The goal of this exercise is to have the candidate call out issues with a simulated pull request creating a new ETL application.
A good code review reference: https://www.morling.dev/blog/the-code-review-pyramid/
| $methods = @('Get-AttckTool', 'Get-AttckTechnique', 'Get-AttckTactic', 'Get-AttckMitigation', 'Get-AttckMalware', 'Get-AttckActor') | |
| foreach ($method in $methods){ | |
| $properties = @('Name', 'Id') | |
| foreach ($prop in $properties){ | |
| ${"($method)NameScriptBlock"} = { | |
| param($commandName, $parameterName, $wordToComplete, $commandAst, $fakeBoundParameters) | |
| (& $method)."$prop".ForEach({ |
| import os | |
| import requests | |
| from bs4 import BeautifulSoup | |
| import time | |
| import re | |
| import io | |
| from zipfile import ZipFile | |
| EXTENSION_LIST = [ |
Uploaded it to streamable here https://streamable.com/c9c5ws
The MITRE ATT&CK JSON file is a flat JSON structure which is difficult to parse. To parse this JSON file, there are several different approaches but the type key is the, well, key!
The types within this JSON are the following (as well as the common wording used for this type):
The following content is generated using a preview release of Swimlane's pyattck.
This snippet of data is scoped to the following actor groups:
| <# | |
| .Synopsis | |
| Confirm if a date time format pattern is valid or not | |
| .DESCRIPTION | |
| Confirm if a date time format pattern is valid or not | |
| based on the current culture on the machine that this function | |
| is being ran on | |
| .EXAMPLE 1 |
| function Get-TargetedWinEvent { | |
| <# | |
| .SYNOPSIS | |
| Searches Windows logs for events related to specific Event IDs or EventData.Data values | |
| .DESCRIPTION | |
| Searches Windows logs for events related to specific Event IDs or EventData.Data values | |
| Supports searching offline/exported evt/evtx files as well as online machines | |
| .PARAMETER SearchTerm | |
| EventData.Data property value to search for |
| <# | |
| .Synopsis | |
| This function will convert a Saba CSV for University Campus | |
| .DESCRIPTION | |
| This function will import a CSV, modify the values, and export it to a new CSV. | |
| We rename the following headers: | |
| Person EMPID to EMPID | |
| Completed Courses (Transcript) Ended/Completed On Date to Completed On Date | |
| Course Course ID to Course ID | |
| .EXAMPLE |
| <# | |
| .Synopsis | |
| This function will convert a Saba CSV for University Campus | |
| .DESCRIPTION | |
| This function will import a CSV, modify the values, and export it to a new CSV. | |
| We rename the following headers: | |
| Person EMPID to EMPID | |
| Completed Courses (Transcript) Ended/Completed On Date to Completed On Date | |
| Course Course ID to Course ID | |
| .EXAMPLE |