private/Test-MITRETechnique.ps1
|
<#
.SYNOPSIS Tests whether a given MITRE ATT&CK® Technique ID is valid. .DESCRIPTION The Test-MITRETechnique function tests whether a given MITRE Technique ID is valid. It checks if the provided Technique ID exists in the list of valid techniques. .PARAMETER TechniqueId The TechniqueId parameter specifies the MITRE Technique ID to be tested. It is a mandatory parameter and must be a non-empty string. .EXAMPLE Test-MITRETechnique -TechniqueId "T1001" Returns: True .EXAMPLE Test-MITRETechnique -TechniqueId "T2000" Returns: False .NOTES © 2023 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation." #> function Test-MITRETechnique { [CmdletBinding()] [OutputType([bool])] param ( [Parameter(Mandatory, ValueFromPipeline, Position = 0)] [ValidateNotNullOrEmpty()] [string]$TechniqueId ) process { $ValidTechniques = @( "T1001", "T1003", "T1005", "T1006", "T1007", "T1008", "T1010", "T1011", "T1012", "T1014", "T1016", "T1018", "T1020", "T1021", "T1025", "T1027", "T1029", "T1030", "T1033", "T1036", "T1037", "T1039", "T1040", "T1041", "T1046", "T1047", "T1048", "T1049", "T1052", "T1053", "T1055", "T1056", "T1057", "T1059", "T1068", "T1069", "T1070", "T1071", "T1072", "T1074", "T1078", "T1080", "T1082", "T1083", "T1087", "T1090", "T1091", "T1092", "T1095", "T1098", "T1102", "T1104", "T1105", "T1106", "T1110", "T1111", "T1112", "T1113", "T1114", "T1115", "T1119", "T1120", "T1123", "T1124", "T1125", "T1127", "T1129", "T1132", "T1133", "T1134", "T1135", "T1136", "T1137", "T1140", "T1176", "T1185", "T1187", "T1189", "T1190", "T1195", "T1197", "T1199", "T1200", "T1201", "T1202", "T1203", "T1204", "T1205", "T1207", "T1210", "T1211", "T1212", "T1213", "T1216", "T1217", "T1218", "T1219", "T1220", "T1221", "T1222", "T1480", "T1482", "T1484", "T1485", "T1486", "T1489", "T1490", "T1491", "T1495", "T1496", "T1497", "T1498", "T1499", "T1505", "T1518", "T1525", "T1526", "T1528", "T1529", "T1530", "T1531", "T1534", "T1535", "T1537", "T1538", "T1539", "T1542", "T1543", "T1546", "T1547", "T1548", "T1550", "T1552", "T1553", "T1554", "T1555", "T1556", "T1557", "T1558", "T1559", "T1560", "T1561", "T1562", "T1563", "T1564", "T1565", "T1566", "T1567", "T1568", "T1569", "T1570", "T1571", "T1572", "T1573", "T1574", "T1578", "T1580", "T1583", "T1584", "T1585", "T1586", "T1587", "T1588", "T1589", "T1590", "T1591", "T1592", "T1593", "T1594", "T1595", "T1596", "T1597", "T1598", "T1599", "T1600", "T1601", "T1602", "T1606", "T1608", "T1609", "T1610", "T1611", "T1612", "T1613", "T1614", "T1615", "T1619", "T1620", "T1621", "T1622", "T1647", "T1648", "T1649", "T1650", "T1651", "T1652", "T1653", "T1654", "T1656", "T1657", "T1659" ) if ($TechniqueId -in $ValidTechniques) { return $true } else { return $false } } } |