MITRE ATT&CK Lookup Tool

Related tags

General Utilitiesattack-lookup
Overview

MITRE ATT&CK Lookup Tool

PyPi license PyPi version

attack-lookup is a tool that lets you easily check what Tactic, Technique, or Sub-technique ID maps to what name, and vice versa. It can be used interactively, for batch processing, or in your own tooling.

Installation

attack-lookup can be installed from PyPi:

$ pip install attack-lookup

It can also be installed manually:

$ git clone https://github.com/curated-intel/attack-lookup.git
$ cd attack-lookup
$ python setup.py install --user

Usage

$ attack-lookup --help
usage: attack-lookup [-h] [-v VERSION] [-m {enterprise,ics,mobile}] [-O] [-i INPUT] [-o OUTPUT] [--output-mode {results,csv}]

MITRE ATT&CK Lookup Tool

optional arguments:
  -h, --help            show this help message and exit
  -v VERSION, --version VERSION
                        ATT&CK matrix version to use (default: v10.1)
  -m {enterprise,ics,mobile}, --matrix {enterprise,ics,mobile}
                        ATT&CK matrix to use (default: enterprise)
  -O, --offline         Run in offline mode (default: False)
  -i INPUT, --input INPUT
                        Path to input file (one lookup value per line) (default: None)
  -o OUTPUT, --output OUTPUT
                        Path to output file (default: -)
  --output-mode {results,csv}
                        Mode for output file ("result" only has the lookup results, "csv" outputs a CSV with the lookup and result values (default: results)

By default, attack-lookup uses the latest version of the Enterprise matrix. When running in Online mode, attack-lookup pulls the latest matrix from MITRE's GitHub repo. When running in Offline mode, it can use any matrix available in attack_lookup/data.

You can use attack-lookup in interactive or batch mode:

$ attack-lookup
(loading latest enterprise matrix...done)
Running attack-lookup in interactive mode, exit with (q)uit
ATT&CK> T1539
Steal Web Session Cookie
ATT&CK>

For batch mode, specify an input file, and optionally an output file/mode. By default, output will go to stdout.

$ attack-lookup -i test
(loading latest enterprise matrix...done)
Collection
T1133
Peripheral Device Discovery

$ attack-lookup -i test --output-mode=csv
(loading latest enterprise matrix...done)
TA0009,Collection
External Remote Services,T1133
T1120,Peripheral Device Discovery

$ attack-lookup -i test --output-mode=csv -o out_file
(loading latest enterprise matrix...done)
Wrote output data to out_file

If multiple mappings exist (e.g., "Domains"), attack-lookup will provide all possible values:

ATT&CK> Domains
Multiple possible values: T1583.001, T1584.001

API

You can also use attack-lookup in your own scripts.

from attack_lookup import AttackMapping

# version is ignored when running online FYSA
mapping = AttackMapping(matrix="enterprise", version="v10.1", offline=False)

# load the data
# this can take ~10sec
if not mapping.load_data():
    print("failed to load data")
else:
    mapping.lookup("T1574") # returns "Hijack Execution Flow"
You might also like...
a tool for annotating table

table_annotate_tool a tool for annotating table motivated by wiki2bio,we create a tool to annoate all types of tables,this tool can annotate a table w

wisdom under lemon trees 4 Sep 23, 2021
A simple tool that updates your pubspec.yaml file, of a Flutter project, without altering the structure of your file.
A simple tool that updates your pubspec.yaml file, of a Flutter project, without altering the structure of your file.

A simple tool that updates your pubspec.yaml file, of a Flutter project, without altering the structure of your file.

null 3 Dec 10, 2021
A tool written in python to generate basic repo files from github
A tool written in python to generate basic repo files from github

A tool written in python to generate basic repo files from github

Riley 7 Dec 2, 2021
Simple Python tool that generates a pseudo-random password with numbers, letters, and special characters in accordance with password policy best practices.
Simple Python tool that generates a pseudo-random password with numbers, letters, and special characters in accordance with password policy best practices.

Simple Python tool that generates a pseudo-random password with numbers, letters, and special characters in accordance with password policy best practices.

Joe Helle 7 Mar 25, 2022
SmarTool - Smart Util Tool for Python

A set of tools that keep Python sweeter.

Liu Tao 9 Sep 30, 2022
A simple tool to move and rename Nvidia Share recordings to a more sensible format.
A simple tool to move and rename Nvidia Share recordings to a more sensible format.

A simple tool to move and rename Nvidia Share recordings to a more sensible format.

Jasper Rebane 8 Dec 23, 2022
The Black shade analyser and comparison tool.

diff-shades The Black shade analyser and comparison tool. AKA Richard's personal take at a better black-primer (by stealing ideas from mypy-primer) :p

Richard Si 10 Apr 29, 2022
This tool analyzes the json files generated by stream-lnd-htlcs to find hidden channel demand.

analyze_lnd_htlc Introduction Rebalancing channels is an important part of running a Lightning Network node. While it would be great if all channels c

Marimox 4 Dec 8, 2022
Animation retargeting tool for Autodesk Maya. Retargets mocap to a custom rig with a few clicks.
Animation retargeting tool for Autodesk Maya. Retargets mocap to a custom rig with a few clicks.

Animation Retargeting Tool for Maya A tool for transferring animation data and mocap from a skeleton to a custom rig in Autodesk Maya. Installation: A

Joaen 63 Jan 6, 2023
Releases(v1.0.1)
Owner
Curated Intel
Curated Intel
GitHub Repository
✨ Un DNS Resolver totalement fait en Python par moi, et en français

DNS Resolver ❗ Un DNS Resolver totalement fait en Python par moi, et en français. 🔮 Grâce a une adresse (url) vous pourrez avoir l'ip ainsi que le DN

MrGabin 3 Jun 06, 2021
A way to write regex with objects instead of strings.

Py Idiomatic Regex (AKA iregex) Documentation Available Here An easier way to write regex in Python using OOP instead of strings. Makes the code much

Ryan Peach 18 Nov 15, 2021
🌲 A simple BST (Binary Search Tree) generator written in python

Tree-Traversals (BST) 🌲 A simple BST (Binary Search Tree) generator written in python Installation Use the package manager pip to install BST. Usage

Jan Kupczyk 1 Dec 12, 2021
Generates a random prnt.sc link and display image.

Generates a random prnt.sc link and display image.

Emirhan 3 Oct 08, 2021
An extremely simple package with a single utillity class used for gracefully handling POSIX shutdown signals.

graceful-killer An extremely simple package with a single utillity class used for gracefully handling POSIX shutdown signals. Installation Use pip to

Sven Ćurković 1 Dec 09, 2021
A sys-botbase client for remote control automation of Nintendo Switch consoles. Based on SysBot.NET, written in python.

SysBot.py A sys-botbase client for remote control automation of Nintendo Switch consoles. Based on SysBot.NET, written in python. Setup: Download the

7 Dec 16, 2022
Program to extract signatures from documents.

Extracting Signatures from Bank Checks Introduction Ahmed et al. [1] suggest a connected components-based method for segmenting signatures in document

Muhammad Saif Ullah Khan 9 Jan 26, 2022
Similar looking domain detection using python fuzzywuzzy

Major cause of phishing and BEC incident is similar looking domain, if you detect it early, you can prevent incidents early, python fuzzywuzzy module let you do that

2 Nov 07, 2021
ColorController is a Pythonic interface for managing colors by english-language name and various color values.

ColorController.py Table of Contents Encode color data in various formats. 1.1: Create a ColorController object using a familiar, english-language col

Tal Zaken 2 Feb 12, 2022
A script to check for common mistakes in LaTeX source files of scientific papers.

LaTeX Paper Linter This script checks for common mistakes in LaTeX source files of scientific papers. Usage python3 paperlint.py file.tex [-i/x inc

Michael Schwarz 12 Nov 16, 2022
jsoooooooon derulo - Make sure your 'jason derulo' is featured as the first part of your json data

jsonderulo Make sure your 'jason derulo' is featured as the first part of your json data Install: # python pip install jsonderulo poetry add jsonderul

jesse 3 Sep 13, 2021
Finds price floor for every single attribute in a given collection

Solana Solanart Scanner Enjoy the Free Code Steps to run Download VS Code

Dalton Nisbett 19 Oct 20, 2022
Plone Interface contracts, plus basic features and utilities

plone.base This package is the base package of the CMS Plone https://plone.org. It contains only interface contracts and basic features and utilitie

Plone Foundation 1 Oct 03, 2022
Early version for manipulate Geo localization data trough API REST.

Backend para obtener los datos (beta) Descripción El servidor está diseñado para recibir y almacenar datos enviados en forma de JSON por una aplicació

Víctor Omar Vento Hernández 1 Nov 14, 2021
Python program to do with percentages and chances, random generation.

Chances and Percentages Python program to do with percentages and chances, random generation. What is this? This small program will generate a list wi

n0 3 Jul 15, 2021
A random cats photos python module

A random cats photos python module

Fayas Noushad 6 Dec 01, 2021
A meme error handler for python

Pwython OwO what's this? Pwython is project aiming to fill in one of the biggest problems with python, which is that it is slow lacks owoified text. N

SystematicError 23 Jan 15, 2022
Lock files using python and cmd

Python_Lock_Files Lock files using python and cmd license feel free to do whatever you want to with these files, i dont take any responsibility tho, u

1 Nov 01, 2021
💉 코로나 잔여백신 예약 매크로 커스텀 빌드 (속도 향상 버전)

Korea-Covid-19-Vaccine-Reservation 코로나 잔여 백신 예약 매크로를 기반으로 한 커스텀 빌드입니다. 더 빠른 백신 예약을 목표로 하며, 속도를 우선하기 때문에 사용자는 이에 대처가 가능해야 합니다. 지정한 좌표 내 대기중인 병원에서 잔여 백신

Queue.ri 21 Aug 15, 2022
Random Name and Slug Generator

Random Name and Slug Generator

Alexander Lukanin 104 Nov 30, 2022