Skip to content
/ Attacker-Group-Predictor Public

Tool to predict attacker groups from the techniques and software used

License

Apache-2.0 license
50 stars 11 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

omergunal/Attacker-Group-Predictor

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
img
img
 
 
updater
updater
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
groupInfo.txt
groupInfo.txt
 
 
main.py
main.py
 
 
predictor.py
predictor.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Attacker-Group-Predictor

The tool predicts attacker groups from techniques and softwares used. It searches based on the MITRE ATT&CK™ framework

How it works?

  • 1- Collect data from https://attack.mitre.org/ about attacker groups
  • 2- Get data from user about attack
  • 3- Compare data and create result

Installation

git clone https://github.com/omergunal/Attacker-Group-Predictor.git
cd Attacker-Group-Predictor/
pip3 install -r requirements.txt

Usage

python3 main.py
Fill the inputs

Update Attacker Groups Data

cd updater
python3 update.py

Example

python3 main.py
  Techniques used (ID or Name) (Seperate with comma):Brute Force,Commonly used port,connection proxy,Credential dumping
  Softwares used (ID or Name) (Seperate with comma):Bankshot,mimikatz,Rawdisk

  Most probable groups:
    Lazarus Group
    APT33
    menuPass
    Threat Group-3390
    APT41

Screenhot

example

About

Tool to predict attacker groups from the techniques and software used

Topics

security-tools mitre-attack apt-groups

Resources

Readme

License

Apache-2.0 license
Activity

Stars

50 stars

Watchers

8 watching

Forks

11 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages