Port 22

pyattck: A Python package to interact with the Mitre ATT&CK Framework

Hey all, I just released a new Python package called pyattck. This package enables you to retrieve data from the Mitre ATT&CK Framework, as well as relationship data points (e.g. Actors -> Their Tools, Malware, & Techniques).

Here is some sample code on how to use pyattck:

python from pyattck import Attck</p> <p>attack = Attck()</p> <h1>accessing actors</h1> <p>for actor in attack.actors: print(actor)</p> <pre><code># accessing malware used by an actor or group for malware in actor.malware: print(malware) # accessing tools used by an actor or group for tool in actor.tools: print(tool) # accessing techniques used by an actor or group for technique in actor.techniques: print(technique) </code></pre> <h1>accessing malware</h1> <p>for malware in attack.malwares: print(malware)</p> <pre><code># accessing actor or groups using this malware for actor in malware.actors: print(actor) # accessing techniques that this malware is used in for technique in malware.techniques: print(technique) </code></pre> <h1>accessing mitigation</h1> <p>for mitigation in attack.mitigations: print(mit)</p> <pre><code># accessing techniques related to mitigation recommendations for technique in mitigation.techniques: print(technique) </code></pre> <h1>accessing tactics</h1> <p>for tactic in attack.tactics: print(tactic)</p> <pre><code># accessing techniques related to this tactic for technique in tactic.techniques: print(technique) </code></pre> <h1>accessing techniques</h1> <p>for technique in attack.techniques: print(technique)</p> <pre><code># accessing tactics that this technique belongs to for tactic in technique.tactics: print(tactic) # accessing mitigation recommendations for this technique for mitigation in technique.mitigation: print(mitigation) # accessing actors using this technique for actor in technique.actors: print(actor) </code></pre> <h1>accessing tools</h1> <p>for tool in attack.tools: print(tool)</p> <pre><code># accessing techniques this tool is used in for technique in tool.techniques: print(technique) # accessing actor or groups using this tool for actor in tool.actors: print(actor) </code></pre> <p>

Check it out and let me know what you think!

Blog: https://swimlane.com/blog/swimlane-research-team-open-sources-pyattack/

Docs: https://pyattck.readthedocs.io/en/latest/

Repo: https://github.com/swimlane/pyattck

submitted by /u/Unas
[link] [comments]