txt2stix 1.0.2__py3-none-any.whl → 1.0.4__py3-none-any.whl

txt2stix/attack_flow.py

@@ -21,14 +21,14 @@ def parse_flow(report, flow: AttackFlowList, techniques, tactics):
     for i, item in enumerate(flow.items):
         try:
             technique = techniques[item.attack_technique_id]
-            tactic_id = technique['possible_tactics'][flow.tactic_mapping[item.attack_technique_id]]
+            tactic_id = technique["possible_tactics"][
+                flow.tactic_mapping[item.attack_technique_id]
+            ]
             technique_obj = technique["stix_obj"]
             tactic_obj = tactics[technique["domain"]][tactic_id]
             action_obj = AttackAction(
                 **{
-                    "id": flow_id(
-                        report["id"], item.attack_technique_id, tactic_id
-                    ),
+                    "id": flow_id(report["id"], item.attack_technique_id, tactic_id),
                     "effect_refs": [f"attack-action--{str(uuid.uuid4())}"],
                     "technique_id": item.attack_technique_id,
                     "technique_ref": technique_obj["id"],
@@ -149,14 +149,21 @@ def get_techniques_from_extracted_objects(objects: dict, tactics: dict):
 
 def create_navigator_layer(report, summary, flow: AttackFlowList, techniques):
     domains = {}
+    comments = {item.attack_technique_id: item.description for item in flow.items}
     for technique in techniques.values():
         domain_techniques = domains.setdefault(technique["domain"], [])
         technique_id = technique["id"]
         if technique_id not in flow.tactic_mapping:
             continue
-        domain_techniques.append(
-            dict(techniqueID=technique_id, tactic=flow.tactic_mapping[technique_id])
+        technique_item = dict(
+            techniqueID=technique_id,
+            tactic=flow.tactic_mapping[technique_id],
+            score=100,
+            showSubtechniques=True,
         )
+        if comment := comments.get(technique_id):
+            technique_item["comment"] = comment
+        domain_techniques.append(technique_item)
 
     retval = []
 
@@ -174,7 +181,13 @@ def create_navigator_layer(report, summary, flow: AttackFlowList, techniques):
                     "maxValue": 100,
                 },
                 "legendItems": [],
-                "metadata": [],
+                "metadata": [{"name": "report_id", "value": report.id}],
+                "links": [
+                    {
+                        "label": "Generated using txt2stix",
+                        "url": "https://github.com/muchdogesec/txt2stix/",
+                    }
+                ],
                 "layout": {"layout": "side"},
             }
         )
@@ -191,10 +204,12 @@ def extract_attack_flow_and_navigator(
     ex: BaseAIExtractor = ai_settings_relationships
     tactics = get_all_tactics()
     techniques = get_techniques_from_extracted_objects(bundler.bundle.objects, tactics)
+    if not techniques:
+        return None, None
+    
     logged_techniques = [
-            {k: v for k, v in t.items() if k != "stix_obj"}
-            for t in techniques.values()
-        ]
+        {k: v for k, v in t.items() if k != "stix_obj"} for t in techniques.values()
+    ]
     logging.debug(f"parsed techniques: {json.dumps(logged_techniques, indent=4)}")
 
     flow = ex.extract_attack_flow(preprocessed_text, techniques)
@@ -204,5 +219,7 @@ def extract_attack_flow_and_navigator(
         bundler.flow_objects = parse_flow(bundler.report, flow, techniques, tactics)
 
     if ai_create_attack_navigator_layer:
-        navigator = create_navigator_layer(bundler.report, bundler.summary, flow, techniques)
+        navigator = create_navigator_layer(
+            bundler.report, bundler.summary, flow, techniques
+        )
     return flow, navigator

txt2stix/txt2stix.py

@@ -440,11 +440,11 @@ def main():
         output_path = output_dir/f"{bundler.bundle.id}.json"
         output_path.write_text(out)
         logger.info(f"Wrote bundle output to `{output_path}`")
-        data_path = output_dir/"data.json"
+        data_path = output_dir/f"data--{args.report_id}.json"
         data_path.write_text(data.model_dump_json(indent=4))
         logger.info(f"Wrote data output to `{data_path}`")
         for nav_layer in data.navigator_layer or []:
-            nav_path = output_dir/f"navigator-{nav_layer['domain']}.json"
+            nav_path = output_dir/f"navigator-{nav_layer['domain']}----{args.report_id}.json"
             nav_path.write_text(json.dumps(nav_layer, indent=4))
             logger.info(f"Wrote navigator output to `{nav_path}`")
     except argparse.ArgumentError as e:

{txt2stix-1.0.2.dist-info → txt2stix-1.0.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: txt2stix
-Version: 1.0.2
+Version: 1.0.4
 Summary: txt2stix is a Python script that is designed to identify and extract IoCs and TTPs from text files, identify the relationships between them, convert them to STIX 2.1 objects, and output as a STIX 2.1 bundle.
 Project-URL: Homepage, https://github.com/muchdogesec/txt2stix
 Project-URL: Issues, https://github.com/muchdogesec/txt2stix/issues

{txt2stix-1.0.2.dist-info → txt2stix-1.0.4.dist-info}/RECORD

@@ -1,5 +1,5 @@
 txt2stix/__init__.py,sha256=Sm_VT913IFuAZ6dJEdVz3baPwC5VYtHySVfBAOUG92w,803
-txt2stix/attack_flow.py,sha256=DLDaNXB_gxuqdEb_A1VQO_nu69MG23nolTx7-JESrKI,7889
+txt2stix/attack_flow.py,sha256=WnhihbY_ltWOXrmzigTHIwj1pzSIQqKpu2sPe2M465k,8489
 txt2stix/bundler.py,sha256=kqUNW9_jktuMyWSkoAa-ydZY-L5gzSSkthb7OdhUiKo,16854
 txt2stix/common.py,sha256=ISnGNKqJPE1EcfhL-x_4G18mcwt1urmorkW-ru9kV-0,585
 txt2stix/extractions.py,sha256=_tlsqYHhfAoV-PJzxRHysrX47uxCsMlSg7PQWxww1u0,2171
@@ -7,7 +7,7 @@ txt2stix/indicator.py,sha256=c6S0xx0K8JM-PT_Qd1PlN_ZlDXdnEwiRS8529iUp3yg,30774
 txt2stix/lookups.py,sha256=h42YVtYUkWZm6ZPv2h5hHDHDzDs3yBqrT_T7pj2MDZI,2301
 txt2stix/retriever.py,sha256=auKlk6JlRE9en-oiQ5KICMW0IwmU8R558o0K5UmEQZc,5550
 txt2stix/stix.py,sha256=9nXD9a2dCY4uaatl-mlIA1k3srwQBhGW-tUSho3iYe0,30
-txt2stix/txt2stix.py,sha256=HYXN9dKzakoqdqJ4wSthwGdFIxOm6KTegiQlVmfp0eQ,18169
+txt2stix/txt2stix.py,sha256=9i03BOYz34G_qaf5oTUm3YhDLDeqaPkik3dDyEjpFAE,18208
 txt2stix/utils.py,sha256=n6mh4t9ZRJ7iT4Jvp9ai_dfCXjgXNcRtF_zXO7nkpnk,3304
 txt2stix/ai_extractor/__init__.py,sha256=5Tf6Co9THzytBdFEVhD-7vvT05TT3nSpltnAV1sfdoM,349
 txt2stix/ai_extractor/anthropic.py,sha256=mdz-8CB-BSCEqnK5l35DRZURVPUf508ef2b48XMxmuk,441
@@ -112,8 +112,8 @@ txt2stix/includes/lookups/threat_actor.txt,sha256=QfDO9maQuqKBgW_Sdd7VGv1SHZ9Ra-
 txt2stix/includes/lookups/tld.txt,sha256=-MEgJea2NMG_KDsnc4BVvI8eRk5Dm93L-t8SGYx5wMo,8598
 txt2stix/includes/lookups/tool.txt,sha256=HGKG6JpUE26w6ezzSxOjBkp15UpSaB7N-mZ_NU_3G7A,6
 txt2stix/includes/tests/test_cases.yaml,sha256=QD1FdIunpPkOpsn6wJRqs2vil_hv8OSVaqUp4a96aZg,22247
-txt2stix-1.0.2.dist-info/METADATA,sha256=-qdpBMRkkfhkAvFlAK8ya9Dj8ZYnXH0rt-NJSH8bqnw,14887
-txt2stix-1.0.2.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-txt2stix-1.0.2.dist-info/entry_points.txt,sha256=x6QPtt65hWeomw4IpJ_wQUesBl1M4WOLODbhOKyWMFg,55
-txt2stix-1.0.2.dist-info/licenses/LICENSE,sha256=BK8Ppqlc4pdgnNzIxnxde0taoQ1BgicdyqmBvMiNYgY,11364
-txt2stix-1.0.2.dist-info/RECORD,,
+txt2stix-1.0.4.dist-info/METADATA,sha256=dyi1Sej16Pl7EBTkcWNnYkoeU-d9R4mIwKSd2sF1Kec,14887
+txt2stix-1.0.4.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+txt2stix-1.0.4.dist-info/entry_points.txt,sha256=x6QPtt65hWeomw4IpJ_wQUesBl1M4WOLODbhOKyWMFg,55
+txt2stix-1.0.4.dist-info/licenses/LICENSE,sha256=BK8Ppqlc4pdgnNzIxnxde0taoQ1BgicdyqmBvMiNYgY,11364
+txt2stix-1.0.4.dist-info/RECORD,,