The t3sf from base4security

T3SF

Technical Tabletop Exercises Simulation Framework

About

T3SF is a framework that offers a modular structure for the orchestration of events based on a master scenario events list (MSEL) together with a set of rules defined for each exercise (optional) and a configuration that allows defining the parameters of the corresponding platform. The main module performs the communication with the specific module (Discord, Slack, Telegram, etc.) that allows the events to present the events in the input channels as injects for each platform. In addition, the framework supports different use cases: "single organization, multiple areas", "multiple organization, single area" and "multiple organization, multiple areas".

Getting Things Ready

To use the framework with your desired platform, whether it's Slack or Discord, you will need to install the required modules for that platform. But don't worry, installing these modules is easy and straightforward.

To do this, you can follow this simple step-by-step guide, or if you're already comfortable installing packages with pip, you can skip to the last step!

# Python 3.6+ required
python -m venv .venv       # We will create a python virtual environment
source .venv/bin/activate  # Let's get inside it

pip install -U pip         # Upgrade pip

Once you have created a Python virtual environment and activated it, you can install the T3SF framework for your desired platform by running the following command:

pip install "T3SF[Discord]"  # Install the framework to work with Discord

pip install "T3SF[Slack]"  # Install the framework to work with Slack

This will install the T3SF framework along with the required dependencies for your chosen platform. Once the installation is complete, you can start using the framework with your platform of choice.

We strongly recommend following the platform-specific guidance within our Read The Docs! Here are the links:

Usage

We created this framework to simplify all your work!

Using Docker

Supported Tags

slack → This image has all the requirements to perform an exercise in Slack.
discord → This image has all the requirements to perform an exercise in Discord.

Using it with Slack

$ docker run --rm -t --env-file .env -v $(pwd)/MSEL.json:/app/MSEL.json base4sec/t3sf:slack

Inside your .env file you have to provide the SLACK_BOT_TOKEN and SLACK_APP_TOKEN tokens. Read more about it here.

There is another environment variable to set, MSEL_PATH. This variable tells the framework in which path the MSEL is located. By default, the container path is /app/MSEL.json. If you change the mount location of the volume then also change the variable.

Using it with Discord

$ docker run --rm -t --env-file .env -v $(pwd)/MSEL.json:/app/MSEL.json base4sec/t3sf:discord

Inside your .env file you have to provide the DISCORD_TOKEN token. Read more about it here.

Once you have everything ready, use our template for the main.py, or modify the following code:

Here is an example if you want to run the framework with the Discord bot and a GUI.

from T3SF import T3SF
import asyncio

async def main():
    await T3SF.start(MSEL="MSEL_TTX.json", platform="Discord", gui=True)

if __name__ == '__main__':
    asyncio.run(main())

Or if you prefer to run the framework without GUI and with Slack instead, you can modify the arguments, and that's it!

Yes, that simple!

await T3SF.start(MSEL="MSEL_TTX.json", platform="Slack", gui=False)

If you need more help, you can always check our documentation here!

[BUG] - String indices must be integers

Describe the bug
Followed the tutorial to a T. This link

To Reproduce
Steps to reproduce the behavior:

created file name "demo.py"
Copy paste the content as referred in the doc (and wrote at the end of this report)
open http://127.0.0.1:5000/
Click on "Create Environment"
Die with a 500 server error
The terminal show "TypeError: string indices must be integers"

Expected behavior
To not have a 500 server error when clicking on Create Environment

Screenshots
Image

Environment (please complete the following information):

OS: Linux
Platform slack
Version 2.5.1 OCt 30, 2023 (installed via pip)

Additional context
demo.py

from T3SF import T3SF
import asyncio

async def main():
        await T3SF.start(MSEL="MSEL.json", platform="Slack", gui=True)

if __name__ == '__main__':
        asyncio.run(main())

MSEL.json

{
    "#": 1,
    "Real Time": "07:30 PM",
    "Date": "Monday  9:40 AM",
    "Subject": "[URGENT] Ransom Request!",
    "From": "SOC - BASE4",
    "Player": "Legal",
    "Script": "Team, we received a ransom request. What should we do?",
    "Picture Name": "Base_4_SOC.jpg",
    "Photo": "https://img2.helpnetsecurity.com/posts2018/aws-s3-buckets-public.jpg",
    "Profile": "https://foreseeti.com/wp-content/uploads/2021/09/Ska%CC%88rmavbild-2021-09-02-kl.-15.44.24.png",
    "Poll": "We are checking on it | It is a false positive"
 }

.env

SLACK_APP_TOKEN=xapp-1-----REDACTED------
SLACK_BOT_TOKEN=xoxb------REDACTED------

logs.txt

data: {"id": "8af11dc1-db6e-4753-ba5c-8d139b70b388", "type": "DEBUG", "content": "Starting GUI", "timestamp": "12:36:32"}

data: {"id": "b3133a11-a6b6-4254-ac11-7ae2c14a68c2", "type": "DEBUG", "content": "Starting BOT", "timestamp": "12:36:32"}

data: {"id": "6ff171b5-210d-4c9e-96e0-f27f2dbda736", "type": "DEBUG", "content": "Slack Bot is ready!", "timestamp": "12:36:32"}

data: {"id": "1dc2a037-5818-42f9-8e25-b939a30520e0", "type": "DEBUG", "content": "Reading MSEL", "timestamp": "12:36:49"}

base4security / t3sf Goto Github PK

t3sf's Introduction

T3SF

Table of Contents

About

Getting Things Ready

Usage

Supported Tags

Using it with Slack

Using it with Discord

t3sf's People

Contributors

Stargazers

Watchers

Forkers

t3sf's Issues

[Enhancement] - Better docs

[BUG] - String indices must be integers

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent