Documentation
¶
Overview ¶
Package attackpattern implements the STIX 2.1 Attack Pattern object.
The following information comes directly from the STIX 2.1 specification.
Attack Patterns are a type of TTP that describe ways that adversaries attempt to compromise targets. Attack Patterns are used to help categorize attacks, generalize specific attacks to the patterns that they follow, and provide detailed information about how attacks are performed. An example of an attack pattern is "spear phishing": a common type of attack where an attacker sends a carefully crafted e-mail message to a party with the intent of getting them to click a link or open an attachment to deliver malware. Attack Patterns can also be more specific; spear phishing as practiced by a particular threat actor (e.g., they might generally say that the target won a contest) can also be an Attack Pattern.
The Attack Pattern SDO contains textual descriptions of the pattern along with references to externally-defined taxonomies of attacks such as CAPEC [CAPEC].
Index ¶
- func Compare(obj1, obj2 *AttackPattern) (bool, int, []string)
- type AttackPattern
- func (o *AttackPattern) Compare(obj2 *AttackPattern) (bool, int, []string)
- func (o *AttackPattern) Encode() ([]byte, error)
- func (o *AttackPattern) EncodeToString() (string, error)
- func (o *AttackPattern) GetPropertyList() []string
- func (o *AttackPattern) UnmarshalJSON(b []byte) error
- func (o *AttackPattern) Valid() (bool, int, []string)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Compare ¶ added in v0.6.1
func Compare(obj1, obj2 *AttackPattern) (bool, int, []string)
Compare - This function will compare two objects to make sure they are the same and will return a boolean, an integer that tracks the number of problems found, and a slice of strings that contain the detailed results, whether good or bad.
Types ¶
type AttackPattern ¶
type AttackPattern struct {
objects.CommonObjectProperties
properties.NameProperty
properties.DescriptionProperty
properties.AliasesProperty
properties.KillChainPhasesProperty
}
AttackPattern - This type implements the STIX 2 Attack Pattern SDO and defines all of the properties and methods needed to create and work with this object. All of the methods not defined local to this type are inherited from the individual properties.
func Decode ¶ added in v0.6.1
func Decode(data []byte) (*AttackPattern, error)
Decode - This function is a simple wrapper for decoding JSON data. It will decode a slice of bytes into an actual struct and return a pointer to that object along with any errors.
func New ¶
func New() *AttackPattern
New - This function will create a new STIX Attack Pattern object and return it as a pointer. It will also initialize the object by setting all of the basic properties.
func (*AttackPattern) Compare ¶ added in v0.6.1
func (o *AttackPattern) Compare(obj2 *AttackPattern) (bool, int, []string)
Compare - This method will compare two objects to make sure they are the same. The receiver is object 1 and the object passed in is object 2. This method will return a boolean, an integer that tracks the number of problems found, and a slice of strings that contain the detailed results, whether good or bad.
func (*AttackPattern) Encode ¶ added in v0.6.1
func (o *AttackPattern) Encode() ([]byte, error)
Encode - This method is a simple wrapper for encoding an object into JSON
func (*AttackPattern) EncodeToString ¶ added in v0.6.1
func (o *AttackPattern) EncodeToString() (string, error)
EncodeToString - This method is a simple wrapper for encoding an object into JSON
func (*AttackPattern) GetPropertyList ¶ added in v0.6.1
func (o *AttackPattern) GetPropertyList() []string
GetPropertyList - This method will return a list of all of the properties that are unique to this object. This is used by the custom UnmarshalJSON for this object. It is defined here in this file to make it easy to keep in sync.
func (*AttackPattern) UnmarshalJSON ¶ added in v0.6.1
func (o *AttackPattern) UnmarshalJSON(b []byte) error
UnmarshalJSON - This method will over write the default UnmarshalJSON method to enable custom properties that this library does not know about. It will store them as map where the value of each key is a byte arrays. This way a tool that does know how to deal with them can then further process them after this is done. This will also allow the storage of the raw JSON data.
func (*AttackPattern) Valid ¶ added in v0.6.1
func (o *AttackPattern) Valid() (bool, int, []string)
Valid - This method will verify and test all of the properties on an object to make sure they are valid per the specification. It will return a boolean, an integer that tracks the number of problems found, and a slice of strings that contain the detailed results, whether good or bad.
Source Files