@mitre-attack/attack-data-model
Version:
A TypeScript API for the MITRE ATT&CK data model
196 lines (193 loc) • 8.92 kB
text/typescript
import { z } from 'zod/v4';
declare const extensibleToolSchema: z.ZodObject<{
spec_version: z.ZodEnum<{
"2.0": "2.0";
2.1: "2.1";
}>;
created: z.core.$ZodBranded<z.ZodISODateTime, "StixCreatedTimestamp">;
modified: z.core.$ZodBranded<z.ZodISODateTime, "StixModifiedTimestamp">;
labels: z.ZodOptional<z.ZodArray<z.ZodString>>;
revoked: z.ZodOptional<z.ZodBoolean>;
confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
lang: z.ZodOptional<z.ZodString>;
granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{
marking_ref: z.ZodString;
selectors: z.ZodArray<z.ZodString>;
}, z.core.$strip>>>;
extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{
extension_type: z.ZodEnum<{
"new-sdo": "new-sdo";
"new-sco": "new-sco";
"new-sro": "new-sro";
"property-extension": "property-extension";
"toplevel-property-extension": "toplevel-property-extension";
}>;
}, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>;
name: z.ZodString;
x_mitre_attack_spec_version: z.ZodString;
x_mitre_version: z.ZodString;
x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>;
created_by_ref: z.ZodString;
description: z.ZodString;
object_marking_refs: z.ZodArray<z.ZodString>;
x_mitre_platforms: z.ZodOptional<z.ZodArray<z.ZodEnum<{
"Field Controller/RTU/PLC/IED": "Field Controller/RTU/PLC/IED";
"Network Devices": "Network Devices";
"Data Historian": "Data Historian";
"Google Workspace": "Google Workspace";
"Office Suite": "Office Suite";
ESXi: "ESXi";
"Identity Provider": "Identity Provider";
Containers: "Containers";
"Azure AD": "Azure AD";
"Engineering Workstation": "Engineering Workstation";
"Control Server": "Control Server";
"Human-Machine Interface": "Human-Machine Interface";
Windows: "Windows";
Linux: "Linux";
IaaS: "IaaS";
None: "None";
iOS: "iOS";
PRE: "PRE";
SaaS: "SaaS";
"Input/Output Server": "Input/Output Server";
macOS: "macOS";
Android: "Android";
"Safety Instrumented System/Protection Relay": "Safety Instrumented System/Protection Relay";
Embedded: "Embedded";
}>>>;
x_mitre_contributors: z.ZodOptional<z.ZodArray<z.ZodString>>;
x_mitre_aliases: z.ZodOptional<z.ZodArray<z.ZodString>>;
x_mitre_modified_by_ref: z.ZodLiteral<`identity--${string}`>;
x_mitre_domains: z.ZodArray<z.ZodEnum<{
"enterprise-attack": "enterprise-attack";
"mobile-attack": "mobile-attack";
"ics-attack": "ics-attack";
}>>;
aliases: z.ZodOptional<z.ZodArray<z.ZodString>>;
id: z.ZodString;
type: z.ZodLiteral<"attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-log-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "file" | "artifact">;
external_references: z.ZodArray<z.ZodObject<{
source_name: z.ZodString;
description: z.ZodOptional<z.ZodString>;
url: z.ZodOptional<z.ZodURL>;
external_id: z.ZodOptional<z.ZodString>;
}, z.core.$strip>>;
tool_types: z.ZodOptional<z.ZodArray<z.ZodEnum<{
unknown: "unknown";
"denial-of-service": "denial-of-service";
exploitation: "exploitation";
"information-gathering": "information-gathering";
"network-capture": "network-capture";
"credential-exploitation": "credential-exploitation";
"remote-access": "remote-access";
"vulnerability-scanning": "vulnerability-scanning";
}>>>;
kill_chain_phases: z.ZodOptional<z.ZodArray<z.ZodObject<{
phase_name: z.ZodString;
kill_chain_name: z.ZodEnum<{
"mitre-attack": "mitre-attack";
"mitre-mobile-attack": "mitre-mobile-attack";
"mitre-ics-attack": "mitre-ics-attack";
}>;
}, z.core.$strict>>>;
tool_version: z.ZodOptional<z.ZodString>;
x_mitre_old_attack_id: z.ZodOptional<z.ZodString>;
}, z.core.$strict>;
declare const toolSchema: z.ZodObject<{
spec_version: z.ZodEnum<{
"2.0": "2.0";
2.1: "2.1";
}>;
created: z.core.$ZodBranded<z.ZodISODateTime, "StixCreatedTimestamp">;
modified: z.core.$ZodBranded<z.ZodISODateTime, "StixModifiedTimestamp">;
labels: z.ZodOptional<z.ZodArray<z.ZodString>>;
revoked: z.ZodOptional<z.ZodBoolean>;
confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
lang: z.ZodOptional<z.ZodString>;
granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{
marking_ref: z.ZodString;
selectors: z.ZodArray<z.ZodString>;
}, z.core.$strip>>>;
extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{
extension_type: z.ZodEnum<{
"new-sdo": "new-sdo";
"new-sco": "new-sco";
"new-sro": "new-sro";
"property-extension": "property-extension";
"toplevel-property-extension": "toplevel-property-extension";
}>;
}, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>;
name: z.ZodString;
x_mitre_attack_spec_version: z.ZodString;
x_mitre_version: z.ZodString;
x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>;
created_by_ref: z.ZodString;
description: z.ZodString;
object_marking_refs: z.ZodArray<z.ZodString>;
x_mitre_platforms: z.ZodOptional<z.ZodArray<z.ZodEnum<{
"Field Controller/RTU/PLC/IED": "Field Controller/RTU/PLC/IED";
"Network Devices": "Network Devices";
"Data Historian": "Data Historian";
"Google Workspace": "Google Workspace";
"Office Suite": "Office Suite";
ESXi: "ESXi";
"Identity Provider": "Identity Provider";
Containers: "Containers";
"Azure AD": "Azure AD";
"Engineering Workstation": "Engineering Workstation";
"Control Server": "Control Server";
"Human-Machine Interface": "Human-Machine Interface";
Windows: "Windows";
Linux: "Linux";
IaaS: "IaaS";
None: "None";
iOS: "iOS";
PRE: "PRE";
SaaS: "SaaS";
"Input/Output Server": "Input/Output Server";
macOS: "macOS";
Android: "Android";
"Safety Instrumented System/Protection Relay": "Safety Instrumented System/Protection Relay";
Embedded: "Embedded";
}>>>;
x_mitre_contributors: z.ZodOptional<z.ZodArray<z.ZodString>>;
x_mitre_aliases: z.ZodOptional<z.ZodArray<z.ZodString>>;
x_mitre_modified_by_ref: z.ZodLiteral<`identity--${string}`>;
x_mitre_domains: z.ZodArray<z.ZodEnum<{
"enterprise-attack": "enterprise-attack";
"mobile-attack": "mobile-attack";
"ics-attack": "ics-attack";
}>>;
aliases: z.ZodOptional<z.ZodArray<z.ZodString>>;
id: z.ZodString;
type: z.ZodLiteral<"attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-log-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "file" | "artifact">;
external_references: z.ZodArray<z.ZodObject<{
source_name: z.ZodString;
description: z.ZodOptional<z.ZodString>;
url: z.ZodOptional<z.ZodURL>;
external_id: z.ZodOptional<z.ZodString>;
}, z.core.$strip>>;
tool_types: z.ZodOptional<z.ZodArray<z.ZodEnum<{
unknown: "unknown";
"denial-of-service": "denial-of-service";
exploitation: "exploitation";
"information-gathering": "information-gathering";
"network-capture": "network-capture";
"credential-exploitation": "credential-exploitation";
"remote-access": "remote-access";
"vulnerability-scanning": "vulnerability-scanning";
}>>>;
kill_chain_phases: z.ZodOptional<z.ZodArray<z.ZodObject<{
phase_name: z.ZodString;
kill_chain_name: z.ZodEnum<{
"mitre-attack": "mitre-attack";
"mitre-mobile-attack": "mitre-mobile-attack";
"mitre-ics-attack": "mitre-ics-attack";
}>;
}, z.core.$strict>>>;
tool_version: z.ZodOptional<z.ZodString>;
x_mitre_old_attack_id: z.ZodOptional<z.ZodString>;
}, z.core.$strict>;
type Tool = z.infer<typeof extensibleToolSchema>;
export { type Tool, extensibleToolSchema, toolSchema };