merging in develop

mitre-attack · Jun 25, 2021 · 77b7670 · 77b7670
2 parents 16eeafa + 651fdc0
commit 77b7670
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 14 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,8 @@
+# 25 June 2021
+# v1.9.2
+## Fixes
+- Patched list of data sources in [techniques_data_sources_vis.py](/scripts/techniques_data_sources_vis.py) and [techniques_from_Data_source.py](/scripts/techniques_from_Data_source.py) to use current data sources.
+
 # v1.9.1 - 9 April 2021
 With the release of our [mitreattack-python](https://github.com/mitre-attack/mitreattack-python) pip module, we're removing the tools previously found in the `layers` folder as they are now part of that module.
 

diff --git a/scripts/techniques_data_sources_vis.py b/scripts/techniques_data_sources_vis.py
@@ -480,18 +480,18 @@ def defaultStr(multi=False):
         nargs="+",
         metavar=("datasource1", "datasource2"),
         default=[
-            "windows event logs",
-            "anti-virus",
-            "binary file metadata",
-            "data loss prevention",
-            "dll monitoring",
-            "loaded dlls",
-            "malware reverse engineering",
-            "netflow/enclave netflow",
-            "network intrusion detection system",
-            "network protocol analysis",
-            "ssl/tls inspection",
-            "system calls"
+            "user account: user account creation",
+            "active directory: active directory object creation",
+            "container: container creation",
+            "driver: driver load",
+            "file: file deletion",
+            "firmware: firmware modification",
+            "instance: instance creation",
+            "logon session: logon session metadata",
+            "scheduled job: scheduled job creation",
+            "service: service modification",
+            "process: process metadata",
+            "sensor health: host status"
         ],
         help="list data source names for datasources written in techniques_datasources.csv." + defaultStr(True)
     )
@@ -519,4 +519,4 @@ def defaultStr(multi=False):
     args = parser.parse_args()
     verbose = args.verbose
     generate_content(args.datasources, args.tactics, args.output_folder)
-
+
diff --git a/scripts/techniques_from_data_source.py b/scripts/techniques_from_data_source.py
@@ -41,7 +41,7 @@ def techniques(data_source):
     )
     parser.add_argument("-data_source",
         type=str,
-        default="Windows Registry",
+        default="User Account: User Account Creation",
         help="the datasource by which to filter techniques. Default value is '%(default)s'."
     )