MITRE ATT&CK Lookup Tool

Related tags

General Utilitiesattack-lookup
Overview

MITRE ATT&CK Lookup Tool

PyPi license PyPi version

attack-lookup is a tool that lets you easily check what Tactic, Technique, or Sub-technique ID maps to what name, and vice versa. It can be used interactively, for batch processing, or in your own tooling.

Installation

attack-lookup can be installed from PyPi:

$ pip install attack-lookup

It can also be installed manually:

$ git clone https://github.com/curated-intel/attack-lookup.git
$ cd attack-lookup
$ python setup.py install --user

Usage

$ attack-lookup --help
usage: attack-lookup [-h] [-v VERSION] [-m {enterprise,ics,mobile}] [-O] [-i INPUT] [-o OUTPUT] [--output-mode {results,csv}]

MITRE ATT&CK Lookup Tool

optional arguments:
  -h, --help            show this help message and exit
  -v VERSION, --version VERSION
                        ATT&CK matrix version to use (default: v10.1)
  -m {enterprise,ics,mobile}, --matrix {enterprise,ics,mobile}
                        ATT&CK matrix to use (default: enterprise)
  -O, --offline         Run in offline mode (default: False)
  -i INPUT, --input INPUT
                        Path to input file (one lookup value per line) (default: None)
  -o OUTPUT, --output OUTPUT
                        Path to output file (default: -)
  --output-mode {results,csv}
                        Mode for output file ("result" only has the lookup results, "csv" outputs a CSV with the lookup and result values (default: results)

By default, attack-lookup uses the latest version of the Enterprise matrix. When running in Online mode, attack-lookup pulls the latest matrix from MITRE's GitHub repo. When running in Offline mode, it can use any matrix available in attack_lookup/data.

You can use attack-lookup in interactive or batch mode:

$ attack-lookup
(loading latest enterprise matrix...done)
Running attack-lookup in interactive mode, exit with (q)uit
ATT&CK> T1539
Steal Web Session Cookie
ATT&CK>

For batch mode, specify an input file, and optionally an output file/mode. By default, output will go to stdout.

$ attack-lookup -i test
(loading latest enterprise matrix...done)
Collection
T1133
Peripheral Device Discovery

$ attack-lookup -i test --output-mode=csv
(loading latest enterprise matrix...done)
TA0009,Collection
External Remote Services,T1133
T1120,Peripheral Device Discovery

$ attack-lookup -i test --output-mode=csv -o out_file
(loading latest enterprise matrix...done)
Wrote output data to out_file

If multiple mappings exist (e.g., "Domains"), attack-lookup will provide all possible values:

ATT&CK> Domains
Multiple possible values: T1583.001, T1584.001

API

You can also use attack-lookup in your own scripts.

from attack_lookup import AttackMapping

# version is ignored when running online FYSA
mapping = AttackMapping(matrix="enterprise", version="v10.1", offline=False)

# load the data
# this can take ~10sec
if not mapping.load_data():
    print("failed to load data")
else:
    mapping.lookup("T1574") # returns "Hijack Execution Flow"
You might also like...
a tool for annotating table

table_annotate_tool a tool for annotating table motivated by wiki2bio,we create a tool to annoate all types of tables,this tool can annotate a table w

wisdom under lemon trees 4 Sep 23, 2021
A simple tool that updates your pubspec.yaml file, of a Flutter project, without altering the structure of your file.
A simple tool that updates your pubspec.yaml file, of a Flutter project, without altering the structure of your file.

A simple tool that updates your pubspec.yaml file, of a Flutter project, without altering the structure of your file.

null 3 Dec 10, 2021
A tool written in python to generate basic repo files from github
A tool written in python to generate basic repo files from github

A tool written in python to generate basic repo files from github

Riley 7 Dec 2, 2021
Simple Python tool that generates a pseudo-random password with numbers, letters, and special characters in accordance with password policy best practices.
Simple Python tool that generates a pseudo-random password with numbers, letters, and special characters in accordance with password policy best practices.

Simple Python tool that generates a pseudo-random password with numbers, letters, and special characters in accordance with password policy best practices.

Joe Helle 7 Mar 25, 2022
SmarTool - Smart Util Tool for Python

A set of tools that keep Python sweeter.

Liu Tao 9 Sep 30, 2022
A simple tool to move and rename Nvidia Share recordings to a more sensible format.
A simple tool to move and rename Nvidia Share recordings to a more sensible format.

A simple tool to move and rename Nvidia Share recordings to a more sensible format.

Jasper Rebane 8 Dec 23, 2022
The Black shade analyser and comparison tool.

diff-shades The Black shade analyser and comparison tool. AKA Richard's personal take at a better black-primer (by stealing ideas from mypy-primer) :p

Richard Si 10 Apr 29, 2022
This tool analyzes the json files generated by stream-lnd-htlcs to find hidden channel demand.

analyze_lnd_htlc Introduction Rebalancing channels is an important part of running a Lightning Network node. While it would be great if all channels c

Marimox 4 Dec 8, 2022
Animation retargeting tool for Autodesk Maya. Retargets mocap to a custom rig with a few clicks.
Animation retargeting tool for Autodesk Maya. Retargets mocap to a custom rig with a few clicks.

Animation Retargeting Tool for Maya A tool for transferring animation data and mocap from a skeleton to a custom rig in Autodesk Maya. Installation: A

Joaen 63 Jan 6, 2023
Releases(v1.0.1)
Owner
Curated Intel
Curated Intel
GitHub Repository
Patch the pclntable from Go binaries

Pretrain and Fine-tune a T5 model with Flax on GCP This tutorial details how pretrain and fine-tune a FlaxT5 model from HuggingFace using a TPU VM ava

6 Oct 05, 2022
Pampy: The Pattern Matching for Python you always dreamed of.

Pampy: Pattern Matching for Python Pampy is pretty small (150 lines), reasonably fast, and often makes your code more readable and hence easier to rea

Claudio Santini 3.5k Jan 06, 2023
Install, run, and update apps without root and only in your home directory

Qube Apps Install, run, and update apps in the private storage of a Qube Building instrutions

Micah Lee 26 Dec 27, 2022
Protect your eyes from eye strain using this simple and beautiful, yet extensible break reminder

Protect your eyes from eye strain using this simple and beautiful, yet extensible break reminder

Gobinath 1.2k Jan 01, 2023
A utility that makes it easy to work with Python projects containing lots of packages, of which you only want to develop some.

Mixed development source packages on top of stable constraints using pip mxdev [mɪks dɛv] is a utility that makes it easy to work with Python projects

BlueDynamics Alliance 6 Jun 08, 2022
A python module to validate input.

A python module to validate input.

Matthias 6 Sep 13, 2022
A thing to simplify listening for PG notifications with asyncpg

A thing to simplify listening for PG notifications with asyncpg

ANNA 18 Dec 23, 2022
Run async workflows using pytest-fixtures-style dependency injection

Run async workflows using pytest-fixtures-style dependency injection

Simon Willison 26 Jun 26, 2022
A simple toolchain for moving Remarkable highlights to Readwise

A simple toolchain for moving Remarkable highlights to Readwise

zach wick 20 Dec 20, 2022
Adding two matrix from scratch using python.

Adding-two-matrix-from-scratch-using-python. Here, I have take two matrix from user and add it without using any library. I made this program from scr

Sachin Vinayak Dabhade 4 Sep 24, 2021
An okayish python script to generate a random Euler circuit with given number of vertices and edges.

Euler-Circuit-Test-Case-Generator An okayish python script to generate a random Euler circuit with given number of vertices and edges. Executing the S

Alen Antony 1 Nov 13, 2021
This repository contains scripts that help you validate QR codes.

Validation tools This repository contains scripts that help you validate QR codes. It's hacky, and a warning for Apple Silicon users: the dependencies

Ryan Barrett 8 Mar 01, 2022
Audio Steganography is a technique used to transmit hidden information by modifying an audio signal in an imperceptible manner.

Audio Steganography Audio Steganography is a technique used to transmit hidden information by modifying an audio signal in an imperceptible manner. Ab

Karan Yuvraj Singh 1 Oct 17, 2021
A library for interacting with Path of Exile game and economy data, and a unique loot filter generation framework.

wraeblast A library for interfacing with Path of Exile game and economy data, and a set of item filters geared towards trade league players. Filter Ge

David Gidwani 29 Aug 28, 2022
Python script to launch burp scans automatically

SimpleAutoBurp Python script that takes a config.json file as config and uses Burp Suite Pro to scan a list of websites.

Adan Álvarez 26 Jul 18, 2022
Basic loader is a small tool that will help you generating Cloudflare cookies

Basic Loader Cloudflare cookies loader This tool may help some people getting valide cloudflare cookies Installation 🔌 : pip install -r requirements.

IHateTomLrge 8 Mar 30, 2022
UUID version 7, which are time-sortable (following the Peabody RFC4122 draft)

uuid7 - time-sortable UUIDs This module implements the version 7 UUIDs, proposed by Peabody and Davis in https://www.ietf.org/id/draft-peabody-dispatc

Steve Simmons 22 Dec 20, 2022
Retrying library for Python

Tenacity Tenacity is an Apache 2.0 licensed general-purpose retrying library, written in Python, to simplify the task of adding retry behavior to just

Julien Danjou 4.3k Jan 05, 2023
New time-based UUID formats which are suited for use as a database key

uuid6 New time-based UUID formats which are suited for use as a database key. This module extends immutable UUID objects (the UUID class) with the fun

26 Dec 30, 2022
Python program for analyzing the output files of phonopy.

PhononTools Description Python program to analyze the results generated by phonopy. Using the .yaml and .dat files that phonopy generates one can plot

Harry LaBollita 8 Nov 27, 2022