Spaces:

Agents-MCP-Hackathon
/

TDAgentTools

Running

App Files Files Community

Miguel commited on Jun 5

Commit

8e93ae4

1 Parent(s): f1d068a

feat: add stix object retrieval for an attack id

Browse files

Files changed (4) hide show

pyproject.toml +2 -0
requirements.txt +45 -17
tdagent/tools/retrieve_from_mitre_attack_information +19 -0
uv.lock +0 -0

pyproject.toml CHANGED Viewed

@@ -13,6 +13,8 @@ requires-python = ">=3.10,<4"
 readme = "README.md"
 license = ""
 dependencies = [
     "cachetools>=6.0.0",
     "gradio[mcp]>=5.32.1",
     "python-whois>=0.9.5",

 readme = "README.md"
 license = ""
 dependencies = [
+    "attackcti>=0.5.4",
+    "black>=25.1.0",
     "cachetools>=6.0.0",
     "gradio[mcp]>=5.32.1",
     "python-whois>=0.9.5",

requirements.txt CHANGED Viewed

@@ -1,21 +1,26 @@
-# This file was autogenerated by uv via the following command:
-#    uv export --format requirements-txt --no-hashes --no-dev -o requirements.txt
 aiofiles==24.1.0
 aiohappyeyeballs==2.6.1
 aiohttp==3.12.8
 aiosignal==1.3.2
 annotated-types==0.7.0
 anyio==4.9.0
-async-timeout==5.0.1 ; python_full_version < '3.11'
 attrs==25.3.0
-audioop-lts==0.2.1 ; python_full_version >= '3.13'
 cachetools==6.0.0
 certifi==2025.4.26
 charset-normalizer==3.4.2
-click==8.2.1 ; sys_platform != 'emscripten'
-colorama==0.4.6 ; sys_platform == 'win32'
 coverage==7.8.2
-exceptiongroup==1.3.0 ; python_full_version < '3.11'
 fastapi==0.115.12
 ffmpy==0.6.0
 filelock==3.18.0
@@ -25,31 +30,47 @@ gradio==5.32.1
 gradio-client==1.10.2
 groovy==0.1.2
 h11==0.16.0
-hf-xet==1.1.2 ; platform_machine == 'aarch64' or platform_machine == 'amd64' or platform_machine == 'arm64' or platform_machine == 'x86_64'
 httpcore==1.0.9
 httpx==0.28.1
 httpx-sse==0.4.0
 huggingface-hub==0.32.4
 idna==3.10
 iniconfig==2.1.0
 jinja2==3.1.6
-markdown-it-py==3.0.0 ; sys_platform != 'emscripten'
 markupsafe==3.0.2
 mcp==1.9.0
-mdurl==0.1.2 ; sys_platform != 'emscripten'
 multidict==6.4.4
 numpy==2.2.6
 orjson==3.10.18
 packaging==25.0
 pandas==2.2.3
 pillow==11.2.1
 pluggy==1.6.0
 propcache==0.3.1
 pydantic==2.11.5
 pydantic-core==2.33.2
 pydantic-settings==2.9.1
 pydub==0.25.1
-pygments==2.19.1 ; sys_platform != 'emscripten'
 pytest==7.4.4
 pytest-cov==4.1.0
 pytest-randomly==3.16.0
@@ -60,24 +81,31 @@ python-whois==0.9.5
 pytz==2025.2
 pyyaml==6.0.2
 requests==2.32.3
-rich==14.0.0 ; sys_platform != 'emscripten'
-ruff==0.11.12 ; sys_platform != 'emscripten'
 safehttpx==0.1.6
 semantic-version==2.10.0
-shellingham==1.5.4 ; sys_platform != 'emscripten'
 six==1.17.0
 sniffio==1.3.1
 sse-starlette==2.3.6
 starlette==0.46.2
-tomli==2.2.1 ; python_full_version <= '3.11'
 tomlkit==0.13.2
 tqdm==4.67.1
-typer==0.16.0 ; sys_platform != 'emscripten'
 typing-extensions==4.14.0
 typing-inspection==0.4.1
 tzdata==2025.2
 urllib3==2.4.0
-uvicorn==0.34.3 ; sys_platform != 'emscripten'
 vt-py==0.21.0
 websockets==15.0.1
 xdoctest==1.2.0

 aiofiles==24.1.0
 aiohappyeyeballs==2.6.1
 aiohttp==3.12.8
 aiosignal==1.3.2
 annotated-types==0.7.0
+antlr4-python3-runtime==4.9.3
 anyio==4.9.0
+async-timeout==5.0.1
+attackcti==0.5.4
 attrs==25.3.0
+black==25.1.0
+boolean-py==5.0
+cachecontrol==0.14.3
 cachetools==6.0.0
 certifi==2025.4.26
+cfgv==3.4.0
 charset-normalizer==3.4.2
+click==8.2.1
 coverage==7.8.2
+cyclonedx-python-lib==9.1.0
+defusedxml==0.7.1
+distlib==0.3.9
+exceptiongroup==1.3.0
 fastapi==0.115.12
 ffmpy==0.6.0
 filelock==3.18.0
 gradio-client==1.10.2
 groovy==0.1.2
 h11==0.16.0
+hf-xet==1.1.2
 httpcore==1.0.9
 httpx==0.28.1
 httpx-sse==0.4.0
 huggingface-hub==0.32.4
+identify==2.6.12
 idna==3.10
 iniconfig==2.1.0
 jinja2==3.1.6
+license-expression==30.4.1
+markdown-it-py==3.0.0
 markupsafe==3.0.2
 mcp==1.9.0
+mdurl==0.1.2
+msgpack==1.1.0
 multidict==6.4.4
+mypy==1.16.0
+mypy-extensions==1.1.0
+nodeenv==1.9.1
 numpy==2.2.6
 orjson==3.10.18
+packageurl-python==0.16.0
 packaging==25.0
 pandas==2.2.3
+pathspec==0.12.1
 pillow==11.2.1
+pip==25.1.1
+pip-api==0.0.34
+pip-audit==2.9.0
+pip-requirements-parser==32.0.1
+platformdirs==4.3.8
 pluggy==1.6.0
+pre-commit==3.8.0
 propcache==0.3.1
+py-serializable==2.0.0
 pydantic==2.11.5
 pydantic-core==2.33.2
 pydantic-settings==2.9.1
 pydub==0.25.1
+pygments==2.19.1
+pyparsing==3.2.3
 pytest==7.4.4
 pytest-cov==4.1.0
 pytest-randomly==3.16.0
 pytz==2025.2
 pyyaml==6.0.2
 requests==2.32.3
+rich==14.0.0
+ruff==0.11.12
 safehttpx==0.1.6
 semantic-version==2.10.0
+shellingham==1.5.4
+simplejson==3.20.1
 six==1.17.0
 sniffio==1.3.1
+sortedcontainers==2.4.0
 sse-starlette==2.3.6
 starlette==0.46.2
+stix2==3.0.1
+stix2-patterns==2.0.0
+taxii2-client==2.3.0
+toml==0.10.2
+tomli==2.2.1
 tomlkit==0.13.2
 tqdm==4.67.1
+typer==0.16.0
 typing-extensions==4.14.0
 typing-inspection==0.4.1
 tzdata==2025.2
 urllib3==2.4.0
+uvicorn==0.34.3
+virtualenv==20.31.2
 vt-py==0.21.0
 websockets==15.0.1
 xdoctest==1.2.0

tdagent/tools/retrieve_from_mitre_attack_information ADDED Viewed

	@@ -0,0 +1,19 @@

+from typing import Any
+from attackcti import attack_client
+def get_stix_object_of_attack_id(attack_id: str, object_type: str = "attack-pattern") -> dict[str, Any]:
+    """Retrieves a specific STIX object identified by an ATT&CK ID across all ATT&CK matrices.
+    Args:
+        attack_id (str): The ATT&CK ID (e.g., 'T1234') of the STIX object to retrieve.
+        object_type (str): The type of STIX object to retrieve, such as 'attack-pattern', 'course-of-action', 'intrusion-set',
+                        'malware', 'tool', or 'x-mitre-data-component'. Default is 'attack-pattern'
+    Returns:
+        List: A list containing the matched STIX object, either in its raw STIX format or as a custom dictionary
+                following the structure defined by the relevant Pydantic model, depending on the 'stix_format' flag.
+    """
+    lift = attack_client()
+    return lift.get_object_by_attack_id(object_type=object_type, attack_id=attack_id)[0]

uv.lock CHANGED Viewed

The diff for this file is too large to render. See raw diff