mal-lang/coreLang

Issues

• Create Acknowledgements List

  #101 opened 8 months ago by andrewbwm
  4

• Create a Requirements/Prerequisites Association for Vulnerabilities

  #100 opened 2 years ago by andrewbwm
  1

• List of Suggestions for Future Languages/Versions

  #92 opened 2 years ago by andrewbwm
  1

• Evaluate how an Application can suffer denial of service via Networking assets

  #66 opened 2 years ago by andrewbwm
  0

• Code Refactoring

  #91 opened 2 years ago by andrewbwm
  0

• Evaluate the Need for Additional Conditional Bypass Attack Steps

  #81 opened 2 years ago by andrewbwm
  1

• Introduce Permission Requirements for `attemptApplicationRespondConnectThroughData` on `specificAccess`

  #93 opened 2 years ago by andrewbwm
  0

• Evaluate If SoftwareProduct has Extraneous Attack Steps

  #94 opened 2 years ago by andrewbwm
  0

• Language and Code Review

  #77 opened 2 years ago by andrewbwm
  3

• List of Improvements and Fixes

  #43 opened 3 years ago by andrewbwm
  0

• Document which attack steps should be used as entry points

  #53 opened 3 years ago by andrewbwm
  1

• Find an Appropriate Tool to Conduct the Code Review In

  #90 opened 2 years ago by andrewbwm
  0

• Resolve Directory Access Control branch

  #72 opened 3 years ago by andrewbwm
  3

• Introduce Configuration of Applications

  #80 opened 2 years ago by andrewbwm
  1

• Refactor existing code into multiple files

  #74 opened 2 years ago by andrewbwm
  0

• Have `IAMObject` asset extend `Information`

  #82 opened 2 years ago by andrewbwm
  0

• How do we model VPNs in coreLang? Also, how do we represent authenticated network connections?

  #56 opened 3 years ago by andrewbwm
  1

• Homogenise Defence Behaviour

  #76 opened 2 years ago by andrewbwm
  4

• Design HardwareVulnerabilities to attach to the System asset.

  #54 opened 3 years ago by andrewbwm
  3

• Create an association between the PhysicalZone and Network.

  #55 opened 3 years ago by andrewbwm
  1

• Evaluate if we want to integrate exploitability reports into the SoftwareVulnerability defences

  #68 opened 3 years ago by andrewbwm
  0

• The disabled defence on the IDPS asset is not logically coherent

  #67 opened 3 years ago by andrewbwm
  0

• How do we want to implement ransomware attacks

  #60 opened 3 years ago by andrewbwm
  2

• Do we want to create an IDPS asset?

  #47 opened 3 years ago by andrewbwm
  6

• Credential hashing

  #17 opened 3 years ago by skatsikeas
  3

• Credentials Signing

  #61 opened 3 years ago by andrewbwm
  2

• Fix "Filtered" defence on the ConnectionRule

  #45 opened 3 years ago by andrewbwm
  2

• Evaluate whether or not we still need execution privileges to be distinct from high privileges

  #44 opened 3 years ago by andrewbwm
  1

• Evaluate a multifactor authentication solution using nested Credentials.

  #50 opened 3 years ago by andrewbwm
  1

• Create a Data - Information association to represent backups.

  #51 opened 3 years ago by andrewbwm
  1

• Add Mitre info text to the attack steps, defences, and assets that are strongly logically linked to specific techniques or mitigations.

  #52 opened 3 years ago by andrewbwm
  0

• Generate a framework for the documentation efforts from the existing info strings.

  #48 opened 3 years ago by andrewbwm
  0

• Typo in "user info" for Application.disabled

  #49 opened 3 years ago by pdeliasson
  1

• Think of a new name for Connection because it sounds like the connection already exists. Maybe we should name it ConnectionRule (same as the association).

  #42 opened 3 years ago by andrewbwm
  0

• [bug] Application.softwareProductAbuse logic

  #35 opened 3 years ago by jesajx
  3

• [question] Privileges Required not modeled in automatic vulnerabilties?

  #33 opened 3 years ago by jesajx
  2

• Data-in-Data readonly-access?

  #32 opened 3 years ago by jesajx
  3

• Default/Reference Build Does Not Generate corelang-0.1.0.jar

  #30 opened 4 years ago by andrewbwm
  1

• Fix public facing attack vector not possible when App <-> ConnectionRule <-> App

  #29 opened 4 years ago by skatsikeas
  1

• PhysicalAccess on a Network does not lead to Access on it.

  #28 opened 4 years ago by skatsikeas
  1

• Make Identities hierarchical

  #20 opened 4 years ago by skatsikeas
  2

• Eavesdrop on not switchingNetworks

  #26 opened 4 years ago by skatsikeas
  2

• System vulnerabilities do not work

  #27 opened 4 years ago by skatsikeas
  1

• localConnect on executor from executee

  #25 opened 4 years ago by skatsikeas
  1

• ConnectionRules are not actually allowing forwarding from Application to Network

  #24 opened 4 years ago by skatsikeas
  1

• Fix the DataInTransit not being used from the Application asset

  #23 opened 4 years ago by skatsikeas
  1

• Re-design Data in transit and Connection(Rules)

  #22 opened 4 years ago by skatsikeas
  1

• How to model encryption on Communication

  #18 opened 4 years ago by skatsikeas
  2

• Fix on Connection.Data after Application.Access

  #21 opened 4 years ago by skatsikeas
  1

• DoS on Connection does not lead to Data.delete

  #19 opened 4 years ago by skatsikeas
  1