Skip to content

raphaelahrens/threatmd

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
src
src
 
 
test_examples
test_examples
 
 
.gitignore
.gitignore
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

threatmd is a tool to transform Markdown threats in the threatmd format to a threats.json file for pytm.

Running threatmd

threats_pytm <directory of markdown threats>

Prints the threats in pytms JSON format to stdout.

threatmd format

The Markdown files for each threat needs to have a metadata field containing following attributes

---
sid: <SID>                    # A string containing the id identifying the threat 
severity: Medium              # The severity for this threat, either "Low", "Medium", "High" or "Very high"
target: [<Target Classes>]    # The targeted elements ("Process", "Datastore", "Dataflow", "ExternalEntity")
likelihood: Low               # The likelihood of this threat happening "Low", "Medium", "High" or "Very high"
---

# <Name of the Threat>

<Description of the threat>

## Example

<Examples how the threat can be introduced and exploited>

## Mitigations

<Description of how the threat can be mitigated>

## Condition

`.``python
    <pytm condition in python code>
`.``

## Prerequisites

<Description of the prerequisites>

## References

- <A list of >
- <References>

Example

Example threat

About

A programm to convert threats in markdown format to threats in pytms threat.json

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages