Skip to content
This repository has been archived by the owner on Apr 12, 2022. It is now read-only.

Scripts and a (future) library to improve users' interactions with the ATT&CK content

License

Notifications You must be signed in to change notification settings

ArtificialErmine/attack-scripts

 
 

Repository files navigation

attack-scripts

This repository is intended to provide a library of functions to improve users' interactions with ATT&CK content. In addition, it will provide one-off scripts for processing and visualizing ATT&CK content — See the scripts folder for more details.

Note: this repository is a work in progress. In the coming months we will be adding additional functionalities as well as soliciting scripts from ATT&CK users — see contributing to attack-scripts.

Requirements

Installation

  1. Create a new virtual environment: python3 -m venv env
  2. Activate the environment: source env/bin/activate
  3. Install requirements into the virtual environment: pip3 install -r requirements.txt

Training

Binder

This repository also contains Jupyter notebooks and other material for ATT&CK training. The trainings directory has that content, which can be launched via Binder. The binder directory has requirements for that notebook, per the Binder documentation.

Related MITRE Work

CTI

Cyber Threat Intelligence repository of the ATT&CK catalog expressed in STIX 2.0 JSON.

ATT&CK

ATT&CK® is a curated knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary’s lifecycle and the platforms they are known to target. ATT&CK is useful for understanding security risk against known adversary behavior, for planning security improvements, and verifying defenses work as expected.

https://attack.mitre.org

STIX

Structured Threat Information Expression (STIX) is a language and serialization format used to exchange cyber threat intelligence (CTI).

STIX enables organizations to share CTI with one another in a consistent and machine readable manner, allowing security communities to better understand what computer-based attacks they are most likely to see and to anticipate and/or respond to those attacks faster and more effectively.

STIX is designed to improve many different capabilities, such as collaborative threat analysis, automated threat exchange, automated detection and response, and more.

https://oasis-open.github.io/cti-documentation/

Notice

Copyright 2020 The MITRE Corporation

Approved for Public Release; Distribution Unlimited. Case Number 19-0486.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

This project makes use of ATT&CK®

ATT&CK Terms of Use

About

Scripts and a (future) library to improve users' interactions with the ATT&CK content

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 79.2%
  • Jupyter Notebook 20.8%