From da10c6d4399530a5d695e08daeaf63fade3d5eea Mon Sep 17 00:00:00 2001 From: Austin Songer Date: Sat, 4 Sep 2021 16:45:22 -0500 Subject: [PATCH 1/7] Create codespell.yml --- .github/workflows/codespell.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 .github/workflows/codespell.yml diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml new file mode 100644 index 0000000..6bf8645 --- /dev/null +++ b/.github/workflows/codespell.yml @@ -0,0 +1,10 @@ +name: codespell +on: [pull_request, push] +jobs: + codespell: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-python@v2 + - run: pip install codespell + - run: codespell || true # --ignore-words-list="" --skip="" From 834a39b15b7f1c7fbf60c665f5ae5a6d69a483c0 Mon Sep 17 00:00:00 2001 From: Austin Songer Date: Sat, 4 Sep 2021 16:51:04 -0500 Subject: [PATCH 2/7] Update and rename codespell.yml to lint_python.yml --- .github/workflows/codespell.yml | 10 ---------- .github/workflows/lint_python.yml | 21 +++++++++++++++++++++ 2 files changed, 21 insertions(+), 10 deletions(-) delete mode 100644 .github/workflows/codespell.yml create mode 100644 .github/workflows/lint_python.yml diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml deleted file mode 100644 index 6bf8645..0000000 --- a/.github/workflows/codespell.yml +++ /dev/null @@ -1,10 +0,0 @@ -name: codespell -on: [pull_request, push] -jobs: - codespell: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: actions/setup-python@v2 - - run: pip install codespell - - run: codespell || true # --ignore-words-list="" --skip="" diff --git a/.github/workflows/lint_python.yml b/.github/workflows/lint_python.yml new file mode 100644 index 0000000..f70fb93 --- /dev/null +++ b/.github/workflows/lint_python.yml @@ -0,0 +1,21 @@ +name: lint_python +on: [pull_request, push] +jobs: + lint_python: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-python@v2 + - run: pip install bandit black codespell flake8 isort mypy pytest pyupgrade safety + - run: bandit --recursive --skip B101 . || true # B101 is assert statements + - run: black --check . || true + - run: codespell || true # --ignore-words-list="" --skip="" + - run: flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics + - run: flake8 . --count --exit-zero --max-complexity=10 --max-line-length=88 --show-source --statistics + - run: isort --check-only --profile black . || true + - run: pip install -r requirements.txt || true + - run: mypy --install-types --non-interactive . || true + - run: pytest . || true + - run: pytest --doctest-modules . || true + - run: shopt -s globstar && pyupgrade --py36-plus **/*.py || true + - run: safety check From fe2c6bf6e7bf7feae8f861a6c106dba0637732a6 Mon Sep 17 00:00:00 2001 From: Austin Songer Date: Sat, 4 Sep 2021 16:54:09 -0500 Subject: [PATCH 3/7] Update lint_python.yml --- .github/workflows/lint_python.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/lint_python.yml b/.github/workflows/lint_python.yml index f70fb93..d4857fd 100644 --- a/.github/workflows/lint_python.yml +++ b/.github/workflows/lint_python.yml @@ -6,7 +6,7 @@ jobs: steps: - uses: actions/checkout@v2 - uses: actions/setup-python@v2 - - run: pip install bandit black codespell flake8 isort mypy pytest pyupgrade safety + - run: pip install bandit black codespell flake8 isort mypy pytest pyupgrade - run: bandit --recursive --skip B101 . || true # B101 is assert statements - run: black --check . || true - run: codespell || true # --ignore-words-list="" --skip="" @@ -18,4 +18,3 @@ jobs: - run: pytest . || true - run: pytest --doctest-modules . || true - run: shopt -s globstar && pyupgrade --py36-plus **/*.py || true - - run: safety check From e1aa81c057a29b4075734f4ad3d811089b0d8adc Mon Sep 17 00:00:00 2001 From: Austin Songer Date: Sat, 4 Sep 2021 16:59:58 -0500 Subject: [PATCH 4/7] Update changelog --- changelog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/changelog b/changelog index 58d34b2..c8f23f5 100644 --- a/changelog +++ b/changelog @@ -35,7 +35,7 @@ - Changes functions to use rule_id instead of id - Small improvements: - Parsing of Ability files - - Reduced the ammount of the default output messages + - Reduced the amount of the default output messages - Adds Pipfile - Better handling of the output CSV file - Remove hardcoded values for output @@ -46,7 +46,7 @@ 04/21/2021 ------------ - Version 0.0.9 - - Adds Paralel Batch Execution Capability + - Adds Parallel Batch Execution Capability - Adds Logging Capabilities 03/26/2021 From 5b9fd10a3418685b509e5bb99141b7c5b06e3999 Mon Sep 17 00:00:00 2001 From: Austin Songer Date: Sat, 4 Sep 2021 17:00:31 -0500 Subject: [PATCH 5/7] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c547601..f756073 100644 --- a/README.md +++ b/README.md @@ -85,7 +85,7 @@ There are currently two modes of execution: `Batch` and `Concurrent`. **Required params:** * `-t`: The Target Caldera Agent -* `-rf`: The relations file containg the ruleid to abilityid links +* `-rf`: The relations file containing the ruleid to abilityid links * `-b`: Batch Mode Switch **Example:** @@ -100,7 +100,7 @@ python .\main.py -t rkersr -rf .\relations.json -b * `-bc`: Switch that enables "Concurrent" execution type. * `-t`: The Target Caldera Agent -* `-rf`: The relations file containg the ruleid to abilityid links +* `-rf`: The relations file containing the ruleid to abilityid links **Example:** From c72d98edfae54d0bd0c9f566a6e1f7de2e5db256 Mon Sep 17 00:00:00 2001 From: Austin Songer Date: Sat, 4 Sep 2021 17:00:55 -0500 Subject: [PATCH 6/7] Update main.py --- main.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.py b/main.py index 6e6c999..f99fcf1 100644 --- a/main.py +++ b/main.py @@ -19,7 +19,7 @@ def setup_args(): parser.add_argument('-b', '--batch', action='store_true', help='Batch Execution of the tests on Rules specified in the relations file') parser.add_argument('-bae', '--bypass_ability_execution', dest='bypass_ability_execution', action='store_true', help='Switch to bypass ability execution phase and directly query elastic.') parser.add_argument('-ist', '--initial_sleep_time', type=int, default=120, help='Initial sleep time in seconds before making first call to elastic to check for detection...') - parser.add_argument('-ilt', '--initial_limit_time', type=int, default=300, help='Limit execution time in seconds before skiping to the next test') + parser.add_argument('-ilt', '--initial_limit_time', type=int, default=300, help='Limit execution time in seconds before skipping to the next test') parser.add_argument('-si', '--sleep_interval', type=int, default=30, help='Sleep time in seconds before making calls after the first one, to elastic to check for detection...') parser.add_argument('-rlt', '--rule_lookup_time', type=str, default="5m", help='Rule lookup time to check elastic rules triggered in the past. Eg: -rlt 5m...') parser.add_argument('-aa', '--ability_args', help='Arguments that are required by advanced abilities to be passed as variables for successful execution. Eg: field_name=value,field_name_2=value_2,...') From 292017628a74b0ad28e15f0c904df4266c27e05f Mon Sep 17 00:00:00 2001 From: Austin Songer Date: Sat, 4 Sep 2021 17:01:17 -0500 Subject: [PATCH 7/7] Update report.py --- utils/report.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils/report.py b/utils/report.py index 42da0b5..47ab1af 100644 --- a/utils/report.py +++ b/utils/report.py @@ -71,7 +71,7 @@ def generate_report(csvf, outputf, infof, logger): pagesize=letter ) all = list() - paragraph = ParagraphStyle('', aligment=10) + paragraph = ParagraphStyle('', alignment=10) generate_pie(dt) paragraph_1 = Paragraph("Result Percentage", ParagraphStyle('kk', fontSize=18, alignment=1), ) all.append(paragraph_1) @@ -92,4 +92,4 @@ def generate_report(csvf, outputf, infof, logger): tabf.close() graphf.close() os.remove("file.pdf") - os.remove("graph.pdf") \ No newline at end of file + os.remove("graph.pdf")