Test Case Markdown renderer (question)

[Selora]

Hello!

Thanks for this tool! A few hours playing with it shows a good potential for my bread-and-butter purple team project tracker!

Quick question; is there a way to have a "rendered" view of the test cases? Ex: I'm a blue teamer, I want to review a test case covering a complicated TTP closed by a red teamer. Is there a way to have a "presentation layer" for that? I'm seeing in the examples/templates that there's already some markdown sprinkled here and there, is there a way to actually render the content?

Also, since I would primarily spend my time in the individual "test cases" panes for MITRE ATT&CK assessments, is there a way to make this view a little more comfortable? Maybe splitting up the test case window into different "red" and "blue" views, each with an "edit" and "view/rendered" mode, which would allow more space to write stuff without scrolling?

These are all humble suggestion, and again, thank you so much for this tool! I'm seeing a lot of ad-hoc tracking and manual reporting of these types of assessment and this could save a lot of time. I could probably try to make the pull request for these features, let me know if you are open for contributions and what are the guidelines, my java web development skills are not really sharp 😃

[thebleucheese]

The markdown renderer is a great idea. Thanks for the suggestion!

We're setting the groundwork for a redesign to the Test Case panel that will include something exactly like you mention - the ability to maximize/minimize the red and blue sides (as well as general cleanup for usability and better presentation). We haven't discussed a view only mode yet, but that sounds like it would be useful as well.

VECTR isn't currently seeking dev contributions. That may change, but at the moment the project uses some proprietary & commercial services for testing and development and our team is working on it full time. However, we're happy to discuss some of our roadmap and features in more detail if you're interested. You're welcome to contact us on our website and we can setup a conference call.

[ssnkhan]

@Selora If you are classifying each TTP/attack against a Kill Chain (Mitre, for instance), and the attack follows a logical attack path (recon to actions and objectives), then the Escalation Path is actually a great visual representation of the attack:

[initstring]

Hi team SRA,

I thought this issue might be the correct place to add a comment, as it is very similar to the description by @Selora and also the test case panel redesign mentioned by @thebleucheese.

We are currently using the "Operator Guidance" field to paste actual attack commands run for a specific test case. This area is a bit small, so inputting multiple lines of bash makes it quite difficult to read and follow.

I do see that I can actually drag the lower-right corner of the "Operator Guidance" window to be slightly larger, but the "Red Team Details" section that it resides in does no expand with it to accommodate.

In fact, using a wide monitor leaves a lot of wasted white space in the test case area. If this could expand, we would have a really nice working area to share and review the commands required to reproduce each test case.

Here is a screenshot showing how expanding "Operator Guidance" does not expand the parent section, and in general how the entire test case has room to grow.

Thanks to you and the team for a really cool product!

[thebleucheese]

Thanks for the screenshot, a good interim solution while we're working on the Test Case panel redesign will be to make that panel responsive and also to add the markdown rendering as mentioned above. We'll get those added to our issue tracker.

The Test Case panel redesign plans are moving forward. We've been sprinkling in the back-end changes to support a lot of the updates in it. One of the big change items for that will be supporting multiple outcomes - so that users can track detection outcomes for individual tools that are (or should be) involved in the detection or defense of a Test Case. Also, one of the front end technologies we're looking at using is getting ready for a major release so we're eagerly anticipating the opportunity to get started with it.

[initstring]

Thanks again for the quick reply! A responsive panel would be great, and would really come in handy. Markdown would be icing on the cake. :)

[carlvonderheid]

Markdown will be addressed in the next release, we are just working on some final UI/UX enhancements to the editor.

[carlvonderheid]

Fixed in 6.2.2