mal-toolbox 0.3.7__py3-none-any.whl → 0.3.9__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {mal_toolbox-0.3.7.dist-info → mal_toolbox-0.3.9.dist-info}/METADATA +1 -1
- {mal_toolbox-0.3.7.dist-info → mal_toolbox-0.3.9.dist-info}/RECORD +12 -12
- maltoolbox/__init__.py +2 -2
- maltoolbox/attackgraph/attacker.py +4 -35
- maltoolbox/attackgraph/attackgraph.py +2 -10
- maltoolbox/attackgraph/query.py +2 -1
- maltoolbox/model.py +0 -1
- {mal_toolbox-0.3.7.dist-info → mal_toolbox-0.3.9.dist-info}/AUTHORS +0 -0
- {mal_toolbox-0.3.7.dist-info → mal_toolbox-0.3.9.dist-info}/LICENSE +0 -0
- {mal_toolbox-0.3.7.dist-info → mal_toolbox-0.3.9.dist-info}/WHEEL +0 -0
- {mal_toolbox-0.3.7.dist-info → mal_toolbox-0.3.9.dist-info}/entry_points.txt +0 -0
- {mal_toolbox-0.3.7.dist-info → mal_toolbox-0.3.9.dist-info}/top_level.txt +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.2
|
|
2
2
|
Name: mal-toolbox
|
|
3
|
-
Version: 0.3.
|
|
3
|
+
Version: 0.3.9
|
|
4
4
|
Summary: A collection of tools used to create MAL models and attack graphs.
|
|
5
5
|
Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>
|
|
6
6
|
License: Apache Software License
|
|
@@ -1,13 +1,13 @@
|
|
|
1
|
-
maltoolbox/__init__.py,sha256=
|
|
1
|
+
maltoolbox/__init__.py,sha256=JkIN_y8qUTsrb8GK-wQPVZCpHr7QPPJvFKPS07fst24,2088
|
|
2
2
|
maltoolbox/__main__.py,sha256=PSg8vFS8X-klJBJdSzrg0aLh9ykZgbcoSSEy3DTQoQQ,3499
|
|
3
3
|
maltoolbox/exceptions.py,sha256=0YjPx2v1yYumZ2o7pVZ1s_jS-GAb3Ng979KEFhROSNY,1399
|
|
4
4
|
maltoolbox/file_utils.py,sha256=tBR8Kjl8IoFzAtYaLNHNALuQrdMT3pD1ZpczHm1pu2g,1875
|
|
5
|
-
maltoolbox/model.py,sha256=
|
|
5
|
+
maltoolbox/model.py,sha256=Y3FKyWyRGPzJlpP92XRrWS52xVeKaz9rgOLoQJvJ808,24008
|
|
6
6
|
maltoolbox/attackgraph/__init__.py,sha256=AHDyX6dAkx3mDic2K56v1xche9N6ofDfbaHkKbdJ2qQ,230
|
|
7
|
-
maltoolbox/attackgraph/attacker.py,sha256=
|
|
8
|
-
maltoolbox/attackgraph/attackgraph.py,sha256=
|
|
7
|
+
maltoolbox/attackgraph/attacker.py,sha256=Lq7g_uFDvThU0wah-CiYA6oTshxt1TlgPJfkojlSyRQ,3132
|
|
8
|
+
maltoolbox/attackgraph/attackgraph.py,sha256=ppgKMUtEO0eE8SlB0xPij7qn4rqYQtalZ8frEs_oNWs,32435
|
|
9
9
|
maltoolbox/attackgraph/node.py,sha256=Ec67_u_8qf_MgCHaUg4wIbZFC013GWxbIsC8EjoguzE,6465
|
|
10
|
-
maltoolbox/attackgraph/query.py,sha256=
|
|
10
|
+
maltoolbox/attackgraph/query.py,sha256=iuaLAc3bMnQefgGa1g62re8-3yQrgBW_cS5W_DgWEjY,6835
|
|
11
11
|
maltoolbox/attackgraph/analyzers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
12
12
|
maltoolbox/attackgraph/analyzers/apriori.py,sha256=lMGuFj9v-X5v3jHLzLI5G4onZ443T5eukzWDuEnfA8k,8984
|
|
13
13
|
maltoolbox/ingestors/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -20,10 +20,10 @@ maltoolbox/language/compiler/mal_parser.py,sha256=sUoaE43l2VKg-Dou30mk2wlVS1FvdO
|
|
|
20
20
|
maltoolbox/translators/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
21
21
|
maltoolbox/translators/securicad.py,sha256=PJYjieioWN5tE_oKm83dtgV5UkC8EUH9Vsy3-FxBtUo,7017
|
|
22
22
|
maltoolbox/translators/updater.py,sha256=8bisZnzMWjGaG5tu8jdF-Oq6bPwIjXkVO-_yZDGc6cA,8652
|
|
23
|
-
mal_toolbox-0.3.
|
|
24
|
-
mal_toolbox-0.3.
|
|
25
|
-
mal_toolbox-0.3.
|
|
26
|
-
mal_toolbox-0.3.
|
|
27
|
-
mal_toolbox-0.3.
|
|
28
|
-
mal_toolbox-0.3.
|
|
29
|
-
mal_toolbox-0.3.
|
|
23
|
+
mal_toolbox-0.3.9.dist-info/AUTHORS,sha256=zxLrLe8EY39WtRKlAY4Oorx4Z2_LHV2ApRvDGZgY7xY,127
|
|
24
|
+
mal_toolbox-0.3.9.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
25
|
+
mal_toolbox-0.3.9.dist-info/METADATA,sha256=wcTz_RaFDSExGnLzYASNjjCbbreEAOmNFrGb3XItrYw,6158
|
|
26
|
+
mal_toolbox-0.3.9.dist-info/WHEEL,sha256=In9FTNxeP60KnTkGw7wk6mJPYd_dQSjEZmXdBdMCI-8,91
|
|
27
|
+
mal_toolbox-0.3.9.dist-info/entry_points.txt,sha256=oqby5O6cUP_OHCm70k_iYPA6UlbTBf7se1i3XwdK3uU,56
|
|
28
|
+
mal_toolbox-0.3.9.dist-info/top_level.txt,sha256=phqRVLRKGdSUgRY03mcpi2cmbbDo5YGjkV4gkqHFFcM,11
|
|
29
|
+
mal_toolbox-0.3.9.dist-info/RECORD,,
|
maltoolbox/__init__.py
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
# -*- encoding: utf-8 -*-
|
|
2
|
-
# MAL Toolbox v0.3.
|
|
2
|
+
# MAL Toolbox v0.3.9
|
|
3
3
|
# Copyright 2025, Andrei Buhaiu.
|
|
4
4
|
#
|
|
5
5
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
@@ -21,7 +21,7 @@ MAL-Toolbox Framework
|
|
|
21
21
|
"""
|
|
22
22
|
|
|
23
23
|
__title__ = "maltoolbox"
|
|
24
|
-
__version__ = "0.3.
|
|
24
|
+
__version__ = "0.3.9"
|
|
25
25
|
__authors__ = [
|
|
26
26
|
"Andrei Buhaiu",
|
|
27
27
|
"Giuseppe Nebbione",
|
|
@@ -3,7 +3,6 @@ MAL-Toolbox Attack Graph Attacker Class
|
|
|
3
3
|
"""
|
|
4
4
|
|
|
5
5
|
from __future__ import annotations
|
|
6
|
-
import copy
|
|
7
6
|
import logging
|
|
8
7
|
|
|
9
8
|
from typing import Optional
|
|
@@ -18,15 +17,15 @@ class Attacker:
|
|
|
18
17
|
def __init__(
|
|
19
18
|
self,
|
|
20
19
|
name: str,
|
|
21
|
-
entry_points: set[AttackGraphNode],
|
|
22
|
-
reached_attack_steps: set[AttackGraphNode],
|
|
20
|
+
entry_points: Optional[set[AttackGraphNode]] = None,
|
|
21
|
+
reached_attack_steps: Optional[set[AttackGraphNode]] = None,
|
|
23
22
|
attacker_id: Optional[int] = None
|
|
24
23
|
):
|
|
25
24
|
self.name = name
|
|
26
25
|
self.id = attacker_id
|
|
27
|
-
self.entry_points = entry_points
|
|
26
|
+
self.entry_points = entry_points or set()
|
|
28
27
|
self.reached_attack_steps: set[AttackGraphNode] = set()
|
|
29
|
-
for node in reached_attack_steps:
|
|
28
|
+
for node in reached_attack_steps or {}:
|
|
30
29
|
self.compromise(node)
|
|
31
30
|
|
|
32
31
|
def to_dict(self) -> dict:
|
|
@@ -49,36 +48,6 @@ class Attacker:
|
|
|
49
48
|
def __repr__(self) -> str:
|
|
50
49
|
return f'Attacker(name: "{self.name}", id: {self.id})'
|
|
51
50
|
|
|
52
|
-
def __deepcopy__(self, memo) -> Attacker:
|
|
53
|
-
"""Deep copy an Attacker
|
|
54
|
-
The deepcopy will copy over attacker specific information, name and
|
|
55
|
-
id, but it will not copy relations to attack graph nodes, reached
|
|
56
|
-
attack steps or entry points. These references should be recreated
|
|
57
|
-
when deepcopying the attack graph itself.
|
|
58
|
-
|
|
59
|
-
"""
|
|
60
|
-
|
|
61
|
-
# Check if the object is already in the memo dictionary
|
|
62
|
-
if id(self) in memo:
|
|
63
|
-
return memo[id(self)]
|
|
64
|
-
|
|
65
|
-
copied_attacker = Attacker(
|
|
66
|
-
name = self.name,
|
|
67
|
-
attacker_id = self.id,
|
|
68
|
-
entry_points = set(),
|
|
69
|
-
reached_attack_steps = set()
|
|
70
|
-
)
|
|
71
|
-
|
|
72
|
-
# Remember that self was already copied
|
|
73
|
-
memo[id(self)] = copied_attacker
|
|
74
|
-
|
|
75
|
-
copied_attacker.entry_points = copy.deepcopy(
|
|
76
|
-
self.entry_points, memo = memo)
|
|
77
|
-
copied_attacker.reached_attack_steps = copy.deepcopy(
|
|
78
|
-
self.reached_attack_steps, memo = memo)
|
|
79
|
-
|
|
80
|
-
return copied_attacker
|
|
81
|
-
|
|
82
51
|
def compromise(self, node: AttackGraphNode) -> None:
|
|
83
52
|
"""
|
|
84
53
|
Have the attacker compromise the node given as a parameter.
|
|
@@ -249,11 +249,7 @@ class AttackGraph():
|
|
|
249
249
|
_ag_node.parents.add(parent)
|
|
250
250
|
|
|
251
251
|
for attacker in serialized_attackers.values():
|
|
252
|
-
ag_attacker = Attacker(
|
|
253
|
-
name = attacker['name'],
|
|
254
|
-
entry_points = set(),
|
|
255
|
-
reached_attack_steps = set()
|
|
256
|
-
)
|
|
252
|
+
ag_attacker = Attacker(name = attacker['name'])
|
|
257
253
|
attack_graph.add_attacker(
|
|
258
254
|
attacker = ag_attacker,
|
|
259
255
|
attacker_id = int(attacker['id']),
|
|
@@ -330,11 +326,7 @@ class AttackGraph():
|
|
|
330
326
|
logger.error(msg)
|
|
331
327
|
raise AttackGraphException(msg)
|
|
332
328
|
|
|
333
|
-
attacker = Attacker(
|
|
334
|
-
name = attacker_info.name,
|
|
335
|
-
entry_points = set(),
|
|
336
|
-
reached_attack_steps = set()
|
|
337
|
-
)
|
|
329
|
+
attacker = Attacker(name = attacker_info.name)
|
|
338
330
|
self.add_attacker(attacker)
|
|
339
331
|
|
|
340
332
|
for (asset, attack_steps) in attacker_info.entry_points:
|
maltoolbox/attackgraph/query.py
CHANGED
|
@@ -144,7 +144,8 @@ def calculate_attack_surface(
|
|
|
144
144
|
attacker.id
|
|
145
145
|
)
|
|
146
146
|
attack_surface = set()
|
|
147
|
-
|
|
147
|
+
frontier = from_nodes if from_nodes is not None else attacker.reached_attack_steps
|
|
148
|
+
for attack_step in frontier:
|
|
148
149
|
logger.debug(
|
|
149
150
|
'Determine attack surface stemming from '
|
|
150
151
|
'"%s"(%d) for Attacker "%s"(%d).',
|
maltoolbox/model.py
CHANGED
|
@@ -464,7 +464,6 @@ class Model():
|
|
|
464
464
|
attackers_info = serialized_object['attackers']
|
|
465
465
|
for attacker_id in attackers_info:
|
|
466
466
|
attacker = AttackerAttachment(name = attackers_info[attacker_id]['name'])
|
|
467
|
-
attacker.entry_points = []
|
|
468
467
|
for asset_name, entry_points_dict in \
|
|
469
468
|
attackers_info[attacker_id]['entry_points'].items():
|
|
470
469
|
target_asset = model.get_asset_by_id(
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|