rosetta-ce 1.5.3__py3.11.egg → 1.5.5__py3.11.egg

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of rosetta-ce might be problematic. Click here for more details.

Files changed (8) hide show
  1. EGG-INFO/PKG-INFO +1 -1
  2. EGG-INFO/SOURCES.txt +1 -0
  3. rosetta/__pycache__/rfaker.cpython-311.pyc +0 -0
  4. rosetta/constants/__pycache__/attributes.cpython-311.pyc +0 -0
  5. rosetta/constants/__pycache__/systems.cpython-311.pyc +0 -0
  6. rosetta/constants/attributes.py +5 -0
  7. rosetta/constants/systems.py +0 -5
  8. rosetta/rfaker.py +3 -2
EGG-INFO/PKG-INFO CHANGED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: rosetta-ce
3
- Version: 1.5.3
3
+ Version: 1.5.5
4
4
  Summary: Rosetta is a Python package that can be used to fake security logs and alerts for testing different detection and response use cases.
5
5
  Home-page: https://github.com/ayman-m/rosetta
6
6
  Author: Ayman Mahmoud
EGG-INFO/SOURCES.txt CHANGED
@@ -6,6 +6,7 @@ rosetta/rconverter.py
6
6
  rosetta/rfaker.py
7
7
  rosetta/rsender.py
8
8
  rosetta/constants/__init__.py
9
+ rosetta/constants/attributes.py
9
10
  rosetta/constants/sensors.py
10
11
  rosetta/constants/sources.py
11
12
  rosetta/constants/systems.py
rosetta/__pycache__/rfaker.cpython-311.pyc CHANGED
Binary file
rosetta/constants/attributes.py ADDED
@@ -0,0 +1,5 @@
1
+ INCIDENTS_TYPES = [
2
+ 'Malware', 'Phishing', 'Access Violation', 'Lateral Movement', 'Port Scan', 'Sql Injection', 'Brute Force',
3
+ 'Control Avoidance', 'Rogue Device', 'Denial Of Service', 'Account Compromised'
4
+ ]
5
+ SEVERITIES = ['Low', 'Medium', 'High', 'Critical']
rosetta/constants/systems.py CHANGED
@@ -98,8 +98,3 @@ WIN_EVENTS = [
98
98
  '<Data Name="TokenElevationType">TokenElevationTypeLimited (3)</Data>'
99
99
  '<Data Name="ProcessCommandLine">{cmd}</Data>'
100
100
  ]
101
-
102
- INCIDENTS_TYPES = [
103
- 'Malware', 'Phishing', 'Access Violation', 'Lateral Movement', 'Port Scan', 'Sql Injection', 'Brute Force',
104
- 'Control Avoidance', 'Rogue Device', 'Denial Of Service', 'Account Compromised'
105
- ]
rosetta/rfaker.py CHANGED
@@ -12,7 +12,8 @@ from datetime import datetime, timedelta
12
12
  from typing import Optional, List
13
13
  from rosetta.constants.sources import BAD_IP_SOURCES, GOOD_IP_SOURCES, BAD_URL_SOURCES, GOOD_URL_SOURCES, \
14
14
  BAD_SHA256_SOURCES, GOOD_SHA256_SOURCES, CVE_SOURCES, TERMS_SOURCES
15
- from rosetta.constants.systems import UNIX_CMD, WINDOWS_CMD, WIN_PROCESSES, WIN_EVENTS, INCIDENTS_TYPES
15
+ from rosetta.constants.systems import UNIX_CMD, WINDOWS_CMD, WIN_PROCESSES, WIN_EVENTS
16
+ from rosetta.constants.attributes import INCIDENTS_TYPES, SEVERITIES
16
17
  from rosetta.constants.sensors import ACTIONS, PROTOCOLS, TECHNIQUES, ERROR_CODE
17
18
 
18
19
 
@@ -304,7 +305,7 @@ class Events:
304
305
  else random.choice(UNIX_CMD)
305
306
  if field == "severity":
306
307
  field_value = random.choice(observables.severity) if observables and observables.severity \
307
- else faker.random_int(min=1, max=5)
308
+ else random.choice(SEVERITIES)
308
309
  if field == "local_ip":
309
310
  field_value = random.choice(observables.local_ip) if observables and observables.local_ip \
310
311
  else faker.ipv4()