mitre/New-NavigatorJson.ps1

<#
.SYNOPSIS
    Tunrs a list of ID or Objects passed via the pipeline in to a MITRE Attack Navigator JSON file.
.DESCRIPTION
    Tunrs a list of ID or Objects passed via the pipeline in to a MITRE Attack Navigator JSON file.
    Main purpose is when working with a CSV file where one enters Technique/Tactic ID's,
    Comments and a Score to then pipe in to the cmmdlet to turn in to a JSON that can be used by the
    MITRE Attck Navigator for displaying the information in a layer.
.NOTES
    Information or caveats about the function e.g. 'This function is not supported in Linux'
.EXAMPLE
    Import-Csv .\Desktop\Lockbit3.csv | New-NavigatorJson -Path .\Desktop\lockbit.json
    Turns a CSV with the fields Id for the techniqueID and comment in to a MITRE Attck Navigator Json file.
.EXAMPLE
    New-NavigatorJson -Name "Pentest Daily Technique D3" -path .\dayly3.json -Id @('T1134','T1612','T1548.001') -Color Purple -Comment "actions of day 3"
    Maually generate a a layer using a list of Technique IDs.
#>

function New-NavigatorJson {
    [CmdletBinding()]
    param (
        # MITRE Attack Navigator Version
        [Parameter(mandatory=$false)]
        [string]
        $Version = "4.4",

        # Name of the layer.
        [Parameter(Mandatory=$false)]
        [string]
        $Name = "Technique Heatmap",

        # Description for the layer.
        [Parameter(Mandatory=$false)]
        [string]
        $Description = "",

        # Domain, default is mitre-enterprise
        [Parameter(mandatory=$false)]
        [ValidateSet("mitre-enterprise","mitre-mobile")]
        [string]
        $Domain = "mitre-enterprise",

        # Filter Platform to show.
        [Parameter(Mandatory=$false)]
        [ValidateSet("Linux",
                     "macOS",
                     "Windows",
                     "Network",
                     "PRE",
                     "Containers",
                     "Office 365",
                     "SaaS",
                     "Google Workspace",
                     "IaaS",
                     "Azure AD")]
        [string[]]
        $Platform = @("Linux",
                    "macOS",
                    "Windows",
                    "Network",
                    "PRE",
                    "Containers",
                    "Office 365",
                    "SaaS",
                    "Google Workspace",
                    "IaaS",
                    "Azure AD"),

        # MITRE Technique Id.
        [Parameter(Mandatory=$true,
            ValueFromPipelineByPropertyName=$true)]
        [string[]]
        $Id,

        # Score for the Technique.
        [Parameter(Mandatory=$false,
        ValueFromPipelineByPropertyName=$true)]
        [int]
        $Score,

        # Comment for the technique.
        [Parameter(Mandatory=$false,
        ValueFromPipelineByPropertyName=$true)]
        [String]
        $Comment,

        # Color for the Technique and Tactic.
        [Parameter(Mandatory=$false)]
        [ValidateSet("Red","Blue","Orange","Green","Yellow","Brown","Purple")]
        [string]
        $Color,

        # Specifies a path to one or more locations.
        [Parameter(Mandatory=$true,
                   Position=0,
                   HelpMessage="Path to one or more locations.")]
        [Alias("PSPath")]
        [ValidateNotNullOrEmpty()]
        [string[]]
        $Path
    )
    
    begin {

        $BaseStructure = [ordered]@{
            'version'= $Version
            'name' = $Name
            'description' =  $Description
            'domain' = $Domain
            'filters' = @{'platforms'=$Platform}
        }

        $Colors = @{
            "Red" = "E53731"
            "Blue" = "#0E61C2"
            "Orange" = "#FA8F01"
            "Green" = "#3FB24D"
            "Yellow" = "#FDEC00"
            "Brown" = "#9A4C01"
            "Purple" = "#9312AC"
        }

        $techniques = @()
        
    }
    
    process {

        $Id | foreach-object {
            Write-Verbose -Message "Adding techinique $_"
            $Technique = @{'techniqueID'=$_}

            if ($PSBoundParameters.ContainsKey('score')) {
                $Technique.Add('score',$Score)
            }

            if ($PSBoundParameters.ContainsKey('comment')) {
                $Technique.Add('comment',$Comment)
            }

            if ($PSBoundParameters.ContainsKey('color')) {
                $Technique.Add('color',$Colors[$Color])
            }
            $techniques += $technique
        }
    }
    
    end {
        $BaseStructure.Add('techniques',$techniques)
        convertto-Json -InputObject $BaseStructure | Set-Content -Path $Path
    }
}