rosetta-ce 1.7.1__py3-none-any.whl → 1.7.3__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of rosetta-ce might be problematic. Click here for more details.

Files changed (7) hide show
  1. rosetta/constants/systems.py +2 -2
  2. rosetta/rfaker.py +6 -5
  3. {rosetta_ce-1.7.1.dist-info → rosetta_ce-1.7.3.dist-info}/METADATA +1 -1
  4. {rosetta_ce-1.7.1.dist-info → rosetta_ce-1.7.3.dist-info}/RECORD +7 -7
  5. {rosetta_ce-1.7.1.dist-info → rosetta_ce-1.7.3.dist-info}/WHEEL +1 -1
  6. {rosetta_ce-1.7.1.dist-info → rosetta_ce-1.7.3.dist-info}/LICENSE +0 -0
  7. {rosetta_ce-1.7.1.dist-info → rosetta_ce-1.7.3.dist-info}/top_level.txt +0 -0
rosetta/constants/systems.py CHANGED
@@ -104,7 +104,7 @@ WIN_EVENTS = [
104
104
  '<Data Name="SubjectDomainName">{src_domain}</Data><Data Name="SubjectLogonId">'
105
105
  '{user}</Data>'
106
106
  '<Data Name="NewProcessId">{new_process_id}</Data><Data Name="ProcessId">{process_id}</Data>'
107
- '<Data Name="CommandLine">{cmd}</Data><Data Name="TargetUserSid">{user}</Data>'
107
+ '<Data Name="CommandLine">{win_cmd}</Data><Data Name="TargetUserSid">{user}</Data>'
108
108
  '<Data Name="TargetUserName">{user}</Data><Data Name="TargetDomainName">'
109
109
  '{src_domain}</Data>'
110
110
  '<Data Name="TargetLogonId">{user}</Data><Data Name="LogonType">3</Data></EventData></Event>',
@@ -142,5 +142,5 @@ WIN_EVENTS = [
142
142
  '<Data Name="NewProcessId">{new_process_id}</Data>'
143
143
  '<Data Name="CreatorProcessId">{process_id}</Data>'
144
144
  '<Data Name="TokenElevationType">TokenElevationTypeLimited (3)</Data>'
145
- '<Data Name="ProcessCommandLine">{cmd}</Data>'
145
+ '<Data Name="ProcessCommandLine">{win_cmd}</Data>'
146
146
  ]
rosetta/rfaker.py CHANGED
@@ -641,13 +641,13 @@ class Events:
641
641
  "thread_id",
642
642
  "target_pid",
643
643
  "subject_login_id",
644
- "user_id",
644
+ "win_user_id",
645
645
  "destination_login_id",
646
646
  "privilege_list",
647
647
  "win_process",
648
648
  "src_host",
649
- "user_name",
650
- "cmd",
649
+ "user",
650
+ "win_cmd",
651
651
  "source_network_address",
652
652
  "local_port",
653
653
  "transmitted_services",
@@ -837,6 +837,7 @@ class Events:
837
837
  # Generate analyst list if not provided in observables
838
838
  incident_types = observables.incident_types if observables and observables.incident_types else INCIDENTS_TYPES
839
839
  analysts = observables.analysts if observables and observables.analysts else [faker.unique.first_name() for _ in range(10)]
840
+ severities = observables.severity if observables and observables.severity else [faker.random_int(min=1, max=5) for _ in range(10)]
840
841
 
841
842
  incident_type_cycle = itertools.cycle(incident_types)
842
843
  for i in range(count):
@@ -844,8 +845,8 @@ class Events:
844
845
  duration = random.randint(1, 5)
845
846
  incident_type = next(incident_type_cycle)
846
847
  analyst = random.choice(analysts)
847
- severity = Events._set_field('severity', observables) or faker.random_int(min=1, max=5)
848
- description = Events._set_field('terms', observables) or faker.sentence(nb_words=10)
848
+ severity = random.choice(severities)
849
+ description = Events._set_field('terms')
849
850
 
850
851
  # Add base fields
851
852
  incident = {}
{rosetta_ce-1.7.1.dist-info → rosetta_ce-1.7.3.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: rosetta-ce
3
- Version: 1.7.1
3
+ Version: 1.7.3
4
4
  Summary: Rosetta is a Python package that can be used to fake security logs and alerts for testing different detection and response use cases.
5
5
  Home-page: https://github.com/ayman-m/rosetta
6
6
  Author: Ayman Mahmoud
{rosetta_ce-1.7.1.dist-info → rosetta_ce-1.7.3.dist-info}/RECORD RENAMED
@@ -1,15 +1,15 @@
1
1
  rosetta/__init__.py,sha256=9rqZF7bpDMRN5H-rjNRUfzQAOIqyc21hTTZfYufTy04,92
2
2
  rosetta/rconverter.py,sha256=oPdWMtO6_aeQC8PqCl4nHKEpVb1kaBACSaNXsz-o00Q,3008
3
- rosetta/rfaker.py,sha256=Ve7D-swOdN8dyTTZM1L2jXh7SCRfq6oLG_E1qVTT5mE,38446
3
+ rosetta/rfaker.py,sha256=4O0xSEWKhdddGM6fF0XzWBbL19AERtDs55koWWnDkcw,38494
4
4
  rosetta/rsender.py,sha256=Zfj9MVckO49iabxCQ19fkGKpKnzOXB1iHOTb9CgkzsE,10463
5
5
  rosetta/constants/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
6
6
  rosetta/constants/attributes.py,sha256=dxPzi5D00U8Fvo1B1u1bC5-kYqN3lCIpYwwroHHp-hw,4622
7
7
  rosetta/constants/db.py,sha256=ZobruGzgijbbFHEnLGuwVwZTxLCBL-_vdmUDPVv3OAo,4708
8
8
  rosetta/constants/sensors.py,sha256=ZxPWFrNqDFKRVn9ai-5vtvIiU4-3FAXQIRj7gFoBRPk,1936
9
9
  rosetta/constants/sources.py,sha256=b3ynlKGw1gw7VBA4yCYkJ7aq4vVPfypqA8W_kuAZaBA,1658
10
- rosetta/constants/systems.py,sha256=LxrokxCqv-CKTSEK8199Qxlv5eSKAvp2OYKI28o-Lpw,7403
11
- rosetta_ce-1.7.1.dist-info/LICENSE,sha256=jF5fCbmI1A-yyvPAEeQ5VHM094tRLlWsMyun-UlX-pQ,1070
12
- rosetta_ce-1.7.1.dist-info/METADATA,sha256=-6hMIFZXghZcjb9oHRMxIxcE02SSFAT0IJDVf8oI65M,11321
13
- rosetta_ce-1.7.1.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
14
- rosetta_ce-1.7.1.dist-info/top_level.txt,sha256=HLxDc6BJxHZDzVIlOwpCGH0DqIf65OhZcHniRDaUUZc,8
15
- rosetta_ce-1.7.1.dist-info/RECORD,,
10
+ rosetta/constants/systems.py,sha256=_6_qf8PaQGgxh1btJqBP_BtprdvvmLwMLu2hF_DVGWk,7411
11
+ rosetta_ce-1.7.3.dist-info/LICENSE,sha256=jF5fCbmI1A-yyvPAEeQ5VHM094tRLlWsMyun-UlX-pQ,1070
12
+ rosetta_ce-1.7.3.dist-info/METADATA,sha256=chFlicQ0wemKkxCrDDb7Ou99PZma5Rc30w5Z-v3HNvA,11321
13
+ rosetta_ce-1.7.3.dist-info/WHEEL,sha256=A3WOREP4zgxI0fKrHUG8DC8013e3dK3n7a6HDbcEIwE,91
14
+ rosetta_ce-1.7.3.dist-info/top_level.txt,sha256=HLxDc6BJxHZDzVIlOwpCGH0DqIf65OhZcHniRDaUUZc,8
15
+ rosetta_ce-1.7.3.dist-info/RECORD,,
{rosetta_ce-1.7.1.dist-info → rosetta_ce-1.7.3.dist-info}/WHEEL RENAMED
@@ -1,5 +1,5 @@
1
1
  Wheel-Version: 1.0
2
- Generator: setuptools (75.6.0)
2
+ Generator: setuptools (75.7.0)
3
3
  Root-Is-Purelib: true
4
4
  Tag: py3-none-any
5
5