diff --git a/examples/get_all_mitigations_mitigating_all_techniques.py b/examples/get_all_mitigations_mitigating_all_techniques.py index 78048e9c..3ee5cf55 100644 --- a/examples/get_all_mitigations_mitigating_all_techniques.py +++ b/examples/get_all_mitigations_mitigating_all_techniques.py @@ -9,7 +9,7 @@ def main(): print(f"Mitigations mitigating techniques ({len(mitigations_mitigating.keys())} techniques):") for id, mitigations in mitigations_mitigating.items(): - print(f"* {id} - mitigated by {len(mitigations)} {'mitigation' if len(mitigations) == 1 else 'mitigation'}") + print(f"* {id} - mitigated by {len(mitigations)} {'mitigation' if len(mitigations) == 1 else 'mitigations'}") if __name__ == "__main__": diff --git a/examples/get_campaigns_by_alias.py b/examples/get_campaigns_by_alias.py new file mode 100644 index 00000000..c37de79c --- /dev/null +++ b/examples/get_campaigns_by_alias.py @@ -0,0 +1,14 @@ +from mitreattack.stix20 import MitreAttackData + + +def main(): + mitre_attack_data = MitreAttackData("enterprise-attack.json") + + campaigns = mitre_attack_data.get_campaigns_by_alias("Frankenstein") + + for campaign in campaigns: + print(f"{campaign.name} ({mitre_attack_data.get_attack_id(campaign.id)})") + + +if __name__ == "__main__": + main() diff --git a/examples/get_group_by_alias.py b/examples/get_group_by_alias.py deleted file mode 100644 index 62ee0f43..00000000 --- a/examples/get_group_by_alias.py +++ /dev/null @@ -1,13 +0,0 @@ -from mitreattack.stix20 import MitreAttackData - - -def main(): - mitre_attack_data = MitreAttackData("enterprise-attack.json") - - G0016 = mitre_attack_data.get_group_by_alias("Cozy Bear") - - print(G0016.serialize(pretty=True)) - - -if __name__ == "__main__": - main() diff --git a/examples/get_campaign_by_alias.py b/examples/get_groups_by_alias.py similarity index 50% rename from examples/get_campaign_by_alias.py rename to examples/get_groups_by_alias.py index fe4473f6..6ffce3a0 100644 --- a/examples/get_campaign_by_alias.py +++ b/examples/get_groups_by_alias.py @@ -4,9 +4,10 @@ def main(): mitre_attack_data = MitreAttackData("enterprise-attack.json") - C0001 = mitre_attack_data.get_campaign_by_alias("Frankenstein") + groups = mitre_attack_data.get_groups_by_alias("Cozy Bear") - print(C0001.serialize(pretty=True)) + for group in groups: + print(f"{group.name} ({mitre_attack_data.get_attack_id(group.id)})") if __name__ == "__main__": diff --git a/examples/get_object_by_name.py b/examples/get_object_by_name.py deleted file mode 100644 index 8f2879d6..00000000 --- a/examples/get_object_by_name.py +++ /dev/null @@ -1,13 +0,0 @@ -from mitreattack.stix20 import MitreAttackData - - -def main(): - mitre_attack_data = MitreAttackData("enterprise-attack.json") - - T1082 = mitre_attack_data.get_object_by_name("System Information Discovery", "attack-pattern") - - print(T1082.serialize(pretty=True)) - - -if __name__ == "__main__": - main() diff --git a/examples/get_objects_by_name.py b/examples/get_objects_by_name.py new file mode 100644 index 00000000..4c93485f --- /dev/null +++ b/examples/get_objects_by_name.py @@ -0,0 +1,14 @@ +from mitreattack.stix20 import MitreAttackData + + +def main(): + mitre_attack_data = MitreAttackData("enterprise-attack.json") + + techniques = mitre_attack_data.get_objects_by_name("System Information Discovery", "attack-pattern") + + for technique in techniques: + print(technique.serialize(pretty=True)) + + +if __name__ == "__main__": + main() diff --git a/examples/get_objects_created_after.py b/examples/get_objects_created_after.py index c61fe322..358cceb4 100644 --- a/examples/get_objects_created_after.py +++ b/examples/get_objects_created_after.py @@ -6,7 +6,7 @@ def main(): objects = mitre_attack_data.get_objects_created_after("2022-10-01T00:00:00.000Z") - print(f"There were {len(objects)} objects created after 1 October 2022") + print(f"There are {len(objects)} objects created after 1 October 2022") if __name__ == "__main__": diff --git a/examples/get_objects_modified_after.py b/examples/get_objects_modified_after.py index c9ff86cf..4ec9f258 100644 --- a/examples/get_objects_modified_after.py +++ b/examples/get_objects_modified_after.py @@ -7,7 +7,7 @@ def main(): date = "2022-10-01" objects = mitre_attack_data.get_objects_modified_after(date) - print(f"There were {len(objects)} objects modified after {date}") + print(f"There are {len(objects)} objects modified after {date}") if __name__ == "__main__": diff --git a/examples/get_procedure_examples_by_tactic.py b/examples/get_procedure_examples_by_tactic.py index f76d97c9..89e9264e 100644 --- a/examples/get_procedure_examples_by_tactic.py +++ b/examples/get_procedure_examples_by_tactic.py @@ -6,7 +6,7 @@ def print_procedure_examples(mitre_attack_data, attack_objects_using_technique): stix_object = attack_object["object"] attack_id = mitre_attack_data.get_attack_id(stix_id=stix_object["id"]) name = stix_object["name"] - procedure_description = attack_object["relationship"].get("description") + procedure_description = attack_object["relationships"][0].get("description") print(f"[{attack_id}] {name}: {procedure_description}") diff --git a/examples/get_software_by_alias.py b/examples/get_software_by_alias.py index c4ec6ed5..81082890 100644 --- a/examples/get_software_by_alias.py +++ b/examples/get_software_by_alias.py @@ -4,9 +4,10 @@ def main(): mitre_attack_data = MitreAttackData("enterprise-attack.json") - S0196 = mitre_attack_data.get_software_by_alias("ShellTea") + software = mitre_attack_data.get_software_by_alias("ShellTea") - print(S0196.serialize(pretty=True)) + for s in software: + print(f"{s.name} ({mitre_attack_data.get_attack_id(s.id)})") if __name__ == "__main__":