pyattck: A Python package to interact with the Mitre ATT&CK Framework

Hey all, I just released a new Python package called pyattck. This package enables you to retrieve data from the Mitre ATT&CK Framework, as well as relationship data points (e.g. Actors -> Their Tools, Malware, & Techniques).

Here is some sample code on how to use pyattck:

from pyattck import Attck attack = Attck() # accessing actors
for actor in attack.actors: print(actor) # accessing malware used by an actor or group for malware in actor.malware: print(malware) # accessing tools used by an actor or group for tool in actor.tools: print(tool) # accessing techniques used by an actor or group for technique in actor.techniques: print(technique) # accessing malware
for malware in attack.malwares: print(malware) # accessing actor or groups using this malware for actor in malware.actors: print(actor) # accessing techniques that this malware is used in for technique in malware.techniques: print(technique) # accessing mitigation
for mitigation in attack.mitigations: print(mit) # accessing techniques related to mitigation recommendations for technique in mitigation.techniques: print(technique) # accessing tactics
for tactic in attack.tactics: print(tactic) # accessing techniques related to this tactic for technique in tactic.techniques: print(technique) # accessing techniques
for technique in attack.techniques: print(technique) # accessing tactics that this technique belongs to for tactic in technique.tactics: print(tactic) # accessing mitigation recommendations for this technique for mitigation in technique.mitigation: print(mitigation) # accessing actors using this technique for actor in technique.actors: print(actor) # accessing tools
for tool in attack.tools: print(tool) # accessing techniques this tool is used in for technique in tool.techniques: print(technique) # accessing actor or groups using this tool for actor in tool.actors: print(actor)

Check it out and let me know what you think!

Blog: https://swimlane.com/blog/swimlane-research-team-open-sources-pyattack/

Docs: https://pyattck.readthedocs.io/en/latest/

Repo: https://github.com/swimlane/pyattck


Read Moreā€¦

Leave a Reply

Your email address will not be published. Required fields are marked *