Fix examples of software_used_by_groups and techniques_using_software: Combine malware with tools instead of overwriting.

[hcristea]

The problem

The example function def software_using_technique(thesrc) updates the malware dict with the related tools dict. The problem is that dict.update() overrides the values for the same keys. In this case, the keys are the stix IDs of the attack-patterns, and attack-patterns are used by both malware and tools. The function returns only the tools for the attack patterns that are used by both.

The FIX

Replace dict.update() with a routine to extend the malware array with tools array if the attack pattern is used by tools.

[isaisabel]

Is there a reason you submitted this as a draft PR? I have the ability to convert it on my end but I'm not sure if there was some other reason it's a draft.

[hcristea]

@isaisabel, apologies for the late reply. I marked it as draft PR because I realized the same issue exists in the example function software_used_by_groups and I intend to submit a fix for that too in this PR. I'll add that change and ping you for a review.

[hcristea]

@isaisabel, IMO this PR is ready to be merged. Please have a look at the latest commit. Thank you!

[isaisabel]

Looks great, thank you for helping us improve our documentation!