mitigating.keys())} techniques):")
     for id, mitigations in mitigations_mitigating.items():
-        print(f"* {id} - mitigated by {len(mitigations)} {'mitigation' if len(mitigations) == 1 else 'mitigation'}")
+        print(f"* {id} - mitigated by {len(mitigations)} {'mitigation' if len(mitigations) == 1 else 'mitigations'}")
 
 
 if __name__ == "__main__":

examples/get_campaigns_by_alias.py

@@ -0,0 +1,14 @@
+from mitreattack.stix20 import MitreAttackData
+
+
+def main():
+    mitre_attack_data = MitreAttackData("enterprise-attack.json")
+
+    campaigns = mitre_attack_data.get_campaigns_by_alias("Frankenstein")
+
+    for campaign in campaigns:
+        print(f"{campaign.name} ({mitre_attack_data.get_attack_id(campaign.id)})")
+
+
+if __name__ == "__main__":
+    main()

examples/get_campaign_by_alias.py → examples/get_groups_by_alias.py

@@ -4,9 +4,10 @@
 def main():
     mitre_attack_data = MitreAttackData("enterprise-attack.json")
 
-    C0001 = mitre_attack_data.get_campaign_by_alias("Frankenstein")
+    groups = mitre_attack_data.get_groups_by_alias("Cozy Bear")
 
-    print(C0001.serialize(pretty=True))
+    for group in groups:
+        print(f"{group.name} ({mitre_attack_data.get_attack_id(group.id)})")
 
 
 if __name__ == "__main__":

examples/get_objects_by_name.py

@@ -0,0 +1,14 @@
+from mitreattack.stix20 import MitreAttackData
+
+
+def main():
+    mitre_attack_data = MitreAttackData("enterprise-attack.json")
+
+    techniques = mitre_attack_data.get_objects_by_name("System Information Discovery", "attack-pattern")
+
+    for technique in techniques:
+        print(technique.serialize(pretty=True))
+
+
+if __name__ == "__main__":
+    main()

examples/get_objects_created_after.py

@@ -6,7 +6,7 @@ def main():
 
     objects = mitre_attack_data.get_objects_created_after("2022-10-01T00:00:00.000Z")
 
-    print(f"There were {len(objects)} objects created after 1 October 2022")
+    print(f"There are {len(objects)} objects created after 1 October 2022")
 
 
 if __name__ == "__main__":

examples/get_objects_modified_after.py

@@ -7,7 +7,7 @@ def main():
     date = "2022-10-01"
     objects = mitre_attack_data.get_objects_modified_after(date)
 
-    print(f"There were {len(objects)} objects modified after {date}")
+    print(f"There are {len(objects)} objects modified after {date}")
 
 
 if __name__ == "__main__":

examples/get_procedure_examples_by_tactic.py

@@ -6,7 +6,7 @@ def print_procedure_examples(mitre_attack_data, attack_objects_using_technique):
         stix_object = attack_object["object"]
         attack_id = mitre_attack_data.get_attack_id(stix_id=stix_object["id"])
         name = stix_object["name"]
-        procedure_description = attack_object["relationship"].get("description")
+        procedure_description = attack_object["relationships"][0].get("description")
 
         print(f"[{attack_id}] {name}: {procedure_description}")
 

examples/get_software_by_alias.py

@@ -4,9 +4,10 @@
 def main():
     mitre_attack_data = MitreAttackData("enterprise-attack.json")
 
-    S0196 = mitre_attack_data.get_software_by_alias("ShellTea")
+    software = mitre_attack_data.get_software_by_alias("ShellTea")
 
-    print(S0196.serialize(pretty=True))
+    for s in software:
+        print(f"{s.name} ({mitre_attack_data.get_attack_id(s.id)})")
 
 
 if __name__ == "__main__":