1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
use std::collections::BTreeSet;
use serde::Deserialize;
use stix::{CommonProperties, Object};
use crate::get_mitre_id;
#[stix::custom_properties(namespace = "mitre")]
#[derive(Default, Deserialize)]
pub struct MitreAttackPattern {
#[serde(default)]
pub is_subtechnique: Option<bool>,
#[serde(default)]
pub data_sources: BTreeSet<String>,
#[serde(default)]
pub detection: Option<String>,
#[serde(default)]
pub effective_permissions: BTreeSet<String>,
#[serde(default)]
pub permissions_required: BTreeSet<String>,
#[serde(default)]
pub platforms: BTreeSet<String>,
#[serde(default)]
pub system_requirements: BTreeSet<String>,
}
#[derive(Deserialize, stix::TypedObject)]
pub struct AttackPattern {
#[serde(flatten)]
pub base: stix::AttackPattern,
#[serde(flatten)]
pub mitre: MitreAttackPattern,
}
impl AttackPattern {
pub fn name(&self) -> &str {
&self.base.name
}
pub fn mitre_id(&self) -> Option<&str> {
self.external_references().iter().find_map(get_mitre_id)
}
}
impl AsRef<CommonProperties> for AttackPattern {
fn as_ref(&self) -> &CommonProperties {
self.base.as_ref()
}
}
impl AsRef<stix::AttackPattern> for AttackPattern {
fn as_ref(&self) -> &stix::AttackPattern {
&self.base
}
}