PyPI - mal-toolbox - Versions diffs - 1.0.5__tar.gz → 1.0.7__tar.gz - Mend

mal-toolbox 1.0.5tar.gz → 1.0.7tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (39) hide show

{mal_toolbox-1.0.5/mal_toolbox.egg-info → mal_toolbox-1.0.7}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mal-toolbox
-Version: 1.0.5
+Version: 1.0.7
 Summary: A collection of tools used to create MAL models and attack graphs.
 Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>, Sandor Berglund <sandor@kth.se>
 License: Apache Software License
@@ -34,21 +34,13 @@ MAL ([Meta Attack Language](https://mal-lang.org/)) models and attack graphs.
 Attack graphs can be used to run simulations in [MAL Simulator](https://github.com/mal-lang/mal-simulator) or run your own custom analysis on.
-[Documentation](https://mal-lang.org/mal-toolbox/index.html)(Work in progress)
+- [MAL Toolbox Documentation](https://mal-lang.org/mal-toolbox/index.html)
+- [MAL Toolbox tutorial](https://github.com/mal-lang/mal-toolbox-tutorial)
 ## The Language Module
 The language module provides various tools to process MAL languages.
-### The Language Specification Submodule
-The language specification submodule provides functions to load the
-specification from a .mar archive(`load_language_specification_from_mar`) or a
-JSON file(`load_language_specification_from_json`). This specification will
-then be used to generate python classes representing the assets and
-associations of the language and to determine the attack steps for each asset
-when generating the attack graph.
 ## The Model Module
 With a MAL language a Model (a MAL instance model) can be created either
@@ -72,12 +64,6 @@ nodes related and the asset field which will contain the object in the model
 instance to which this attack step belongs to, if this information is
 available.
-## Ingestors Module
-The ingestors module contains various tools that can make use of the instance
-model or attack graph. Currently the Neo4J ingestor is the only one available
-and it can be used to visualise the instance model and the attack graph.
 # Usage
@@ -100,6 +86,11 @@ logging:
   model_file: "logs/model.yml"
   langspec_file: "logs/langspec_file.yml"
   langgraph_file: "logs/langspec_file.yml"
+neo4j:
+  uri: None
+  username: None
+  password: None
+  dbname: None
 ```
 Alternatively, you can use the `MALTOOLBOX_CONFIG`
@@ -143,12 +134,49 @@ Options:
 Notes:
     - <lang_file> can be either a .mar file (generated by the older MAL
       compiler) or a .mal file containing the DSL written in MAL.```
+```
 ## Code examples / Tutorial
-To find code examples and tutorials, visit the
+To find more code examples and tutorials, visit the
 [MAL Toolbox Tutorial](https://github.com/mal-lang/mal-toolbox-tutorial/tree/main) repository.
+### Load a language
+```python
+from maltoolbox.language import LanguageGraph
+# Will load the MAL language (.mal/.mar) or a saved language graph (yml/json)
+lang_graph = LanguageGraph.load_from_file(lang_file_path)
+```
+### Generate a model
+```python
+from maltoolbox.model import Model
+# Create an empty model
+instance_model = Model("Example Model", lang_graph)
+# Create and add assets of type supported by the MAL language
+asset1 = instance_model.add_asset('Application', 'Application1')
+asset2 = instance_model.add_asset('Application', 'Application2')
+# Create association between the assets
+asset1.add_associated_assets('appExecutedApps', asset2)
+```
+## Generate an attack graph
+```python
+from maltoolbox.attackgraph import AttackGraph
+attack_graph = AttackGraph(lang_graph, model)
+```
 # Tests
 There are unit tests inside of ./tests.
 Before running the tests, make sure to install the requirements in ./tests/requirements.txt with `python -m pip install -r ./tests/requirements.txt`.

{mal_toolbox-1.0.5 → mal_toolbox-1.0.7}/README.md RENAMED Viewed

@@ -5,21 +5,13 @@ MAL ([Meta Attack Language](https://mal-lang.org/)) models and attack graphs.
 Attack graphs can be used to run simulations in [MAL Simulator](https://github.com/mal-lang/mal-simulator) or run your own custom analysis on.
-[Documentation](https://mal-lang.org/mal-toolbox/index.html)(Work in progress)
+- [MAL Toolbox Documentation](https://mal-lang.org/mal-toolbox/index.html)
+- [MAL Toolbox tutorial](https://github.com/mal-lang/mal-toolbox-tutorial)
 ## The Language Module
 The language module provides various tools to process MAL languages.
-### The Language Specification Submodule
-The language specification submodule provides functions to load the
-specification from a .mar archive(`load_language_specification_from_mar`) or a
-JSON file(`load_language_specification_from_json`). This specification will
-then be used to generate python classes representing the assets and
-associations of the language and to determine the attack steps for each asset
-when generating the attack graph.
 ## The Model Module
 With a MAL language a Model (a MAL instance model) can be created either
@@ -43,12 +35,6 @@ nodes related and the asset field which will contain the object in the model
 instance to which this attack step belongs to, if this information is
 available.
-## Ingestors Module
-The ingestors module contains various tools that can make use of the instance
-model or attack graph. Currently the Neo4J ingestor is the only one available
-and it can be used to visualise the instance model and the attack graph.
 # Usage
@@ -71,6 +57,11 @@ logging:
   model_file: "logs/model.yml"
   langspec_file: "logs/langspec_file.yml"
   langgraph_file: "logs/langspec_file.yml"
+neo4j:
+  uri: None
+  username: None
+  password: None
+  dbname: None
 ```
 Alternatively, you can use the `MALTOOLBOX_CONFIG`
@@ -114,12 +105,49 @@ Options:
 Notes:
     - <lang_file> can be either a .mar file (generated by the older MAL
       compiler) or a .mal file containing the DSL written in MAL.```
+```
 ## Code examples / Tutorial
-To find code examples and tutorials, visit the
+To find more code examples and tutorials, visit the
 [MAL Toolbox Tutorial](https://github.com/mal-lang/mal-toolbox-tutorial/tree/main) repository.
+### Load a language
+```python
+from maltoolbox.language import LanguageGraph
+# Will load the MAL language (.mal/.mar) or a saved language graph (yml/json)
+lang_graph = LanguageGraph.load_from_file(lang_file_path)
+```
+### Generate a model
+```python
+from maltoolbox.model import Model
+# Create an empty model
+instance_model = Model("Example Model", lang_graph)
+# Create and add assets of type supported by the MAL language
+asset1 = instance_model.add_asset('Application', 'Application1')
+asset2 = instance_model.add_asset('Application', 'Application2')
+# Create association between the assets
+asset1.add_associated_assets('appExecutedApps', asset2)
+```
+## Generate an attack graph
+```python
+from maltoolbox.attackgraph import AttackGraph
+attack_graph = AttackGraph(lang_graph, model)
+```
 # Tests
 There are unit tests inside of ./tests.
 Before running the tests, make sure to install the requirements in ./tests/requirements.txt with `python -m pip install -r ./tests/requirements.txt`.

{mal_toolbox-1.0.5 → mal_toolbox-1.0.7/mal_toolbox.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mal-toolbox
-Version: 1.0.5
+Version: 1.0.7
 Summary: A collection of tools used to create MAL models and attack graphs.
 Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>, Sandor Berglund <sandor@kth.se>
 License: Apache Software License
@@ -34,21 +34,13 @@ MAL ([Meta Attack Language](https://mal-lang.org/)) models and attack graphs.
 Attack graphs can be used to run simulations in [MAL Simulator](https://github.com/mal-lang/mal-simulator) or run your own custom analysis on.
-[Documentation](https://mal-lang.org/mal-toolbox/index.html)(Work in progress)
+- [MAL Toolbox Documentation](https://mal-lang.org/mal-toolbox/index.html)
+- [MAL Toolbox tutorial](https://github.com/mal-lang/mal-toolbox-tutorial)
 ## The Language Module
 The language module provides various tools to process MAL languages.
-### The Language Specification Submodule
-The language specification submodule provides functions to load the
-specification from a .mar archive(`load_language_specification_from_mar`) or a
-JSON file(`load_language_specification_from_json`). This specification will
-then be used to generate python classes representing the assets and
-associations of the language and to determine the attack steps for each asset
-when generating the attack graph.
 ## The Model Module
 With a MAL language a Model (a MAL instance model) can be created either
@@ -72,12 +64,6 @@ nodes related and the asset field which will contain the object in the model
 instance to which this attack step belongs to, if this information is
 available.
-## Ingestors Module
-The ingestors module contains various tools that can make use of the instance
-model or attack graph. Currently the Neo4J ingestor is the only one available
-and it can be used to visualise the instance model and the attack graph.
 # Usage
@@ -100,6 +86,11 @@ logging:
   model_file: "logs/model.yml"
   langspec_file: "logs/langspec_file.yml"
   langgraph_file: "logs/langspec_file.yml"
+neo4j:
+  uri: None
+  username: None
+  password: None
+  dbname: None
 ```
 Alternatively, you can use the `MALTOOLBOX_CONFIG`
@@ -143,12 +134,49 @@ Options:
 Notes:
     - <lang_file> can be either a .mar file (generated by the older MAL
       compiler) or a .mal file containing the DSL written in MAL.```
+```
 ## Code examples / Tutorial
-To find code examples and tutorials, visit the
+To find more code examples and tutorials, visit the
 [MAL Toolbox Tutorial](https://github.com/mal-lang/mal-toolbox-tutorial/tree/main) repository.
+### Load a language
+```python
+from maltoolbox.language import LanguageGraph
+# Will load the MAL language (.mal/.mar) or a saved language graph (yml/json)
+lang_graph = LanguageGraph.load_from_file(lang_file_path)
+```
+### Generate a model
+```python
+from maltoolbox.model import Model
+# Create an empty model
+instance_model = Model("Example Model", lang_graph)
+# Create and add assets of type supported by the MAL language
+asset1 = instance_model.add_asset('Application', 'Application1')
+asset2 = instance_model.add_asset('Application', 'Application2')
+# Create association between the assets
+asset1.add_associated_assets('appExecutedApps', asset2)
+```
+## Generate an attack graph
+```python
+from maltoolbox.attackgraph import AttackGraph
+attack_graph = AttackGraph(lang_graph, model)
+```
 # Tests
 There are unit tests inside of ./tests.
 Before running the tests, make sure to install the requirements in ./tests/requirements.txt with `python -m pip install -r ./tests/requirements.txt`.

{mal_toolbox-1.0.5 → mal_toolbox-1.0.7}/mal_toolbox.egg-info/SOURCES.txt RENAMED Viewed

@@ -29,5 +29,8 @@ maltoolbox/translators/__init__.py
 maltoolbox/translators/securicad.py
 maltoolbox/translators/updater.py
 maltoolbox/visualization/__init__.py
+maltoolbox/visualization/draw_io_utils.py
 maltoolbox/visualization/graphviz_utils.py
+maltoolbox/visualization/neo4j_utils.py
+maltoolbox/visualization/utils.py
 tests/test_model.py

{mal_toolbox-1.0.5 → mal_toolbox-1.0.7}/maltoolbox/__init__.py RENAMED Viewed

@@ -1,5 +1,5 @@
 # -*- encoding: utf-8 -*-
-# MAL Toolbox v1.0.5
+# MAL Toolbox v1.0.7
 # Copyright 2025, Andrei Buhaiu.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,7 +21,7 @@ MAL-Toolbox Framework
 """
 __title__ = "maltoolbox"
-__version__ = "1.0.5"
+__version__ = "1.0.7"
 __authors__ = [
     "Andrei Buhaiu",
     "Giuseppe Nebbione",
@@ -48,6 +48,7 @@ config: dict[str, Any] = {
         "langspec_file": "logs/langspec_file.json",
         "langgraph_file": "logs/langgraph.yml",
     },
+    "neo4j": {"uri": None, "username": None, "password": None, "dbname": None},
 }
 config_file = os.getenv("MALTOOLBOX_CONFIG", "maltoolbox.yml")
@@ -59,6 +60,8 @@ if os.path.exists(config_file):
 log_configs = config['logging']
 os.makedirs(os.path.dirname(log_configs["log_file"]), exist_ok=True)
+neo4j_configs = config['logging']
 formatter = logging.Formatter(
     "%(asctime)s %(name)-12s %(levelname)-8s %(message)s", datefmt="%m-%d %H:%M"
 )

{mal_toolbox-1.0.5 → mal_toolbox-1.0.7}/maltoolbox/__main__.py RENAMED Viewed

@@ -3,9 +3,9 @@ Command-line interface for MAL toolbox operations
 Usage:
     maltoolbox compile <lang_file> <output_file>
-    maltoolbox generate-attack-graph [--graphviz] <model_file> <lang_file>
+    maltoolbox generate-attack-graph [--graphviz] [--neo4j] <model_file> <lang_file>
     maltoolbox upgrade-model <model_file> <lang_file> <output_file>
-    maltoolbox visualize-model <model_file> <lang_file>
+    maltoolbox visualize-model [--neo4j] [--graphviz] [-drawio] <model_file> <lang_file>
 Arguments:
     <model_file>    Path to JSON instance model file.
@@ -15,6 +15,8 @@ Arguments:
 Options:
   -h --help         Show this screen.
   -g --graphviz     Visualize with graphviz
+  -n --neo4j        Send to neo4j
+  -d --drawio       Export draw.io file
 Notes:
     - <lang_file> can be either a .mar file (generated by the older MAL
@@ -25,12 +27,18 @@ import logging
 import json
 import docopt
-from . import log_configs
+from . import log_configs, neo4j_configs
 from .attackgraph import create_attack_graph, AttackGraph
 from .language.compiler import MalCompiler
 from .language.languagegraph import LanguageGraph
 from .translators.updater import load_model_from_older_version
-from .visualization.graphviz_utils import render_model, render_attack_graph
+from .visualization import (
+    render_model,
+    render_attack_graph,
+    ingest_model_neo4j,
+    ingest_attack_graph_neo4j,
+    create_drawio_file_with_images
+)
 from .model import Model
 logger = logging.getLogger(__name__)
@@ -78,6 +86,8 @@ def main():
         )
         if args['--graphviz']:
             render_attack_graph(attack_graph)
+        if args['--neo4j']:
+            ingest_attack_graph_neo4j(attack_graph, neo4j_configs)
     elif args['compile']:
         compile(
@@ -90,7 +100,12 @@ def main():
     elif args['visualize-model']:
         lang_graph = LanguageGraph.load_from_file(args['<lang_file>'])
         model = Model.load_from_file(args['<model_file>'], lang_graph)
-        render_model(model)
+        if args['--graphviz']:
+            render_model(model)
+        if args['--neo4j']:
+            ingest_model_neo4j(model, neo4j_configs)
+        if args['--drawio']:
+            create_drawio_file_with_images(model)
 if __name__ == "__main__":
     main()

{mal_toolbox-1.0.5 → mal_toolbox-1.0.7}/maltoolbox/attackgraph/attackgraph.py RENAMED Viewed

@@ -167,10 +167,10 @@ class AttackGraph():
         attack_graph = AttackGraph(lang_graph)
         attack_graph.model = model
-        serialized_attack_steps = serialized_object['attack_steps']
+        serialized_attack_steps: dict[str, dict] = serialized_object['attack_steps']
         # Create all of the nodes in the imported attack graph.
-        for node_dict in serialized_attack_steps.values():
+        for node_full_name, node_dict in serialized_attack_steps.items():
             # Recreate asset links if model is available.
             node_asset = None
@@ -195,7 +195,10 @@ class AttackGraph():
                 existence_status = (
                     bool(node_dict['existence_status'])
                     if 'existence_status' in node_dict else None
-                )
+                ),
+                # Give explicit full name if model is missing, otherwise
+                # it will generate automatically in node.full_name
+                full_name=node_full_name if not model else None
             )
             ag_node.tags = list(node_dict.get('tags', []))
             ag_node.extras = node_dict.get('extras', {})
@@ -611,7 +614,8 @@ class AttackGraph():
             node_id: Optional[int] = None,
             model_asset: Optional[ModelAsset] = None,
             ttc_dist: Optional[dict] = None,
-            existence_status: Optional[bool] = None
+            existence_status: Optional[bool] = None,
+            full_name: Optional[str] = None
         ) -> AttackGraphNode:
         """Create and add a node to the graph
         Arguments:
@@ -656,7 +660,8 @@ class AttackGraph():
             lg_attack_step = lg_attack_step,
             model_asset = model_asset,
             ttc_dist = ttc_dist,
-            existence_status = existence_status
+            existence_status = existence_status,
+            full_name = full_name
         )
         self.nodes[node_id] = node

{mal_toolbox-1.0.5 → mal_toolbox-1.0.7}/maltoolbox/attackgraph/node.py RENAMED Viewed

@@ -21,7 +21,8 @@ class AttackGraphNode:
         lg_attack_step: LanguageGraphAttackStep,
         model_asset: Optional[ModelAsset] = None,
         ttc_dist: Optional[dict] = None,
-        existence_status: Optional[bool] = None
+        existence_status: Optional[bool] = None,
+        full_name: Optional[str] = None
     ):
         self.lg_attack_step = lg_attack_step
         self.name = lg_attack_step.name
@@ -30,6 +31,7 @@ class AttackGraphNode:
         self.tags = lg_attack_step.tags
         self.detectors = lg_attack_step.detectors
+        self._full_name = full_name
         self.id = node_id
         self.model_asset = model_asset
         self.existence_status = existence_status
@@ -45,10 +47,12 @@ class AttackGraphNode:
             'lang_graph_attack_step': self.lg_attack_step.full_name,
             'name': self.name,
             'ttc': self.ttc,
-            'children': {child.id: child.full_name for child in
-                self.children},
-            'parents': {parent.id: parent.full_name for parent in
-                self.parents},
+            'children': {
+                child.id: child.full_name for child in self.children
+            },
+            'parents': {
+                parent.id: parent.full_name for parent in self.parents
+            },
         }
         for detector in self.detectors.values():
@@ -105,13 +109,19 @@ class AttackGraphNode:
     @property
     def full_name(self) -> str:
         """
-        Return the full name of the attack step. This is a combination of the
-        asset name to which the attack step belongs and attack step name
-        itself.
+        Return the full name of the attack step. This is normally a
+        combination of the asset name to which the attack step
+        belongs and attack step name itself, but can also be
+        explicitly set or a combination of the step id and step name.
         """
-        if self.model_asset:
+        if self._full_name:
+            # Explicitly set
+            return self._full_name
+        elif self.model_asset:
+            # Inherited from model asset
             full_name = self.model_asset.name + ':' + self.name
         else:
+            # Fallback: use ID
             full_name = str(self.id) + ':' + self.name
         return full_name

{mal_toolbox-1.0.5 → mal_toolbox-1.0.7}/maltoolbox/language/languagegraph.py RENAMED Viewed

@@ -171,6 +171,18 @@ class LanguageGraphAsset:
             current_asset = current_asset.own_super_asset
         return superassets
+    def associations_to(
+        self, asset_type: LanguageGraphAsset
+    ) -> dict[str, LanguageGraphAssociation]:
+        """
+        Return dict of association types that go from self
+        to given `asset_type`
+        """
+        associations_to_asset_type = {}
+        for fieldname, association in self.associations.items():
+            if association in asset_type.associations.values():
+                associations_to_asset_type[fieldname] = association
+        return associations_to_asset_type
     @cached_property
     def associations(self) -> dict[str, LanguageGraphAssociation]:

{mal_toolbox-1.0.5 → mal_toolbox-1.0.7}/maltoolbox/model.py RENAMED Viewed

@@ -101,6 +101,12 @@ class Model():
                         ' and we do not allow duplicates.'
                     )
+        if asset_type not in self.lang_graph.assets:
+            raise ValueError(
+                f'Asset type "{asset_type}" does not exist in language, '
+                'must be one of:\n -' +
+                '\n -'.join(self.lang_graph.assets.keys())
+            )
         lg_asset = self.lang_graph.assets[asset_type]
         asset = ModelAsset(
@@ -184,8 +190,11 @@ class Model():
         )
         return self._name_to_asset.get(asset_name, None)
     def _to_dict(self) -> dict:
+        """Backwards compatible"""
+        return self.to_dict()
+    def to_dict(self) -> dict:
         """Get dictionary representation of the model."""
         logger.debug('Translating model to dict.')
         contents: dict[str, Any] = {
@@ -446,6 +455,20 @@ class ModelAsset:
         assets dictionary entry corresponding to the given fieldname.
         """
+        if fieldname not in self.lg_asset.associations:
+            if assets:
+                to_asset_type = next(iter(assets)).lg_asset
+                possible_associations = self.lg_asset.associations_to(to_asset_type)
+            else:
+                to_asset_type = None
+                possible_associations = self.lg_asset.associations
+            raise ValueError(
+                f'Association fieldname "{fieldname}" does not exist from '
+                f'<{self.lg_asset.name}> to <{to_asset_type.name if to_asset_type else "Any"}>'
+                ', must be one of:\n -' +
+                '\n -'.join([a for a in possible_associations])
+            )
         lg_assoc = self.lg_asset.associations[fieldname]
         other_fieldname = lg_assoc.get_opposite_fieldname(fieldname)

mal_toolbox-1.0.7/maltoolbox/visualization/__init__.py ADDED Viewed

@@ -0,0 +1,11 @@
+from .graphviz_utils import render_attack_graph, render_model
+from .neo4j_utils import ingest_attack_graph_neo4j, ingest_model_neo4j
+from .draw_io_utils import create_drawio_file_with_images
+__all__ = [
+    'render_attack_graph',
+    'render_model',
+    'ingest_attack_graph_neo4j',
+    'ingest_model_neo4j',
+    'create_drawio_file_with_images'
+]

mal_toolbox-1.0.7/maltoolbox/visualization/draw_io_utils.py ADDED Viewed

@@ -0,0 +1,317 @@
+"""DrawIO exporter made by Sandor"""
+import xml.etree.ElementTree as ET
+from xml.dom import minidom
+import math
+from maltoolbox.model import Model
+from .utils import position_assets
+type2iconURL = {
+    "Hardware": "https://uxwing.com/wp-content/themes/uxwing/download/domain-hosting/server-rack-outline-icon.png",
+    "SoftwareProduct": "https://uxwing.com/wp-content/themes/uxwing/download/logistics-shipping-delivery/packing-icon.png",
+    "Application": "https://uxwing.com/wp-content/themes/uxwing/download/web-app-development/coding-icon.png",
+    "IDPS": "https://uxwing.com/wp-content/themes/uxwing/download/web-app-development/web-page-source-code-icon.png",
+    "PhysicalZone": "https://uxwing.com/wp-content/themes/uxwing/download/location-travel-map/address-location-icon.png",
+    "Information": "https://uxwing.com/wp-content/themes/uxwing/download/web-app-development/more-info-icon.png",
+    "Data": "https://uxwing.com/wp-content/themes/uxwing/download/web-app-development/database-line-icon.png",
+    "IAMObject": "https://uxwing.com/wp-content/themes/uxwing/download/communication-chat-call/name-id-icon.png",
+    "Identity": "https://uxwing.com/wp-content/themes/uxwing/download/communication-chat-call/name-id-icon.png",
+    "Privileges": "https://uxwing.com/wp-content/themes/uxwing/download/banking-finance/access-hand-key-icon.png",
+    "Group": "https://uxwing.com/wp-content/themes/uxwing/download/business-professional-services/team-icon.png",
+    "Credentials": "https://uxwing.com/wp-content/themes/uxwing/download/household-and-furniture/key-line-icon.png",
+    "User": "https://uxwing.com/wp-content/themes/uxwing/download/peoples-avatars/unisex-male-and-female-icon.png",
+    "Network": "https://uxwing.com/wp-content/themes/uxwing/download/internet-network-technology/big-data-icon.png",
+    "RoutingFirewall": "https://uxwing.com/wp-content/themes/uxwing/download/internet-network-technology/encryption-icon.png",
+    "ConnectionRule": "https://uxwing.com/wp-content/themes/uxwing/download/internet-network-technology/pc-network-icon.png",
+    "Vulnerability": "https://uxwing.com/wp-content/themes/uxwing/download/web-app-development/cyber-security-icon.png",
+    "SoftwareVulnerability": "https://uxwing.com/wp-content/themes/uxwing/download/web-app-development/cyber-security-icon.png",
+    "HardwareVulnerability": "https://uxwing.com/wp-content/themes/uxwing/download/crime-security-military-law/shield-sedo-line-icon.png",
+}
+def create_drawio_file_with_images(
+    model: Model,
+    show_edge_labels=True,
+    line_thickness=2,
+    coordinate_scale=0.75,
+    output_filename=None
+):
+    """
+    Create a draw.io file with all model assets as boxes using their actual positions and images
+    Args:
+        model: The model containing assets and associations
+        output_filename: Name of the output draw.io file
+        show_edge_labels: If True, show association type as text on edges. If False, edges will have no labels.
+        line_thickness: Thickness of the edges in pixels (default: 2)
+        coordinate_scale: Scale factor for model coordinates (default: 1.0, use 0.5 for half size, 2.0 for double size)
+    """
+    if not all(a.extras.get('position') for a in model.assets.values()):
+        # Give assets positions if not already set
+        position_assets(model)
+    output_filename = output_filename or (
+        (model.name or "model_assets_with_images") + ".drawio"
+    )
+    # Use the type2iconURL mapping for image URLs
+    type_images = type2iconURL
+    # Create root element
+    root = ET.Element("mxfile")
+    root.set("host", "app.diagrams.net")
+    root.set("modified", "2024-01-01T00:00:00.000Z")
+    root.set("agent", "5.0")
+    root.set("version", "24.7.17")
+    root.set("et", "https://www.diagrams.net/")
+    root.set("type", "device")
+    # Create diagram element
+    diagram = ET.SubElement(root, "diagram")
+    diagram.set("id", "model-assets")
+    diagram.set("name", "Model Assets")
+    # Create mxGraphModel
+    mxgraph = ET.SubElement(diagram, "mxGraphModel")
+    mxgraph.set("dx", "1422")
+    mxgraph.set("dy", "754")
+    mxgraph.set("grid", "1")
+    mxgraph.set("gridSize", "10")
+    mxgraph.set("guides", "1")
+    mxgraph.set("tooltips", "1")
+    mxgraph.set("connect", "1")
+    mxgraph.set("arrows", "1")
+    mxgraph.set("fold", "1")
+    mxgraph.set("page", "1")
+    mxgraph.set("pageScale", "1")
+    mxgraph.set("pageWidth", "2000")
+    mxgraph.set("pageHeight", "1500")
+    mxgraph.set("math", "0")
+    mxgraph.set("shadow", "0")
+    # Create root cell
+    root_cell = ET.SubElement(mxgraph, "root")
+    # Create default parent
+    default_parent = ET.SubElement(root_cell, "mxCell")
+    default_parent.set("id", "0")
+    # Create parent for edges (back layer)
+    edges_parent = ET.SubElement(root_cell, "mxCell")
+    edges_parent.set("id", "1")
+    edges_parent.set("parent", "0")
+    # Create default parent for model (front layer)
+    model_parent = ET.SubElement(root_cell, "mxCell")
+    model_parent.set("id", "2")
+    model_parent.set("parent", "0")
+    # Get assets and use their actual positions
+    assets = list(model.assets.values())
+    # Box dimensions
+    box_width = 150
+    box_height = 80
+    # Find the bounds of all assets to center the diagram
+    min_x = min_y = float("inf")
+    max_x = max_y = float("-inf")
+    for asset in assets:
+        if asset.extras:
+            x = asset.extras.get("position", {}).get("x", 0)
+            y = asset.extras.get("position", {}).get("y", 0)
+            min_x = min(min_x, x)
+            min_y = min(min_y, y)
+            max_x = max(max_x, x)
+            max_y = max(max_y, y)
+    # If no positions found, use default bounds
+    if min_x == float("inf"):
+        min_x = min_y = 0
+        max_x = max_y = 1000
+    # Add some padding
+    padding = 100
+    min_x -= padding
+    min_y -= padding
+    max_x += padding
+    max_y += padding
+    # Create boxes for each asset using their actual positions
+    for asset in assets:
+        # Get position from extras, with fallback to grid layout
+        if hasattr(asset, "extras") and asset.extras and "position" in asset.extras:
+            x = round(asset.extras["position"].get("x", 0) * coordinate_scale)
+            y = round(asset.extras["position"].get("y", 0) * coordinate_scale)
+        else:
+            # Fallback to grid layout if no position data
+            i = list(model.assets.keys()).index(asset.id)
+            cols = math.ceil(math.sqrt(len(assets)))
+            row = i // cols
+            col = i % cols
+            x = round((50 + col * 200) * coordinate_scale)
+            y = round((50 + row * 120) * coordinate_scale)
+        # Get image URL for asset type
+        image_url = type_images.get(
+            asset.type,
+            "https://uxwing.com/wp-content/themes/uxwing/download/communication-chat-call/question-mark-icon.png",
+        )
+        # Define colors for each asset type (matching the design)
+        type_colors = {
+            "Hardware": "#4CAF50",  # Green
+            "Application": "#2196F3",  # Blue
+            "Network": "#9C27B0",  # Purple
+            "ConnectionRule": "#FF9800",  # Orange
+            "Identity": "#607D8B",  # Blue Grey
+            "Credentials": "#4CAF50",  # Green
+            "SoftwareVulnerability": "#F44336",  # Red
+            "Data": "#795548",  # Brown
+            "User": "#00BCD4",  # Cyan
+        }
+        # Get color for this asset type
+        top_color = type_colors.get(asset.type, "#4CAF50")
+        # Create the HTML content for the two-segment box
+        html_content = f"""
+        <div style="width: {box_width}px; height: {box_height}px; position: relative; border-radius: 8px; overflow: hidden; box-shadow: 0 2px 4px rgba(0,0,0,0.1);">
+            <!-- Top segment with icon and type -->
+            <div style="background: linear-gradient(to bottom, {top_color}, {top_color}dd); height: 40%; display: flex; align-items: center; padding: 0 8px; position: relative;">
+                <img src="{image_url}" width="20" height="20" style="margin-right: 8px;"/>
+                <span style="color: white; font-weight: bold; font-size: 11px; flex: 1;">{asset.type}</span>
+                <div style="width: 8px; height: 8px; background: {top_color}; position: absolute; top: 4px; right: 4px; border-radius: 2px;"></div>
+            </div>
+            <!-- Bottom segment with asset name -->
+            <div style="background: #424242; height: 60%; display: flex; align-items: center; justify-content: center; padding: 0 8px;">
+                <span style="color: white; font-size: 10px; text-align: center; line-height: 1.2;">{asset.name}</span>
+            </div>
+            <!-- Connecting line -->
+            <div style="position: absolute; bottom: 40%; left: 0; width: 0; height: 0; border-left: 8px solid transparent; border-right: 8px solid transparent; border-top: 8px solid {top_color};"></div>
+        </div>
+        """
+        # Create mxCell for the asset box
+        cell = ET.SubElement(root_cell, "mxCell")
+        cell.set("id", f"asset_{asset.id}")
+        cell.set("value", html_content)
+        cell.set(
+            "style",
+            "rounded=0;whiteSpace=wrap;html=1;overflow=fill;"
+            "align=center;verticalAlign=middle;spacing=0;"
+            "fillColor=none;strokeColor=none;fontSize=10;fontStyle=1;",
+        )
+        cell.set("vertex", "1")
+        cell.set("parent", "2")  # Put assets in front layer
+        # Create geometry element
+        geometry = ET.SubElement(cell, "mxGeometry")
+        geometry.set("x", str(x))
+        geometry.set("y", str(y))
+        geometry.set("width", str(box_width))
+        geometry.set("height", str(box_height))
+        geometry.set("as", "geometry")
+    # Create edges for associations (avoiding duplicates)
+    edge_id = 1000  # Start edge IDs from 1000 to avoid conflicts with asset IDs
+    processed_edges = set()  # Track processed edges to avoid duplicates
+    for asset in assets:
+        if hasattr(asset, "associated_assets") and asset.associated_assets:
+            for asset_assoc_field, associated_assets in asset.associated_assets.items():
+                association_type = asset.lg_asset.associations[asset_assoc_field].name
+                for assoc_asset in associated_assets:
+                    # Create a unique edge identifier (sorted to handle bidirectional associations)
+                    edge_key = tuple(sorted([asset.id, assoc_asset.id]))
+                    # Skip if we've already processed this edge
+                    if edge_key in processed_edges:
+                        continue
+                    # Find the target asset
+                    target_asset = None
+                    for a in assets:
+                        if a.id == assoc_asset.id:
+                            target_asset = a
+                            break
+                    if target_asset:
+                        # Mark this edge as processed
+                        processed_edges.add(edge_key)
+                        # Get positions for both assets
+                        source_x = asset.extras.get("position", {}).get("x", 0) + box_width / 2
+                        source_y = asset.extras.get("position", {}).get("y", 0) + box_height / 2
+                        target_x = (
+                            target_asset.extras.get("position", {}).get("x", 0) + box_width / 2
+                        )
+                        target_y = (
+                            target_asset.extras.get("position", {}).get("y", 0) + box_height / 2
+                        )
+                        # Create edge cell
+                        edge_cell = ET.SubElement(root_cell, "mxCell")
+                        edge_cell.set("id", f"edge_{edge_id}")
+                        edge_cell.set(
+                            "value", association_type if show_edge_labels else ""
+                        )
+                        edge_cell.set(
+                            "style",
+                            f"edgeStyle=straightEdgeStyle;rounded=0;html=1;fontSize=10;fontStyle=1;endArrow=none;startArrow=none;strokeWidth={line_thickness};",
+                        )
+                        edge_cell.set("edge", "1")
+                        edge_cell.set("parent", "1")  # Put edges in back layer
+                        edge_cell.set("source", f"asset_{asset.id}")
+                        edge_cell.set("target", f"asset_{assoc_asset.id}")
+                        # Create geometry for edge
+                        edge_geometry = ET.SubElement(edge_cell, "mxGeometry")
+                        edge_geometry.set("relative", "1")
+                        edge_geometry.set("as", "geometry")
+                        # Create array of points for the edge
+                        array = ET.SubElement(edge_geometry, "Array")
+                        array.set("as", "points")
+                        # Add source point
+                        point1 = ET.SubElement(array, "mxPoint")
+                        point1.set("x", str(source_x))
+                        point1.set("y", str(source_y))
+                        point1.set("as", "sourcePoint")
+                        # Add target point
+                        point2 = ET.SubElement(array, "mxPoint")
+                        point2.set("x", str(target_x))
+                        point2.set("y", str(target_y))
+                        point2.set("as", "targetPoint")
+                        edge_id += 1
+    # Convert to pretty XML
+    rough_string = ET.tostring(root, "utf-8")
+    reparsed = minidom.parseString(rough_string)
+    pretty_xml = reparsed.toprettyxml(indent="  ")
+    # Remove empty lines
+    lines = [line for line in pretty_xml.split("\n") if line.strip()]
+    pretty_xml = "\n".join(lines)
+    # Write to file
+    with open(output_filename, "w", encoding="utf-8") as f:
+        f.write(pretty_xml)
+    print(f"Draw.io file with images created: {output_filename}")
+    print(f"Total assets: {len(assets)}")
+    print(f"Diagram bounds: x={min_x:.0f} to {max_x:.0f}, y={min_y:.0f} to {max_y:.0f}")
+    # Print asset summary
+    type_counts: dict[str, int] = {}
+    for asset in assets:
+        type_counts[asset.type] = type_counts.get(asset.type, 0) + 1
+    print("\nAsset type distribution:")
+    for asset_type, count in sorted(type_counts.items()):
+        print(f"  {asset_type}: {count}")

mal_toolbox-1.0.7/maltoolbox/visualization/neo4j_utils.py ADDED Viewed

@@ -0,0 +1,117 @@
+"""
+MAL-Toolbox Neo4j Ingestor Module
+"""
+# mypy: ignore-errors
+import logging
+from typing import Any
+from py2neo import Graph, Node, Relationship, Subgraph
+logger = logging.getLogger(__name__)
+def ingest_attack_graph_neo4j(
+        graph,
+        neo4j_config: dict[str, Any],
+        delete: bool = True
+    ) -> None:
+    """
+    Ingest an attack graph into a neo4j database
+    Arguments:
+    graph                - the attackgraph provided by the atkgraph.py module.
+    uri                  - the URI to a running neo4j instance
+    username             - the username to login on Neo4J
+    password             - the password to login on Neo4J
+    dbname               - the selected database
+    delete               - if True, the previous content of the database is deleted
+                           before ingesting the new attack graph
+    """
+    uri = neo4j_config.get('uri')
+    username = neo4j_config.get('username')
+    password = neo4j_config.get('password')
+    dbname = neo4j_config.get('dbname')
+    g = Graph(uri=uri, user=username, password=password, name=dbname)
+    if delete:
+        g.delete_all()
+    nodes = {}
+    rels = []
+    for node in graph.nodes.values():
+        node_dict = node.to_dict()
+        nodes[node.id] = Node(
+            node_dict['asset'] if 'asset' in node_dict else node_dict['id'],
+            name = node_dict['name'],
+            full_name = node.full_name,
+            type = node_dict['type'],
+            ttc = str(node_dict['ttc']),
+        )
+    for node in graph.nodes.values():
+        for child in node.children:
+            rels.append(Relationship(nodes[node.id], nodes[child.id]))
+    subgraph = Subgraph(list(nodes.values()), rels)
+    tx = g.begin()
+    tx.create(subgraph)
+    g.commit(tx)
+def ingest_model_neo4j(
+        model,
+        neo4j_config: dict[str, Any],
+        delete: bool = True
+    ) -> None:
+    """
+    Ingest an instance model graph into a Neo4J database
+    Arguments:
+    model                - the instance model dictionary as provided by the model.py module
+    uri                  - the URI to a running neo4j instance
+    username             - the username to login on Neo4J
+    password             - the password to login on Neo4J
+    dbname               - the selected database
+    delete               - if True, the previous content of the database is deleted
+                           before ingesting the new attack graph
+    """
+    uri = neo4j_config.get('uri')
+    username = neo4j_config.get('username')
+    password = neo4j_config.get('password')
+    dbname = neo4j_config.get('dbname')
+    g = Graph(uri=uri, user=username, password=password, name=dbname)
+    if delete:
+        g.delete_all()
+    nodes = {}
+    rels = []
+    for asset in model.assets.values():
+        nodes[str(asset.id)] = Node(
+            str(asset.type),
+            name=str(asset.name),
+            asset_id=str(asset.id),
+            type=str(asset.type)
+        )
+    for asset in model.assets.values():
+        for fieldname, other_assets in asset.associated_assets.items():
+            for other_asset in other_assets:
+                rels.append(
+                    Relationship(
+                        nodes[str(asset.id)],
+                        str(fieldname),
+                        nodes[str(other_asset.id)]
+                    )
+                )
+    subgraph = Subgraph(list(nodes.values()), rels)
+    tx = g.begin()
+    tx.create(subgraph)
+    g.commit(tx)

mal_toolbox-1.0.7/maltoolbox/visualization/utils.py ADDED Viewed

@@ -0,0 +1,41 @@
+from maltoolbox.model import Model
+def position_assets(model: Model):
+    """
+    Assigns (x, y) positions to assets in a graph where relations are stored
+    in asset.associated_assets[relation_name] = [related_assets...].
+    Positions are stored in asset.extras['position'] = {'x': ..., 'y': ...}.
+    Layout is computed by traversing connected components.
+    Adds uniform padding between assets.
+    """
+    visited = set()
+    x_spacing = 200
+    y_spacing = 200
+    padding = 50  # uniform padding
+    def traverse(asset, depth, index, component):
+        if asset in visited:
+            return
+        visited.add(asset)
+        component.append((asset, depth, index))
+        neighbors = []
+        for rel_list in asset.associated_assets.values():
+            neighbors.extend(rel_list)
+        for i, neighbor in enumerate(neighbors):
+            if neighbor not in visited:
+                traverse(neighbor, depth + 1, i, component)
+    def assign_positions(component):
+        for i, (asset, depth, index) in enumerate(component):
+            x = index * (x_spacing + padding)
+            y = depth * (y_spacing + padding)
+            asset.extras.setdefault('position', {})
+            asset.extras['position']['x'] = x
+            asset.extras['position']['y'] = y
+    for asset in model.assets.values():
+        if asset not in visited:
+            component: list[tuple] = []
+            traverse(asset, 0, 0, component)
+            assign_positions(component)

{mal_toolbox-1.0.5 → mal_toolbox-1.0.7}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "mal-toolbox"
-version = "1.0.5"
+version = "1.0.7"
 authors = [
   { name="Andrei Buhaiu", email="buhaiu@kth.se" },
   { name="Joakim Loxdal", email="loxdal@kth.se" },

{mal_toolbox-1.0.5 → mal_toolbox-1.0.7}/tests/test_model.py RENAMED Viewed

@@ -167,7 +167,7 @@ def test_model_add_association_nonexisting_fieldname(model: Model):
     data = model.add_asset(asset_type = 'Data')
     # Try create an association between asset1 and data
-    with pytest.raises(LookupError):
+    with pytest.raises(ValueError):
         # will raise error because fieldname does not exist
         asset1.add_associated_assets(
             fieldname = 'unknownFieldName', assets = {data}