Documentation
¶
Index ¶
- Constants
- Variables
- type AlternateTerm
- type AssociatedGroup
- type AssociatedSoftware
- type AttackID
- type AttackSoftwareType
- type Attacker
- type AttackerGroup
- type AttackerReference
- type AttackerSoftware
- type CTI
- type CTIType
- type Capec
- type CapecID
- type Consequence
- type CveToTechniqueID
- type CveToTechniques
- type DataSource
- type DefenseBypassed
- type Domain
- type EffectivePermission
- type ExampleInstance
- type FetchMeta
- type GroupUsed
- type ImpactType
- type KillChainPhase
- type Mitigation
- type MitreAttack
- type MitreAttackerType
- type PermissionRequired
- type Prerequisite
- type Procedure
- type Reference
- type RelatedWeakness
- type Relationship
- type ResourceRequired
- type SkillRequired
- type SoftwarePlatform
- type SoftwareUsed
- type SubTechnique
- type Technique
- type TechniquePlatform
- type TechniqueReference
- type TechniqueSourceType
- type TechniqueUsed
Constants ¶
View Source
const LatestSchemaVersion = 1
LatestSchemaVersion manages the Schema version used in the latest go-cti.
Variables ¶
View Source
var ( // TechniqueType : TechniqueType CTIType = "Technique" // AttackerType : AttackerType CTIType = "Attacker" // MitreAttackType : MitreAttackType TechniqueSourceType = "MITRE-ATTACK" // CAPECType : CAPECType TechniqueSourceType = "CAPEC" // GroupType : GroupType MitreAttackerType = "Group" // SoftwareType : SoftwareType MitreAttackerType = "Software" // CampaignType : CampaignType MitreAttackerType = "Campaign" // MalwareType : MalwareType AttackSoftwareType = "Malware" // ToolType : ToolType AttackSoftwareType = "Tool" )
Functions ¶
This section is empty.
Types ¶
type AlternateTerm ¶
type AlternateTerm struct {
ID int64 `json:"-"`
CapecID int64 `gorm:"index:idx_alternate_term_capec_id" json:"-"`
Term string `gorm:"type:varchar(255)" json:"term"`
}
AlternateTerm is Child model of Capec
type AssociatedGroup ¶
type AssociatedGroup struct {
ID int64 `json:"-"`
AttackerGroupID int64 `gorm:"index:idx_associated_group_attacker_group_id" json:"-"`
Name string `gorm:"type:varchar(255)" json:"name"`
Description string `gorm:"type:text" json:"description"`
}
AssociatedGroup is Child models of Group
type AssociatedSoftware ¶
type AssociatedSoftware struct {
ID int64 `json:"-"`
AttackerSoftwareID int64 `gorm:"index:idx_associated_software_attacker_software_id" json:"-"`
Name string `gorm:"type:varchar(255)" json:"name"`
Description string `gorm:"type:text" json:"description"`
}
AssociatedSoftware is Child models of Software
type AttackID ¶
type AttackID struct {
ID int64 `json:"-"`
CapecID int64 `gorm:"index:idx_attack_id_capec_id" json:"-"`
AttackID string `gorm:"type:varchar(255)" json:"capec_id"`
}
AttackID is Child model of Capec
type Attacker ¶
type Attacker struct {
ID int64 `json:"-"`
AttackerID string `gorm:"type:varchar(255)" json:"attacker_id"`
Type MitreAttackerType `gorm:"type:varchar(255)" json:"type"`
Name string `gorm:"type:varchar(255)" json:"name"`
Description string `gorm:"type:text" json:"description"`
TechniquesUsed []TechniqueUsed `json:"techniques_used"`
References []AttackerReference `json:"references"`
Group *AttackerGroup `json:"group"`
Software *AttackerSoftware `json:"software"`
// Campaign *AttackerCampaign `json:"campaign"`
Created time.Time `json:"created"`
Modified time.Time `json:"modified"`
}
Attacker : MITRE ATT&CK Group and Software
type AttackerGroup ¶
type AttackerGroup struct {
ID int64 `json:"-"`
AttackerID int64 `gorm:"index:idx_attacker_group_attacker_id" json:"-"`
AssociatedGroups []AssociatedGroup `json:"associated_group"`
SoftwaresUsed []SoftwareUsed `json:"softwares_used"`
}
AttackerGroup is Child model of Attacker
type AttackerReference ¶
type AttackerReference struct {
ID int64 `json:"-"`
AttackerID int64 `gorm:"index:idx_attacker_reference_attacker_id" json:"-"`
Reference `gorm:"embedded"`
}
AttackerReference is Child model of Attacker
type AttackerSoftware ¶
type AttackerSoftware struct {
ID int64 `json:"-"`
AttackerID int64 `gorm:"index:idx_attacker_software_attacker_id" json:"-"`
Type AttackSoftwareType `gorm:"type:varchar(255)" json:"type"`
AssociatedSoftwares []AssociatedSoftware `json:"associated_softwares"`
Platforms []SoftwarePlatform `json:"platforms"`
GroupsUsed []GroupUsed `json:"groups_used"`
}
AttackerSoftware is Child model of Attacker
type CTI ¶
type CTI struct {
Type CTIType `json:"type"`
Technique *Technique `json:"technique,omitempty"`
Attacker *Attacker `json:"attacker,omitempty"`
}
CTI for response
type Capec ¶
type Capec struct {
ID int64 `json:"-"`
TechniqueID int64 `gorm:"index:idx_capec_technique_id" json:"-"`
AttackIDs []AttackID `json:"attack_ids"`
Status string `gorm:"type:varchar(255)" json:"status"`
ExtendedDescription string `gorm:"type:text" json:"extended_description"`
TypicalSeverity string `gorm:"type:varchar(255)" json:"typical_severity"`
LikelihoodOfAttack string `gorm:"type:varchar(255)" json:"likelihood_of_attack"`
Relationships []Relationship `json:"relationship"`
Domains []Domain `json:"domains"`
AlternateTerms []AlternateTerm `json:"alternate_terms"`
ExampleInstances []ExampleInstance `json:"example_instances"`
Prerequisites []Prerequisite `json:"prerequisites"`
ResourcesRequired []ResourceRequired `json:"resources_required"`
SkillsRequired []SkillRequired `json:"skills_required"`
Abstraction string `gorm:"type:varchar(255)" json:"abstraction"`
ExecutionFlow string `gorm:"type:text" json:"execution_flow"`
Consequences []Consequence `json:"consequences"`
RelatedWeaknesses []RelatedWeakness `json:"related_weaknesses"`
}
Capec is Child model of Technique
type CapecID ¶
type CapecID struct {
ID int64 `json:"-"`
MitreAttackID int64 `gorm:"index:idx_capec_id_mitre_attack_id" json:"-"`
CapecID string `gorm:"type:varchar(255)" json:"capec_id"`
}
CapecID is Child model of MitreAttack
type Consequence ¶
type Consequence struct {
ID int64 `json:"-"`
CapecID int64 `gorm:"index:idx_consequence_capec_id" json:"-"`
Consequence string `gorm:"type:text" json:"consequence"`
}
Consequence is Child model of Capec
type CveToTechniqueID ¶
type CveToTechniqueID struct {
ID int64 `json:"-"`
CveToTechniquesID int64 `json:"-"`
TechniqueID string `gorm:"type:varchar(255)" json:"technique_id"`
}
CveToTechniqueID :
type CveToTechniques ¶
type CveToTechniques struct {
ID int64 `json:"-"`
CveID string `gorm:"type:varchar(255);index:idx_mapping_cve_id" json:"cve_id"`
TechniqueIDs []CveToTechniqueID `json:"technique_ids"`
}
CveToTechniques :
type DataSource ¶
type DataSource struct {
ID int64 `json:"-"`
MitreAttackID int64 `gorm:"index:idx_data_source_mitre_attack_id" json:"-"`
Name string `gorm:"type:varchar(255)" json:"name"`
Description string `gorm:"type:text" json:"description"`
}
DataSource is Child model of MitreAttack
type DefenseBypassed ¶
type DefenseBypassed struct {
ID int64 `json:"-"`
MitreAttackID int64 `gorm:"index:idx_defense_bypassed_mitre_attack_id" json:"-"`
Defense string `gorm:"type:varchar(255)" json:"defense"`
}
DefenseBypassed is Child model of MitreAttack
type Domain ¶
type Domain struct {
ID int64 `json:"-"`
CapecID int64 `gorm:"index:idx_domain_capec_id" json:"-"`
Domain string `gorm:"type:varchar(255)" json:"domain"`
}
Domain is Child model of Capec
type EffectivePermission ¶
type EffectivePermission struct {
ID int64 `json:"-"`
MitreAttackID int64 `gorm:"index:idx_effective_permission_mitre_attack_id" json:"-"`
Permission string `gorm:"type:varchar(255)" json:"permission"`
}
EffectivePermission is Child model of MitreAttack
type ExampleInstance ¶
type ExampleInstance struct {
ID int64 `json:"-"`
CapecID int64 `gorm:"index:idx_example_instance_capec_id" json:"-"`
Instance string `gorm:"type:text" json:"instance"`
}
ExampleInstance is Child model of Capec
type FetchMeta ¶
type FetchMeta struct {
gorm.Model `json:"-"`
GoCTIRevision string
SchemaVersion uint
LastFetchedAt time.Time
}
FetchMeta has meta information
type GroupUsed ¶
type GroupUsed struct {
ID int64 `json:"-"`
AttackerSoftwareID int64 `gorm:"index:idx_group_used_attacker_software_id" json:"-"`
Name string `gorm:"type:varchar(255)" json:"name"`
Description string `gorm:"type:text" json:"description"`
}
GroupUsed is Child models of Software
type ImpactType ¶ added in v0.0.2
type ImpactType struct {
ID int64 `json:"-"`
MitreAttackID int64 `gorm:"index:idx_impact_type_mitre_attack_id" json:"-"`
Type string `gorm:"type:varchar(255)" json:"type"`
}
ImpactType is Child model of MitreAttack
type KillChainPhase ¶
type KillChainPhase struct {
ID int64 `json:"-"`
MitreAttackID int64 `gorm:"index:idx_kill_chain_phase_mitre_attack_id" json:"-"`
Tactic string `gorm:"type:varchar(255)" json:"tactic"`
}
KillChainPhase is Child model of MitreAttack
type Mitigation ¶
type Mitigation struct {
ID int64 `json:"-"`
TechniqueID int64 `gorm:"index:idx_mitigation_technique_id" json:"-"`
Name string `gorm:"type:text" json:"name"`
Description string `gorm:"type:text" json:"description"`
}
Mitigation is Child model of Technique
type MitreAttack ¶
type MitreAttack struct {
ID int64 `json:"-"`
TechniqueID int64 `gorm:"index:idx_mitre_attack_technique_id" json:"-"`
CapecIDs []CapecID `json:"capec_ids"`
Detection string `gorm:"type:text" json:"detection"`
KillChainPhases []KillChainPhase `json:"kill_chain_phases"`
DataSources []DataSource `json:"data_sources"`
Procedures []Procedure `json:"procedures"`
Platforms []TechniquePlatform `json:"platforms"`
PermissionsRequired []PermissionRequired `json:"permissions_required"`
EffectivePermissions []EffectivePermission `json:"effective_permissions"`
DefenseBypassed []DefenseBypassed `json:"defense_bypassed"`
ImpactType []ImpactType `json:"impact_type"`
NetworkRequirements bool `json:"network_requirements"`
RemoteSupport bool `json:"remote_support"`
SubTechniques []SubTechnique `json:"sub_techniques"`
}
MitreAttack is Child model of Technique
type PermissionRequired ¶
type PermissionRequired struct {
ID int64 `json:"-"`
MitreAttackID int64 `gorm:"index:idx_permission_required_mitre_attack_id" json:"-"`
Permission string `gorm:"type:varchar(255)" json:"permission"`
}
PermissionRequired is Child model of MitreAttack
type Prerequisite ¶
type Prerequisite struct {
ID int64 `json:"-"`
CapecID int64 `gorm:"index:idx_prerequisite_capec_id" json:"-"`
Prerequisite string `gorm:"type:text" json:"prerequisite"`
}
Prerequisite is Child model of Capec
type Procedure ¶
type Procedure struct {
ID int64 `json:"-"`
MitreAttackID int64 `gorm:"index:idx_procedure_mitre_attack_id" json:"-"`
Name string `gorm:"type:varchar(255)" json:"name"`
Description string `gorm:"type:text" json:"description"`
}
Procedure is Child model of MitreAttack
type Reference ¶
type Reference struct {
SourceName string `gorm:"type:varchar(255)" json:"source_name"`
Description string `gorm:"type:text" json:"description"`
URL string `gorm:"type:text" json:"url"`
}
Reference is Child model of Technique
type RelatedWeakness ¶
type RelatedWeakness struct {
ID int64 `json:"-"`
CapecID int64 `gorm:"index:idx_related_weakness_capec_id" json:"-"`
CweID string `gorm:"type:varchar(255)" json:"cwe_id"`
}
RelatedWeakness is Child model of Capec
type Relationship ¶
type Relationship struct {
ID int64 `json:"-"`
CapecID int64 `gorm:"index:idx_relationship_capec_id" json:"-"`
Nature string `gorm:"type:varchar(255)" json:"nature"`
Relation string `gorm:"type:varchar(255)" json:"relation"`
}
Relationship is Child model of Capec
type ResourceRequired ¶
type ResourceRequired struct {
ID int64 `json:"-"`
CapecID int64 `gorm:"index:idx_resource_required_capec_id" json:"-"`
Resource string `gorm:"type:text" json:"prerequisite"`
}
ResourceRequired is Child model of Capec
type SkillRequired ¶
type SkillRequired struct {
ID int64 `json:"-"`
CapecID int64 `gorm:"index:idx_skill_required_capec_id" json:"-"`
Skill string `gorm:"type:text" json:"skill"`
}
SkillRequired is Child model of Capec
type SoftwarePlatform ¶
type SoftwarePlatform struct {
ID int64 `json:"-"`
AttackerSoftwareID int64 `gorm:"index:idx_software_platform_attacker_software_id" json:"-"`
Platform string `gorm:"type:varchar(255)" json:"platform"`
}
SoftwarePlatform is Child models of Software
type SoftwareUsed ¶
type SoftwareUsed struct {
ID int64 `json:"-"`
AttackerGroupID int64 `gorm:"index:idx_software_used_attacker_group_id" json:"-"`
Name string `gorm:"type:varchar(255)" json:"name"`
Description string `gorm:"type:text" json:"description"`
}
SoftwareUsed is Child models of Group
type SubTechnique ¶
type SubTechnique struct {
ID int64 `json:"-"`
MitreAttackID int64 `gorm:"index:idx_sub_technique_mitre_attack_id" json:"-"`
Name string `gorm:"type:varchar(255)" json:"name"`
}
SubTechnique is Child model of MitreAttack
type Technique ¶
type Technique struct {
ID int64 `json:"-"`
TechniqueID string `gorm:"type:varchar(255)" json:"technique_id"`
Type TechniqueSourceType `gorm:"type:varchar(255)" json:"type"`
Name string `gorm:"type:varchar(255)" json:"name"`
Description string `gorm:"type:text" json:"description"`
References []TechniqueReference `json:"references"`
Mitigations []Mitigation `json:"mitigations"`
MitreAttack *MitreAttack `json:"mitre_attack"`
Capec *Capec `json:"capec"`
Created time.Time `json:"created"`
Modified time.Time `json:"modified"`
}
Technique : Cyber Threat Intelligence
type TechniquePlatform ¶
type TechniquePlatform struct {
ID int64 `json:"-"`
MitreAttackID int64 `gorm:"index:idx_technique_platform_mitre_attack_id" json:"-"`
Platform string `gorm:"type:varchar(255)" json:"platform"`
}
TechniquePlatform is Child model of MitreAttack
type TechniqueReference ¶
type TechniqueReference struct {
ID int64 `json:"-"`
TechniqueID int64 `gorm:"index:idx_technique_reference_technique_id" json:"-"`
Reference `gorm:"embedded"`
}
TechniqueReference is Child model of Technique
type TechniqueUsed ¶
type TechniqueUsed struct {
ID int64 `json:"-"`
AttackerID int64 `gorm:"index:idx_technique_used_attacker_id" json:"-"`
TechniqueID string `gorm:"type:varchar(255)" json:"technique_id"`
Name string `gorm:"type:varchar(255)" json:"name"`
Use string `gorm:"type:text" json:"use"`
}
TechniqueUsed is Child model of Attacker
Source Files
Click to show internal directories.
Click to hide internal directories.