prelude-sdk-beta 1406__py3-none-any.whl

prelude_sdk_beta/models/codes.py

@@ -0,0 +1,446 @@
+import logging
+
+from enum import Enum, EnumMeta
+
+
+class MissingItem(EnumMeta):
+    def __getitem__(cls, name):
+        try:
+            return super().__getitem__(name.upper())
+        except (AttributeError, KeyError):
+            try:
+                return cls(int(name))
+            except ValueError:
+                return cls(name)
+
+
+class RunCode(Enum, metaclass=MissingItem):
+    INVALID = -1
+    DAILY = 1
+    WEEKLY = 2
+    MONTHLY = 3
+    SMART = 4
+    DEBUG = 5
+    RUN_ONCE = 6
+    MONDAY = 10
+    TUESDAY = 11
+    WEDNESDAY = 12
+    THURSDAY = 13
+    FRIDAY = 14
+    SATURDAY = 15
+    SUNDAY = 16
+    MONTH_1 = 20
+
+    @classmethod
+    def _missing_(cls, value):
+        return RunCode.DAILY
+
+
+class Mode(Enum, metaclass=MissingItem):
+    MANUAL = 0
+    FROZEN = 1
+    AUTOPILOT = 2
+
+    @classmethod
+    def _missing_(cls, value):
+        return Mode.MANUAL
+
+
+class Permission(Enum, metaclass=MissingItem):
+    INVALID = -1
+    ADMIN = 0
+    EXECUTIVE = 1
+    BUILD = 2
+    SERVICE = 3
+    SUPPORT = 5
+
+    @classmethod
+    def _missing_(cls, value):
+        return Permission.INVALID
+
+
+class ExitCode(Enum):
+    MISSING = -1
+    UNKNOWN_ERROR = 1
+    MALFORMED_TEST = 2
+    UNREPORTED = 3
+    PROCESS_BLOCKED = 9
+    PROCESS_BLOCKED_GRACEFULLY = 15
+    PROTECTED = 100
+    UNPROTECTED = 101
+    TIMED_OUT = 102
+    FAILED_CLEANUP = 103
+    TEST_NOT_RELEVANT = 104
+    DYNAMIC_QUARANTINE = 105
+    BLOCKED_AT_PERIMETER = 106
+    EXPLOIT_PREVENTED = 107
+    ENDPOINT_NOT_RELEVANT = 108
+    INSUFFICIENT_PRIVILEGES = 109
+    INCORRECTLY_BLOCKED = 110
+    PREVENTED_EXECUTION = 126
+    STATIC_QUARANTINE = 127
+    BLOCKED = 137
+    UNEXPECTED_ERROR = 256
+
+    @classmethod
+    def _missing_(cls, value):
+        if value and not isinstance(value, int):
+            return cls(int(value))
+        logging.warning("Unknown ExitCode: %s", str(value))
+        return ExitCode.MISSING
+
+    @property
+    def state(self):
+        for k, v in State.mapping().items():
+            if self in v:
+                return k
+        return State.NONE
+
+
+class State(Enum):
+    NONE = 0
+    PROTECTED = 1
+    UNPROTECTED = 2
+    ERROR = 3
+    NOT_RELEVANT = 4
+
+    @classmethod
+    def mapping(cls):
+        return {
+            State.ERROR: [
+                ExitCode.FAILED_CLEANUP,
+                ExitCode.INCORRECTLY_BLOCKED,
+                ExitCode.MALFORMED_TEST,
+                ExitCode.TIMED_OUT,
+                ExitCode.UNEXPECTED_ERROR,
+                ExitCode.UNKNOWN_ERROR,
+                ExitCode.UNREPORTED,
+            ],
+            State.NONE: [ExitCode.MISSING],
+            State.NOT_RELEVANT: [
+                ExitCode.ENDPOINT_NOT_RELEVANT,
+                ExitCode.INSUFFICIENT_PRIVILEGES,
+                ExitCode.TEST_NOT_RELEVANT,
+            ],
+            State.PROTECTED: [
+                ExitCode.BLOCKED,
+                ExitCode.BLOCKED_AT_PERIMETER,
+                ExitCode.DYNAMIC_QUARANTINE,
+                ExitCode.EXPLOIT_PREVENTED,
+                ExitCode.PREVENTED_EXECUTION,
+                ExitCode.PROCESS_BLOCKED,
+                ExitCode.PROCESS_BLOCKED_GRACEFULLY,
+                ExitCode.PROTECTED,
+                ExitCode.STATIC_QUARANTINE,
+            ],
+            State.UNPROTECTED: [
+                ExitCode.UNPROTECTED,
+            ],
+        }
+
+
+class DOS(Enum):
+    none = "none"
+    arm64 = "arm64"
+    x86_64 = "x86_64"
+    aarch64 = "arm64"
+    amd64 = "x86_64"
+    x86 = "x86_64"
+
+    @classmethod
+    def normalize(cls, dos: str):
+        try:
+            arch = dos.split("-", 1)[-1]
+            return dos[: -len(arch)].lower() + cls[arch.lower()].value
+        except (KeyError, IndexError, AttributeError):
+            return cls.none.value
+
+
+class Control(Enum, metaclass=MissingItem):
+    INVALID = -1
+    NONE = 0
+    CROWDSTRIKE = 1
+    DEFENDER = 2
+    SPLUNK = 3
+    SENTINELONE = 4
+    VECTR = 5
+    S3 = 6
+    INTUNE = 7
+    SERVICENOW = 8
+    OKTA = 9
+    M365 = 10
+    ENTRA = 11
+    JAMF = 12
+    CROWDSTRIKE_IDENTITY = 13
+    GMAIL = 14
+    GOOGLE_IDENTITY = 15
+    DEFENDER_DISCOVERY = 16
+    TENABLE = 17
+    EC2 = 18
+    AWS_SSM = 19
+    AZURE_VM = 20
+    GITHUB = 21
+    TENABLE_DISCOVERY = 22
+    QUALYS = 23
+    QUALYS_DISCOVERY = 24
+
+    @classmethod
+    def _missing_(cls, value):
+        return Control.INVALID
+
+    @property
+    def control_category(self):
+        for k, v in ControlCategory.mapping().items():
+            if self in v:
+                return k
+        return ControlCategory.NONE
+
+    @property
+    def scm_category(self):
+        for k, v in SCMCategory.control_mapping().items():
+            if self in v:
+                return k
+        return SCMCategory.NONE
+
+
+class ControlCategory(Enum, metaclass=MissingItem):
+    INVALID = -1
+    NONE = 0
+    CLOUD = 1
+    EMAIL = 2
+    IDENTITY = 3
+    NETWORK = 4
+    XDR = 5
+    ASSET_MANAGER = 6
+    DISCOVERED_DEVICES = 7
+    VULN_MANAGER = 8
+    SIEM = 9
+    PRIVATE_REPO = 10
+
+    @classmethod
+    def _missing_(cls, value):
+        return ControlCategory.INVALID
+
+    @classmethod
+    def mapping(cls):
+        return {
+            ControlCategory.ASSET_MANAGER: [
+                Control.AWS_SSM,
+                Control.INTUNE,
+                Control.JAMF,
+            ],
+            ControlCategory.CLOUD: [],
+            ControlCategory.DISCOVERED_DEVICES: [
+                Control.AZURE_VM,
+                Control.DEFENDER_DISCOVERY,
+                Control.EC2,
+                Control.QUALYS_DISCOVERY,
+                Control.SERVICENOW,
+                Control.TENABLE_DISCOVERY,
+            ],
+            ControlCategory.EMAIL: [
+                Control.GMAIL,
+                Control.M365,
+            ],
+            ControlCategory.IDENTITY: [
+                Control.CROWDSTRIKE_IDENTITY,
+                Control.ENTRA,
+                Control.GOOGLE_IDENTITY,
+                Control.OKTA,
+            ],
+            ControlCategory.NETWORK: [],
+            ControlCategory.PRIVATE_REPO: [
+                Control.GITHUB,
+            ],
+            ControlCategory.SIEM: [
+                Control.S3,
+                Control.SPLUNK,
+                Control.VECTR,
+            ],
+            ControlCategory.VULN_MANAGER: [Control.QUALYS, Control.TENABLE],
+            ControlCategory.XDR: [
+                Control.CROWDSTRIKE,
+                Control.DEFENDER,
+                Control.SENTINELONE,
+            ],
+        }
+
+
+class SCMCategory(Enum, metaclass=MissingItem):
+    INVALID = -1
+    NONE = 0
+    ENDPOINT = 1
+    INBOX = 2
+    USER = 3
+
+    @classmethod
+    def _missing_(cls, value):
+        return SCMCategory.INVALID
+
+    @classmethod
+    def control_mapping(cls):
+        return {
+            SCMCategory.ENDPOINT: [
+                Control.AWS_SSM,
+                Control.AZURE_VM,
+                Control.CROWDSTRIKE,
+                Control.DEFENDER,
+                Control.DEFENDER_DISCOVERY,
+                Control.EC2,
+                Control.INTUNE,
+                Control.JAMF,
+                Control.QUALYS,
+                Control.QUALYS_DISCOVERY,
+                Control.SENTINELONE,
+                Control.SERVICENOW,
+                Control.TENABLE,
+                Control.TENABLE_DISCOVERY,
+            ],
+            SCMCategory.USER: [
+                Control.CROWDSTRIKE_IDENTITY,
+                Control.ENTRA,
+                Control.GOOGLE_IDENTITY,
+                Control.OKTA,
+            ],
+            SCMCategory.INBOX: [
+                Control.GMAIL,
+                Control.M365,
+            ],
+        }
+
+    @classmethod
+    def category_mapping(cls):
+        return {
+            SCMCategory.ENDPOINT: [
+                ControlCategory.ASSET_MANAGER,
+                ControlCategory.DISCOVERED_DEVICES,
+                ControlCategory.VULN_MANAGER,
+                ControlCategory.XDR,
+            ],
+            SCMCategory.USER: [ControlCategory.IDENTITY],
+            SCMCategory.INBOX: [ControlCategory.EMAIL],
+        }
+
+
+class BackgroundJobTypes(Enum, metaclass=MissingItem):
+    INVALID = -1
+    UPDATE_SCM = 1
+    DEPLOY_PROBE = 2
+    OBSERVED_DETECTED = 3
+    PRELUDE_ENDPOINT_SYNC = 4
+    EXPORT_SCM = 5
+    PARTNER_GROUPS = 6
+
+    @classmethod
+    def _missing_(cls, value):
+        return BackgroundJobTypes.INVALID
+
+
+class EDRResponse(Enum, metaclass=MissingItem):
+    INVALID = -1
+    OBSERVE = 1
+    DETECT = 2
+    PREVENT = 3
+
+    @classmethod
+    def _missing_(cls, value):
+        return EDRResponse.INVALID
+
+
+class PartnerEvents(Enum, metaclass=MissingItem):
+    INVALID = -1
+    REDUCED_FUNCTIONALITY_MODE = 1
+    NO_EDR = 2
+    MISSING_EDR_POLICY = 3
+    MISSING_AV_POLICY = 4
+    MISSING_MFA = 5
+    NO_ASSET_MANAGER = 6
+    MISCONFIGURED_POLICY_SETTING = 7
+    MISSING_SCAN = 8
+    OUT_OF_DATE_SCAN = 9
+    NO_VULN_MANAGER = 10
+    USER_MISSING_ASSET_MANAGER = 11
+    USER_MISSING_EDR = 12
+    USER_MISSING_VULN_MANAGER = 13
+
+    @classmethod
+    def _missing_(cls, value):
+        return PartnerEvents.INVALID
+
+    @classmethod
+    def control_category_mapping(cls):
+        return {
+            PartnerEvents.REDUCED_FUNCTIONALITY_MODE: [ControlCategory.XDR],
+            PartnerEvents.NO_EDR: [
+                ControlCategory.XDR,
+            ],
+            PartnerEvents.MISSING_EDR_POLICY: [ControlCategory.XDR],
+            PartnerEvents.MISSING_AV_POLICY: [ControlCategory.XDR],
+            PartnerEvents.MISSING_MFA: [ControlCategory.IDENTITY],
+            PartnerEvents.NO_ASSET_MANAGER: [ControlCategory.ASSET_MANAGER],
+            PartnerEvents.MISCONFIGURED_POLICY_SETTING: [
+                ControlCategory.XDR,
+                ControlCategory.EMAIL,
+                ControlCategory.IDENTITY,
+            ],
+            PartnerEvents.MISSING_SCAN: [ControlCategory.VULN_MANAGER],
+            PartnerEvents.OUT_OF_DATE_SCAN: [ControlCategory.VULN_MANAGER],
+            PartnerEvents.NO_VULN_MANAGER: [ControlCategory.VULN_MANAGER],
+            PartnerEvents.USER_MISSING_ASSET_MANAGER: [ControlCategory.IDENTITY],
+            PartnerEvents.USER_MISSING_EDR: [ControlCategory.IDENTITY],
+            PartnerEvents.USER_MISSING_VULN_MANAGER: [ControlCategory.IDENTITY],
+        }
+
+
+class AlertTypes(Enum, metaclass=MissingItem):
+    INVALID = -1
+    NEW_REDUCED_FUNCTIONALITY_MODE_ENDPOINTS = 1
+    NEW_NO_EDR_ENDPOINTS = 2
+    NEW_MISSING_EDR_POLICY_ENDPOINTS = 3
+    NEW_MISSING_AV_POLICY_ENDPOINTS = 4
+    NEW_MISSING_MFA_USERS = 5
+    NEW_NO_ASSET_MANAGER_ENDPOINTS = 6
+    NEW_POLICY_SETTING_FAILURE = 7
+    NEW_POLICY_SETTING_PASS = 8
+    NEW_MISSING_SCAN_ENDPOINTS = 9
+    NEW_NO_VULN_MANAGER_ENDPOINTS = 10
+    NEW_OUT_OF_DATE_SCAN_ENDPOINTS = 11
+    NEW_USER_MISSING_ASSET_MANAGER = 12
+    NEW_USER_MISSING_EDR = 13
+    NEW_USER_MISSING_VULN_MANAGER = 14
+
+    @classmethod
+    def _missing_(cls, value):
+        return AlertTypes.INVALID
+
+
+class PolicyType(Enum, metaclass=MissingItem):
+    INVALID = 0
+    EDR = 1
+    AV = 2
+    IDENTITY_PASSWORD = 3
+    EMAIL_ANTIPHISH = 4
+    EMAIL_OUTBOUND = 5
+    EMAIL_CONTENT = 6
+    EMAIL_MALWARE = 7
+    EMAIL_ATTACHMENT = 8
+    EMAIL_LINKS = 9
+    EMAIL_DKIM = 10
+    DEVICE_COMPLIANCE = 11
+    IDENTITY_MFA = 12
+
+    @classmethod
+    def _missing_(cls, value):
+        return PolicyType.INVALID
+
+
+class Platform(Enum, metaclass=MissingItem):
+    INVALID = 0
+    WINDOWS = 1
+    DARWIN = 2
+    LINUX = 3
+    ALL = 4
+
+    @classmethod
+    def _missing_(cls, value):
+        return Platform.INVALID

prelude_sdk_beta-1406.dist-info/METADATA

@@ -0,0 +1,46 @@
+Metadata-Version: 2.4
+Name: prelude-sdk-beta
+Version: 1406
+Summary: For interacting with the Prelude API
+Home-page: https://github.com/preludeorg
+Author: Prelude Research
+Author-email: support@preludesecurity.com
+Classifier: Programming Language :: Python :: 3
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: requests
+Dynamic: license-file
+
+# Prelude SDK
+
+Interact with the Prelude Service API via Python. 
+
+> The prelude-cli utility wraps around this SDK to provide a rich command line experience.
+
+Install this package to write your own tooling that works with Build or Detect functionality.
+
+- IAM: manage your account
+- Build: write and maintain your collection of security tests
+- Detect: schedule security tests for your endpoints
+
+## Quick start
+
+```bash
+pip install prelude-sdk
+```
+
+## Documentation 
+
+TBD
+
+## Testing
+
+To test the Python SDK and Probes, run the following commands from the python/sdk/ directory:
+
+```bash
+pip install -r tests/requirements.txt
+pytest tests --api https://api.preludesecurity.com --email <EMAIL>
+```

prelude_sdk_beta-1406.dist-info/RECORD

@@ -0,0 +1,20 @@
+prelude_sdk_beta/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+prelude_sdk_beta/controllers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+prelude_sdk_beta/controllers/build_controller.py,sha256=XpsjsVJCcJ9jDOugBAqf2-tsvJYjyBk-_2wgVwaYfEw,8817
+prelude_sdk_beta/controllers/detect_controller.py,sha256=0FAtg_HEZ2Z3ZDbfO8mpOKViF25tqHaFR5rUGRuULJA,7509
+prelude_sdk_beta/controllers/export_controller.py,sha256=sTbRGmMa0xa7pB8AjSlJgifpXzutPHWw4bJBGygoAc4,862
+prelude_sdk_beta/controllers/generate_controller.py,sha256=gNSr2yV1o8kdTy7heJ9bI31efEKyTKdacIkKl_eRIRg,1319
+prelude_sdk_beta/controllers/http_controller.py,sha256=cj1SxmAX049ioAhTOQR4atuM82nJgd11S60-ISCg738,2300
+prelude_sdk_beta/controllers/iam_controller.py,sha256=w40NO1kxPxLMFDICx32pqfZbTfDJTL9G-jxF6nR01Lw,7871
+prelude_sdk_beta/controllers/jobs_controller.py,sha256=dwoBGX-gAVNKE8sbx1N_4jUJVDVSdNRYD826G0pfix0,765
+prelude_sdk_beta/controllers/partner_controller.py,sha256=WV51CY-Bsf8Ms59y7RjtfvCmsArBoXt5-AHqrN8Eras,5128
+prelude_sdk_beta/controllers/probe_controller.py,sha256=d2Aa74Css1uMNgBKGWqavbkEbXtVcOkYIIWbhDxzLS0,411
+prelude_sdk_beta/controllers/scm_controller.py,sha256=X2CU11Se_zgGLKAR_whIlWMZdgT72XSfKCSP-gxNJaI,12793
+prelude_sdk_beta/models/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+prelude_sdk_beta/models/account.py,sha256=ksyTZDOZpbT8XDu-Ygs_51ZG25oBd8qiwjO6-L6HH9Y,8734
+prelude_sdk_beta/models/codes.py,sha256=-gxBflkV-RdE3LwGSDDSO48eK-J8skZ5CivMD2MYc5w,11425
+prelude_sdk_beta-1406.dist-info/licenses/LICENSE,sha256=ttdT5omfN6LNmtQoIjUhkkFhz6i44SDMRNwKrbfyTf8,1069
+prelude_sdk_beta-1406.dist-info/METADATA,sha256=L5B1pm77Vyl6sSukal59cWaI0uT5hw4tid0TkZTdzGs,1190
+prelude_sdk_beta-1406.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+prelude_sdk_beta-1406.dist-info/top_level.txt,sha256=pqXTtEd5ElvJKoO6HAz232H9FW5j6X7gW4kEEakfSFM,17
+prelude_sdk_beta-1406.dist-info/RECORD,,

prelude_sdk_beta-1406.dist-info/WHEEL

@@ -0,0 +1,5 @@
+Wheel-Version: 1.0
+Generator: setuptools (80.9.0)
+Root-Is-Purelib: true
+Tag: py3-none-any
+

prelude_sdk_beta-1406.dist-info/licenses/LICENSE

@@ -0,0 +1,9 @@
+MIT LICENSE
+
+Copyright 2022, Prelude Research
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

prelude_sdk_beta-1406.dist-info/top_level.txt

@@ -0,0 +1 @@
+prelude_sdk_beta