mal-toolbox 0.1.6__py3-none-any.whl → 0.1.8__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {mal_toolbox-0.1.6.dist-info → mal_toolbox-0.1.8.dist-info}/METADATA +3 -1
- {mal_toolbox-0.1.6.dist-info → mal_toolbox-0.1.8.dist-info}/RECORD +8 -8
- {mal_toolbox-0.1.6.dist-info → mal_toolbox-0.1.8.dist-info}/WHEEL +1 -1
- maltoolbox/__init__.py +2 -2
- maltoolbox/model.py +103 -2
- {mal_toolbox-0.1.6.dist-info → mal_toolbox-0.1.8.dist-info}/AUTHORS +0 -0
- {mal_toolbox-0.1.6.dist-info → mal_toolbox-0.1.8.dist-info}/LICENSE +0 -0
- {mal_toolbox-0.1.6.dist-info → mal_toolbox-0.1.8.dist-info}/top_level.txt +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: mal-toolbox
|
|
3
|
-
Version: 0.1.
|
|
3
|
+
Version: 0.1.8
|
|
4
4
|
Summary: A collection of tools used to create MAL models and attack graphs.
|
|
5
5
|
Author-email: Andrei Buhaiu <buhaiu@kth.se>, Giuseppe Nebbione <nebbione@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Joakim Loxdal <loxdal@kth.se>
|
|
6
6
|
License: Apache Software License
|
|
@@ -33,6 +33,8 @@ MAL ([Meta Attack Language](https://mal-lang.org/)) models and attack graphs.
|
|
|
33
33
|
Attack graphs can be used to run simulations (see MAL Simulator) or analysis.
|
|
34
34
|
MAL Toolbox also gives the ability to view the AttackGraph/Model graphically in neo4j.
|
|
35
35
|
|
|
36
|
+
[Documentation](https://mal-lang.org/mal-toolbox/index.html)(Work in progress)
|
|
37
|
+
|
|
36
38
|
## The Language Module
|
|
37
39
|
|
|
38
40
|
The language module provides various tools to process MAL languages.
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
maltoolbox/__init__.py,sha256=
|
|
1
|
+
maltoolbox/__init__.py,sha256=c31l952N_1NVtHOSM-r2F5gL-RwHqye846B524iVwx4,2776
|
|
2
2
|
maltoolbox/__main__.py,sha256=1lOOOme_y56VWrEE1jkarTt-WoUo9yilCo8sUrivyns,2680
|
|
3
3
|
maltoolbox/default.conf,sha256=YLGBSJh2q8hn3RzRRBbib9F6E6pcvquoHeALMRtA0wU,295
|
|
4
4
|
maltoolbox/exceptions.py,sha256=0YjPx2v1yYumZ2o7pVZ1s_jS-GAb3Ng979KEFhROSNY,1399
|
|
5
5
|
maltoolbox/file_utils.py,sha256=6KFEEZvf9x8yfNAq7hadF7lUGlLimNFMJ0W_DK2rh6Q,2024
|
|
6
|
-
maltoolbox/model.py,sha256=
|
|
6
|
+
maltoolbox/model.py,sha256=1HuH58skm1StcKtvMFO-iXkpLOaauB9YSEv1XNdW_-Y,30406
|
|
7
7
|
maltoolbox/wrappers.py,sha256=BYYNcIdTlyumADQCPcy1xmPEabfmi0P1l9RcbdVWm9w,2002
|
|
8
8
|
maltoolbox/attackgraph/__init__.py,sha256=F6maWV2PYSH5xtbqozeM3IolalWQqs-tdaCG2ywbqKI,102
|
|
9
9
|
maltoolbox/attackgraph/attacker.py,sha256=hmJtgcwtQgz0r9J_0Pgm7ktfKpFE3dp-HJ2TOz1NiWw,2880
|
|
@@ -24,9 +24,9 @@ maltoolbox/language/compiler/mal_visitor.py,sha256=9gG06D7GZKlBY-62SmbIkRYkGBUBI
|
|
|
24
24
|
maltoolbox/translators/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
25
25
|
maltoolbox/translators/securicad.py,sha256=FAIHnoqFTmNYbCGxLsK6pX5g1oiNFfPTqkT_3qq3GG8,6692
|
|
26
26
|
maltoolbox/translators/updater.py,sha256=Ap08-AsU_7or5ESQvZL2i4nWz3B5pvgfftZyc_-Gd8M,4766
|
|
27
|
-
mal_toolbox-0.1.
|
|
28
|
-
mal_toolbox-0.1.
|
|
29
|
-
mal_toolbox-0.1.
|
|
30
|
-
mal_toolbox-0.1.
|
|
31
|
-
mal_toolbox-0.1.
|
|
32
|
-
mal_toolbox-0.1.
|
|
27
|
+
mal_toolbox-0.1.8.dist-info/AUTHORS,sha256=zxLrLe8EY39WtRKlAY4Oorx4Z2_LHV2ApRvDGZgY7xY,127
|
|
28
|
+
mal_toolbox-0.1.8.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
29
|
+
mal_toolbox-0.1.8.dist-info/METADATA,sha256=qzQgXn7tofBgGq_HKWwqk7NFLcQnQobIVI8oYNqNRcY,5953
|
|
30
|
+
mal_toolbox-0.1.8.dist-info/WHEEL,sha256=Mdi9PDNwEZptOjTlUcAth7XJDFtKrHYaQMPulZeBCiQ,91
|
|
31
|
+
mal_toolbox-0.1.8.dist-info/top_level.txt,sha256=phqRVLRKGdSUgRY03mcpi2cmbbDo5YGjkV4gkqHFFcM,11
|
|
32
|
+
mal_toolbox-0.1.8.dist-info/RECORD,,
|
maltoolbox/__init__.py
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
# -*- encoding: utf-8 -*-
|
|
2
|
-
# MAL Toolbox v0.1.
|
|
2
|
+
# MAL Toolbox v0.1.8
|
|
3
3
|
# Copyright 2024, Andrei Buhaiu.
|
|
4
4
|
#
|
|
5
5
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
@@ -21,7 +21,7 @@ MAL-Toolbox Framework
|
|
|
21
21
|
"""
|
|
22
22
|
|
|
23
23
|
__title__ = 'maltoolbox'
|
|
24
|
-
__version__ = '0.1.
|
|
24
|
+
__version__ = '0.1.8'
|
|
25
25
|
__authors__ = ['Andrei Buhaiu',
|
|
26
26
|
'Giuseppe Nebbione',
|
|
27
27
|
'Nikolaos Kakouros',
|
maltoolbox/model.py
CHANGED
|
@@ -28,10 +28,105 @@ logger = logging.getLogger(__name__)
|
|
|
28
28
|
|
|
29
29
|
@dataclass
|
|
30
30
|
class AttackerAttachment:
|
|
31
|
-
"""Used to attach attackers to attack step
|
|
31
|
+
"""Used to attach attackers to attack step entry points of assets"""
|
|
32
32
|
id: Optional[int] = None
|
|
33
33
|
name: Optional[str] = None
|
|
34
|
-
entry_points: list[tuple] =
|
|
34
|
+
entry_points: list[tuple[SchemaGeneratedClass, list[str]]] = \
|
|
35
|
+
field(default_factory=lambda: [])
|
|
36
|
+
|
|
37
|
+
|
|
38
|
+
def get_entry_point_tuple(
|
|
39
|
+
self,
|
|
40
|
+
asset: SchemaGeneratedClass
|
|
41
|
+
) -> Optional[tuple[SchemaGeneratedClass, list[str]]]:
|
|
42
|
+
"""Return an entry point tuple of an AttackerAttachment matching the
|
|
43
|
+
asset provided.
|
|
44
|
+
|
|
45
|
+
|
|
46
|
+
Arguments:
|
|
47
|
+
asset - the asset to add entry point to
|
|
48
|
+
|
|
49
|
+
Return:
|
|
50
|
+
The entry point tuple containing the asset and the list of attack
|
|
51
|
+
steps if the asset has any entry points defined for this attacker
|
|
52
|
+
attachemnt.
|
|
53
|
+
None, otherwise.
|
|
54
|
+
"""
|
|
55
|
+
return next((ep_tuple for ep_tuple in self.entry_points
|
|
56
|
+
if ep_tuple[0] == asset), None)
|
|
57
|
+
|
|
58
|
+
|
|
59
|
+
def add_entry_point(
|
|
60
|
+
self, asset: SchemaGeneratedClass, attackstep_name: str):
|
|
61
|
+
"""Add an entry point to an AttackerAttachment
|
|
62
|
+
|
|
63
|
+
self.entry_points contain tuples, first element of each tuple
|
|
64
|
+
is an asset, second element is a list of attack step names that
|
|
65
|
+
are entry points for the attacker.
|
|
66
|
+
|
|
67
|
+
Arguments:
|
|
68
|
+
asset - the asset to add the entry point to
|
|
69
|
+
attackstep_name - the name of the attack step to add as an entry point
|
|
70
|
+
"""
|
|
71
|
+
|
|
72
|
+
logger.debug(
|
|
73
|
+
f'Add entry point "{attackstep_name}" on asset "{asset.name}" '
|
|
74
|
+
f'to AttackerAttachment "{self.name}".'
|
|
75
|
+
)
|
|
76
|
+
|
|
77
|
+
# Get the entry point tuple for the asset if it already exists
|
|
78
|
+
entry_point_tuple = self.get_entry_point_tuple(asset)
|
|
79
|
+
|
|
80
|
+
if entry_point_tuple:
|
|
81
|
+
if attackstep_name not in entry_point_tuple[1]:
|
|
82
|
+
# If it exists and does not already have the attack step,
|
|
83
|
+
# add it
|
|
84
|
+
entry_point_tuple[1].append(attackstep_name)
|
|
85
|
+
else:
|
|
86
|
+
logger.info(
|
|
87
|
+
f'Entry point "{attackstep_name}" on asset "{asset.name}"'
|
|
88
|
+
f' already existed for AttackerAttachment "{self.name}".'
|
|
89
|
+
)
|
|
90
|
+
else:
|
|
91
|
+
# Otherwise, create the entry point tuple and the initial entry
|
|
92
|
+
# point
|
|
93
|
+
self.entry_points.append((asset, [attackstep_name]))
|
|
94
|
+
|
|
95
|
+
def remove_entry_point(
|
|
96
|
+
self, asset: SchemaGeneratedClass, attackstep_name: str):
|
|
97
|
+
"""Remove an entry point from an AttackerAttachment if it exists
|
|
98
|
+
|
|
99
|
+
Arguments:
|
|
100
|
+
asset - the asset to remove the entry point from
|
|
101
|
+
"""
|
|
102
|
+
|
|
103
|
+
logger.debug(
|
|
104
|
+
f'Remove entry point "{attackstep_name}" on asset "{asset.name}" '
|
|
105
|
+
f'from AttackerAttachment "{self.name}".'
|
|
106
|
+
)
|
|
107
|
+
|
|
108
|
+
# Get the entry point tuple for the asset if it exists
|
|
109
|
+
entry_point_tuple = self.get_entry_point_tuple(asset)
|
|
110
|
+
|
|
111
|
+
if entry_point_tuple:
|
|
112
|
+
if attackstep_name in entry_point_tuple[1]:
|
|
113
|
+
# If it exists and not already has the attack step, add it
|
|
114
|
+
entry_point_tuple[1].remove(attackstep_name)
|
|
115
|
+
else:
|
|
116
|
+
logger.warning(
|
|
117
|
+
f'Failed to find entry point "{attackstep_name}" on '
|
|
118
|
+
f'asset "{asset.name}" for AttackerAttachment '
|
|
119
|
+
f'"{self.name}". Nothing to remove.'
|
|
120
|
+
)
|
|
121
|
+
|
|
122
|
+
if not entry_point_tuple[1]:
|
|
123
|
+
self.entry_points.remove(entry_point_tuple)
|
|
124
|
+
else:
|
|
125
|
+
logger.warning(
|
|
126
|
+
f'Failed to find entry points on asset "{asset.name}" '
|
|
127
|
+
f'for AttackerAttachment "{self.name}". Nothing to remove.'
|
|
128
|
+
)
|
|
129
|
+
|
|
35
130
|
|
|
36
131
|
class Model():
|
|
37
132
|
"""An implementation of a MAL language with assets and associations"""
|
|
@@ -133,6 +228,12 @@ class Model():
|
|
|
133
228
|
for association in asset.associations:
|
|
134
229
|
self.remove_asset_from_association(asset, association)
|
|
135
230
|
|
|
231
|
+
# Also remove all of the entry points
|
|
232
|
+
for attacker in self.attackers:
|
|
233
|
+
entry_point_tuple = attacker.get_entry_point_tuple(asset)
|
|
234
|
+
if entry_point_tuple:
|
|
235
|
+
attacker.entry_points.remove(entry_point_tuple)
|
|
236
|
+
|
|
136
237
|
self.assets.remove(asset)
|
|
137
238
|
|
|
138
239
|
def remove_asset_from_association(
|
|
File without changes
|
|
File without changes
|
|
File without changes
|