A Python CLI utility for quickly converting a list or text file of MITRE ATT&CK parent technique IDs to a MITRE ATT&CK Navigator layer .JSON file.
- Free software: MIT license
Clone the repository using Git:
git clone https://github.com/infosecB/tech2attacknav.git
Manually download and unzip the repository: https://github.com/infosecB/tech2attacknav/archive/refs/heads/main.zip
python tech2attacknav.py -i input_file.txt -n ActorName
FireEye UNC2630 Report: FireEye provides a detailed report of techniques associated with this particular actor and even includes a screenshot of a MITRE ATT&CK navigator layer. What if you would like to use the ATT&CK navigator layer to map existing visibility and detection content to understand where your weaknesses may exist? Tech2AttackNav to the rescue! Copy and paste the list of technique IDs into a text file and let the script do its work.
- Select & copy list of technique IDs
- Paste into ttps.txt file in same directory as the script
- Run script:
python tech2attacknav.py -i ttps.txt -n UNC2630
- Open MITRE's ATT&CK Navigator
- Upload existing layer button
- Select the result.json file in the same directory as the script
- Add ability to parse subtechnique IDs
- Add webscraping functionality
- Create tests