ATT&CK Python Client
A Python module to access up to date ATT&CK content available in STIX via public TAXII server. This project leverages the python classes and functions of the cti-python-stix2 and cti-taxii-client libraries developed by MITRE.
- Provide an easy way to access and interact with up to date ATT&CK content available in STIX via public TAXII server
- Allow security analysts to quickly explore ATT&CK content and apply it in their daily operations
- Allow the integration of ATT&Ck content with other platforms to host up to date information from the framework
- Help security analysts during the transition from the ATT&CK MediaWiki API to the STIX/TAXII 2.0 API
- Learn STIX2 and TAXII Client Python libraries
Current Status: Beta
The project is currently in a beta stage, which means that the code and the functionality is changing, but the current main functions are stabilising. I would love to get your feedback to make it a better project.
- MITRE CTI
- OASIS CTI TAXII Client
- OASIS CTI Python STIX2
- MITRE ATT&CK Framework
- ATT&CK MediaWiki API
You can install it via PIP:
pip install attackcti
Or you can also do the following:
git clone https://github.com/Cyb3rWard0g/ATTACK-Python-Client cd ATTACK-Python-Client pip install .
- Roberto Rodriguez @Cyb3rWard0g
- Jose Luis Rodriguez @Cyb3rPandaH
- Revokation logic to update Groups Objects
- Integration with HELK