Issue on page /notebooks/small/windows/08_lateral_movement/SDWIN-200724174200.html

[duzvik]

Hello,

mordor_file = "https://raw.githubusercontent.com/OTRF/mordor/master/datasets/small/windows/lateral_movement/wmi_event_subscription.pcapng"
registerMordorSQLTable(spark, mordor_file, "mordorTable")

registerMordorSQLTable call downloadMordorFile to download .tar.gz or .zip dataset fie. But here dataset extension is pcapng. https://github.com/hunters-forge/openhunt/blob/de241cef7cd1a385569590dfb94888e63caeef87/openhunt/mordorutils.py#L11-L19

As a result, the playbook gives error: UnboundLocalError: local variable 'mordorJSONPath' referenced before assignment

[Cyb3rWard0g]

Hey @duzvik , yes sorry for the late response. I was updating the site and the datasets did not make it through. I just pushed two PCAPs and one JSON file (zipped). The Notebook downloads, decompress and export the schema of the dataset.