PyPI - mal-toolbox - Versions diffs - 0.3.4__tar.gz → 0.3.6__tar.gz - Mend

mal-toolbox 0.3.4tar.gz → 0.3.6tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (35) hide show

{mal_toolbox-0.3.4/mal_toolbox.egg-info → mal_toolbox-0.3.6}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.2
 Name: mal-toolbox
-Version: 0.3.4
+Version: 0.3.6
 Summary: A collection of tools used to create MAL models and attack graphs.
 Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>
 License: Apache Software License

{mal_toolbox-0.3.4 → mal_toolbox-0.3.6/mal_toolbox.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.2
 Name: mal-toolbox
-Version: 0.3.4
+Version: 0.3.6
 Summary: A collection of tools used to create MAL models and attack graphs.
 Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>
 License: Apache Software License

{mal_toolbox-0.3.4 → mal_toolbox-0.3.6}/maltoolbox/__init__.py RENAMED Viewed

@@ -1,6 +1,6 @@
 # -*- encoding: utf-8 -*-
-# MAL Toolbox v0.3.4
-# Copyright 2024, Andrei Buhaiu.
+# MAL Toolbox v0.3.6
+# Copyright 2025, Andrei Buhaiu.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -21,7 +21,7 @@ MAL-Toolbox Framework
 """
 __title__ = "maltoolbox"
-__version__ = "0.3.4"
+__version__ = "0.3.6"
 __authors__ = [
     "Andrei Buhaiu",
     "Giuseppe Nebbione",

{mal_toolbox-0.3.4 → mal_toolbox-0.3.6}/maltoolbox/attackgraph/attacker.py RENAMED Viewed

@@ -23,9 +23,11 @@ class Attacker:
         attacker_id: Optional[int] = None
     ):
         self.name = name
-        self.entry_points = entry_points
-        self.reached_attack_steps = reached_attack_steps
         self.id = attacker_id
+        self.entry_points = entry_points
+        self.reached_attack_steps: set[AttackGraphNode] = set()
+        for node in reached_attack_steps:
+            self.compromise(node)
     def to_dict(self) -> dict:
         attacker_dict: dict = {

{mal_toolbox-0.3.4 → mal_toolbox-0.3.6}/maltoolbox/model.py RENAMED Viewed

@@ -152,11 +152,6 @@ class Model():
         self.lang_graph = lang_graph
         self.maltoolbox_version: str = mt_version
-        # Below sets used to check for duplicate names or ids,
-        # better for optimization than iterating over all assets
-        self.asset_ids: set[int] = set()
-        self.asset_names: set[str] = set()
     def add_asset(
             self,
@@ -192,16 +187,15 @@ class Model():
         # Set asset ID and check for duplicates
         asset_id = asset_id or self.next_id
-        if asset_id in self.asset_ids:
+        if asset_id in self.assets:
             raise ValueError(f'Asset index {asset_id} already in use.')
-        self.asset_ids.add(asset_id)
         self.next_id = max(asset_id + 1, self.next_id)
         if not name:
             name = asset_type + ':' + str(asset_id)
         else:
-            if name in self.asset_names:
+            if name in self._name_to_asset:
                 if allow_duplicate_names:
                     name = name + ':' + str(asset_id)
                 else:
@@ -209,7 +203,6 @@ class Model():
                         f'Asset name {name} is a duplicate'
                         ' and we do not allow duplicates.'
                     )
-        self.asset_names.add(name)
         lg_asset = self.lang_graph.assets[asset_type]
@@ -252,7 +245,10 @@ class Model():
             )
         # First remove all of the associated assets
-        for fieldname, assoc_assets in asset.associated_assets.items():
+        # We can not remove from the dict while iterating over it
+        # so we first have to copy the keys and then remove those assets
+        associated_fieldnames = dict(asset.associated_assets)
+        for fieldname, assoc_assets in associated_fieldnames.items():
             asset.remove_associated_assets(fieldname, assoc_assets)
         # Also remove all of the entry points
@@ -656,17 +652,13 @@ class ModelAsset:
                 other_fieldname, set()
             ).add(self)
-    def remove_associated_assets(self, fieldname: str,
-        assets: set[ModelAsset]):
+    def remove_associated_assets(
+            self, fieldname: str, assets: set[ModelAsset]):
         """ Remove the assets provided as a parameter from the set of
         associated assets dictionary entry corresponding to the fieldname
         parameter.
         """
-        self._associated_assets[fieldname] -= set(assets)
-        if len(self._associated_assets[fieldname]) == 0:
-            del self._associated_assets[fieldname]
-        # Also remove this asset to the associated assets' dictionaries
+        # Remove this asset from its associated assets' dictionaries
         lg_assoc = self.lg_asset.associations[fieldname]
         other_fieldname = lg_assoc.get_opposite_fieldname(fieldname)
         for asset in assets:
@@ -674,6 +666,11 @@ class ModelAsset:
             if len(asset._associated_assets[other_fieldname]) == 0:
                 del asset._associated_assets[other_fieldname]
+        # Remove associated assets from this asset
+        self._associated_assets[fieldname] -= set(assets)
+        if len(self._associated_assets[fieldname]) == 0:
+            del self._associated_assets[fieldname]
     @property
     def associated_assets(self):

{mal_toolbox-0.3.4 → mal_toolbox-0.3.6}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "mal-toolbox"
-version = "0.3.4"
+version = "0.3.6"
 authors = [
   { name="Andrei Buhaiu", email="buhaiu@kth.se" },
   { name="Joakim Loxdal", email="loxdal@kth.se" },

{mal_toolbox-0.3.4 → mal_toolbox-0.3.6}/tests/test_model.py RENAMED Viewed

@@ -230,16 +230,23 @@ def test_model_add_asset_duplicate_name(model: Model):
     assert len(model.assets) == 2
-def test_model_remove_asset(model: Model):
+def test_model_remove_asset_with_association(model: Model):
     """Remove assets from a model"""
     # Add two program assets to the model
     asset1 = model.add_asset(asset_type = 'Application')
     asset2 = model.add_asset(asset_type = 'Application')
+    asset1.add_associated_assets('hostApp', {asset2})
+    assert asset1.associated_assets == {'hostApp': {asset2}}
+    assert asset2.associated_assets == {'appExecutedApps': {asset1}}
     num_assets_before = len(model.assets)
     model.remove_asset(asset1)
+    assert asset1.associated_assets == {}
+    assert asset2.associated_assets == {}
     # Make sure asset asset1 was deleted, but asset2 still exists
     assert asset1 not in model.assets.values()
     assert asset2 in model.assets.values()
@@ -362,6 +369,7 @@ def test_model_remove_associated_asset(model: Model):
     # removed from assets and model
     asset1.remove_associated_assets(
         fieldname = 'appExecutedApps', assets = {asset2})
     assert 'appExecutedApps' not in asset1.associated_assets
     assert 'hostApp' not in asset2.associated_assets