ATTACK CTI Libary
ATT&CK Python Client
A Python module to access up to date ATT&CK content available in STIX via public TAXII server. This project leverages the python classes and functions of the cti-python-stix2 and cti-taxii-client libraries developed by MITRE.
- Provide an easy way to access and interact with up to date ATT&CK content available in STIX via public TAXII server
- Allow security analysts to quickly explore ATT&CK content and apply it in their daily operations
- Allow the integration of ATT&Ck content with other platforms to host up to date information from the framework
- Help security analysts during the transition from the ATT&CK MediaWiki API to the STIX/TAXII 2.0 API
- Learn STIX2 and TAXII Client Python libraries
Current Status: Beta
The project is currently in a beta stage, which means that the code and the functionality is changing, but the current main functions are stabilising. I would love to get your feedback to make it a better project.
- MITRE CTI
- OASIS CTI TAXII Client
- OASIS CTI Python STIX2
- MITRE ATT&CK Framework
- ATT&CK MediaWiki API
Python 3+ or 2.7
You can install it via PIP:
pip install attackcti
Or you can also do the following:
git clone https://github.com/Cyb3rWard0g/ATTACK-Python-Client cd ATTACK-Python-Client pip install .
Jupyter Notebooks - Code Integration
I created a few jupyter notebooks that I hope can help you get familiar with the library and allow you to implement it in your future projects.
Install Jupyter Lab and Pandas==0.22.0 in order to use the Jupyter Notebooks on your own. You can do it by using the requirements.txt file in this repo
pip install -r requirements.txt
Start Jupyter Lab by running the following commands in the root directory of the repo
cd notebooks jupyter lab
- Roberto Rodriguez @Cyb3rWard0g
- Jose Luis Rodriguez @Cyb3rPandaH
- [ ] Revokation logic to update Groups Objects
- [ ] Integration with HELK
Release history Release notifications
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
|Filename, size & hash SHA256 hash help||File type||Python version||Upload date|
|attackcti-0.1.4-py3-none-any.whl (7.7 kB) Copy SHA256 hash SHA256||Wheel||py3|
|attackcti-0.1.4.tar.gz (7.5 kB) Copy SHA256 hash SHA256||Source||None|