stratus

package
v2.4.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 30, 2022 License: Apache-2.0 Imports: 4 Imported by: 3

Documentation

Index

Constants

View Source
const (
	AttackTechniqueStatusCold      = "COLD"
	AttackTechniqueStatusWarm      = "WARM"
	AttackTechniqueStatusDetonated = "DETONATED"
)
View Source
const (
	AWS        = "AWS"
	Kubernetes = "kubernetes"
	Azure      = "azure"
	GCP        = "GCP"
)

Variables

This section is empty.

Functions

func AWSProvider

func AWSProvider() *providers.AWSProvider

func EnsureAuthenticated

func EnsureAuthenticated(platform Platform) error

EnsureAuthenticated ensures that the current user is properly authenticated against a specific platform

func K8sProvider

func K8sProvider() *providers.K8sProvider

Types

type AttackTechnique

type AttackTechnique struct {
	// Short identifier, e.g. aws.persistence.create-iam-user
	ID string

	// Friendly-looking short name
	FriendlyName string

	// Full description (multi-line)
	Description string

	// Pointer and leads for detection opportunities (multi-line)
	Detection string

	// Indicates if the technique is expected to be slow to warm-up or detonate
	IsSlow bool

	// MITRE ATT&CK Tactics to which this technique maps
	// see https://attack.mitre.org/techniques/enterprise/
	MitreAttackTactics []mitreattack.Tactic

	// The platform of the technique, e.g. AWS
	Platform Platform

	// Terraform code to apply to create the necessary prerequisites for the technique to be detonated
	PrerequisitesTerraformCode []byte

	// Detonation function
	// Parameters are the Terraform outputs
	Detonate func(params map[string]string) error

	// Indicates if the detonation function is idempotent, i.e. if it can be run multiple times without reverting it
	IsIdempotent bool

	// Reversion function, to revert the side effects of a detonation
	Revert func(params map[string]string) error
}

func (AttackTechnique) String

func (m AttackTechnique) String() string

type AttackTechniqueFilter

type AttackTechniqueFilter struct {
	Platform Platform
	Tactic   mitreattack.Tactic
}

type AttackTechniqueState

type AttackTechniqueState string

type Platform

type Platform string

func PlatformFromString

func PlatformFromString(name string) (Platform, error)

type Registry

type Registry struct {
	// contains filtered or unexported fields
}

func GetRegistry

func GetRegistry() *Registry

func NewRegistry

func NewRegistry() Registry

func (*Registry) GetAttackTechniqueByName

func (m *Registry) GetAttackTechniqueByName(name string) *AttackTechnique

func (*Registry) GetAttackTechniques

func (m *Registry) GetAttackTechniques(filter *AttackTechniqueFilter) []*AttackTechnique

func (*Registry) ListAttackTechniques

func (m *Registry) ListAttackTechniques() []*AttackTechnique

func (*Registry) RegisterAttackTechnique

func (m *Registry) RegisterAttackTechnique(technique *AttackTechnique)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL