Skip to content

Commit

Permalink
Common: Allow '.' characters in Event tags
Browse files Browse the repository at this point in the history 
The MITRE ATT&CK framework identifies subtechniques by using a '.' to
separate the technique ID from the subtechnique ID. For example, the
technique "Defacement" has the ID T1491, whereas the subtechnique
"Internal Defacement" has the ID T1491.001.

Allowing '.' characters in tags allows us to specify MITRE ATT&CK
subtechniques without performing any translation.

PR #3676
  • Loading branch information
@mssalvatore
mssalvatore committed Sep 12, 2023
1 parent 6a6abbe commit ab44c57
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ Changelog](https://keepachangelog.com/en/1.0.0/).

### Changed
- Plugin source is now gzipped. #3392
- Allowed characters in Agent event tags. #3399
- Allowed characters in Agent event tags. #3399, #3676
- Hard-coded Log4Shell exploiter to a plugin. #3388
- Hard-coded SSH exploiter to a plugin. #3170
- Identities and secrets can be associated when configuring credentials in the
Expand Down
2 changes: 1 addition & 1 deletion monkey/common/agent_events/abstract_agent_event.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
from common.base_models import InfectionMonkeyBaseModel, InfectionMonkeyModelConfig
from common.types import AgentID, MachineID

EVENT_TAG_REGEX = r"^[a-zA-Z0-9_-]+$"
EVENT_TAG_REGEX = r"^[a-zA-Z0-9._-]+$"


class AgentEventTag(ConstrainedStr):
Expand Down

0 comments on commit ab44c57

Please sign in to comment.