pyattck: A Python package to interact with the Mitre ATT&CK Framework

In Network Security by RandomRaineLeave a Comment

Hey all, I just released a new Python package called pyattck. This package enables you to retrieve data from the Mitre ATT&CK Framework, as well as relationship data points (e.g. Actors -> Their Tools, Malware, & Techniques).

Here is some sample code on how to use pyattck:

“`python from pyattck import Attck

attack = Attck()

accessing actors

for actor in attack.actors: print(actor)

# accessing malware used by an actor or group for malware in actor.malware: print(malware) # accessing tools used by an actor or group for tool in actor.tools: print(tool) # accessing techniques used by an actor or group for technique in actor.techniques: print(technique) 

accessing malware

for malware in attack.malwares: print(malware)

# accessing actor or groups using this malware for actor in malware.actors: print(actor) # accessing techniques that this malware is used in for technique in malware.techniques: print(technique) 

accessing mitigation

for mitigation in attack.mitigations: print(mit)

# accessing techniques related to mitigation recommendations for technique in mitigation.techniques: print(technique) 

accessing tactics

for tactic in attack.tactics: print(tactic)

# accessing techniques related to this tactic for technique in tactic.techniques: print(technique) 

accessing techniques

for technique in attack.techniques: print(technique)

# accessing tactics that this technique belongs to for tactic in technique.tactics: print(tactic) # accessing mitigation recommendations for this technique for mitigation in technique.mitigation: print(mitigation) # accessing actors using this technique for actor in technique.actors: print(actor) 

accessing tools

for tool in attack.tools: print(tool)

# accessing techniques this tool is used in for technique in tool.techniques: print(technique) # accessing actor or groups using this tool for actor in tool.actors: print(actor) 

“`

Check it out and let me know what you think!

Blog: https://swimlane.com/blog/swimlane-research-team-open-sources-pyattack/

Docs: https://pyattck.readthedocs.io/en/latest/

Repo: https://github.com/swimlane/pyattck

submitted by /u/_Unas_
[link] [comments]
Source: Net Sec

Leave a Comment