GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → mitre-attack → mitreattack-python

mitre-attack / mitreattack-python

Licence: Apache-2.0 license
A python module for working with ATT&CK

Programming Languages

python
139335 projects - #7 most used programming language

Labels

cybersecurityctimitre-attackcyber-threat-intelligencemitre-corporation

Projects that are alternatives of or similar to mitreattack-python

mitrecnd.github.io
MITRE Shield website
Stars: ✭ 17 (-91.83%)
Mutual labels:  cybersecurity, cti, mitre-attack, cyber-threat-intelligence, mitre-corporation
attack-evals
ATT&CK Evaluations website (DEPRECATED)
Stars: ✭ 57 (-72.6%)
Mutual labels:  cybersecurity, cti, mitre-attack, cyber-threat-intelligence, mitre-corporation
attack-stix-data
STIX data representing MITRE ATT&CK
Stars: ✭ 118 (-43.27%)
Mutual labels:  cybersecurity, cti, cyber-threat-intelligence, mitre-corporation
attack to veris
The principal objectives and outputs of this project are the creation and dissemination of an extension to the VERIS schema incorporating ATT&CK mappings and associated usage documentation.
Stars: ✭ 56 (-73.08%)
Mutual labels:  cybersecurity, mitre-attack, cyber-threat-intelligence
connectors
OpenCTI connectors
Stars: ✭ 135 (-35.1%)
Mutual labels:  cybersecurity, cti, mitre-attack
Caldera
Automated Adversary Emulation Platform
Stars: ✭ 3,126 (+1402.88%)
Mutual labels:  cybersecurity, mitre-attack, mitre-corporation
cycat-service
CyCAT.org API back-end server including crawlers
Stars: ✭ 25 (-87.98%)
Mutual labels:  cybersecurity, cti, mitre-attack
Abused-Legitimate-Services
Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
Stars: ✭ 42 (-79.81%)
Mutual labels:  cybersecurity, cti, cyber-threat-intelligence
Open-source-tools-for-CTI
Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers
Stars: ✭ 91 (-56.25%)
Mutual labels:  cybersecurity, cti
Spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+3208.65%)
Mutual labels:  cybersecurity, cti
Adversary emulation library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
Stars: ✭ 295 (+41.83%)
Mutual labels:  cybersecurity, mitre-attack
Zeek-Network-Security-Monitor
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
Stars: ✭ 38 (-81.73%)
Mutual labels:  cybersecurity, cyber-threat-intelligence
attckr
⚔️MITRE ATT&CK Machinations in R
Stars: ✭ 22 (-89.42%)
Mutual labels:  cybersecurity, mitre-attack
Attack Scripts
Scripts and a (future) library to improve users' interactions with the ATT&CK content
Stars: ✭ 290 (+39.42%)
Mutual labels:  cybersecurity, mitre-attack
Shuffle
Shuffle: A general purpose security automation platform platform. We focus on accessibility for all.
Stars: ✭ 424 (+103.85%)
Mutual labels:  cybersecurity, mitre-attack
Reverse Engineering Tutorial
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Stars: ✭ 5,763 (+2670.67%)
Mutual labels:  cybersecurity, cyber-threat-intelligence
YAFRA
YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-89.42%)
Mutual labels:  cybersecurity, cyber-threat-intelligence
Misp
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+1575.48%)
Mutual labels:  cybersecurity, cti
Sentinel Attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+225%)
Mutual labels:  cybersecurity, mitre-attack
Attack Control Framework Mappings
Security control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.
Stars: ✭ 115 (-44.71%)
Mutual labels:  cybersecurity, mitre-attack
View All Similar Projects ➔

mitreattack-python

This repository contains a library of Python tools and utilities for working with ATT&CK data. For more information, see the full documentation on ReadTheDocs.

Install

To use this package, install the mitreattack-python library with pip:

pip install mitreattack-python

Note: the library requires python3.

MitreAttackData Library

The MitreAttackData library is used to read in and work with MITRE ATT&CK STIX 2.0 content. This library provides the ability to query the dataset for objects and their related objects. This is the main content of mitreattack-python; you can read more about other modules in this library under "Additional Modules".

Additional Modules

More detailed information and examples about the specific usage of the additional modules in this package can be found in the individual README files for each module linked below.

module description documentation
navlayers A collection of utilities for working with ATT&CK Navigator layers. Provides the ability to import, export, and manipulate layers. Layers can be read in from the filesystem or python dictionaries, combined and edited, and then exported to excel or SVG images. Further documentation can be found here.
attackToExcel A collection of utilities for converting ATT&CK STIX data to Excel spreadsheets. It also provides access to Pandas DataFrames representing the dataset for use in data analysis. Further documentation can be found here.
collections A set of utilities for working with ATT&CK Collections and Collection Indexes. Provides functionalities for converting and summarizing data in collections and collection indexes, as well as generating a collection from a raw stix bundle input. Further documentation can be found here.
diffStix Create markdown, HTML, JSON and/or ATT&CK Navigator layers reporting on the changes between two versions of the STIX2 bundles representing the ATT&CK content. Run diff_stix -h for full usage instructions. Further documentation can be found here.

Related MITRE Work

CTI

Cyber Threat Intelligence repository of the ATT&CK catalog expressed in STIX 2.0 JSON. This repository also contains our USAGE document which includes additional examples of accessing and parsing our dataset in Python.

ATT&CK

ATT&CK® is a curated knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary’s lifecycle, and the platforms they are known to target. ATT&CK is useful for understanding security risk against known adversary behavior, for planning security improvements, and verifying defenses work as expected.

https://attack.mitre.org

STIX

Structured Threat Information Expression (STIX) is a language and serialization format used to exchange cyber threat intelligence (CTI).

STIX enables organizations to share CTI with one another in a consistent and machine-readable manner, allowing security communities to better understand what computer-based attacks they are most likely to see and to anticipate and/or respond to those attacks faster and more effectively.

STIX is designed to improve many capabilities, such as collaborative threat analysis, automated threat exchange, automated detection and response, and more.

https://oasis-open.github.io/cti-documentation/

ATT&CK scripts

One-off scripts and code examples you can use as inspiration for how to work with ATT&CK programmatically. Many of the functionalities found in the mitreattack-python package were originally posted on attack-scripts.

https://github.com/mitre-attack/attack-scripts

Contributing

To contribute to this project, either through a bug report, feature request, or merge request, please see the Contributors Guide.

Notice

Copyright 2022 The MITRE Corporation

Approved for Public Release; Distribution Unlimited. Case Number 19-0486.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

This project makes use of ATT&CK®

ATT&CK Terms of Use

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].