How to use pyattck - 10 common examples

To help you get started, we’ve selected a few pyattck examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github swimlane / pyattck / pyattck / tools.py View on Github external
def techniques(self):
        '''Returns all technique objects as a list that this tool has been identified or used'''
        from .technique import AttckTechnique
        technique_list = []
        for item in self.attck_obj['objects']:
            if 'relationship_type' in item:
                if 'uses' in item['relationship_type']:
                    if self.stix in item['source_ref']:
                        if 'attack-pattern' in item['target_ref']:
                            for o in self.attck_obj['objects']:
                                if item['target_ref'] in o['id']:
                                    technique_list.append(AttckTechnique(**o))
        return technique_list
github swimlane / pyattck / pyattck / pyattck.py View on Github external
def techniques(self):
        """Creates AttckTechnique objects
        
        Returns:
            (AttckTechnique) -- Returns a list of AttckTechnique objects
        """
        technique_list = []
        for technique in self.attck["objects"]:
            if (technique['type'] == 'attack-pattern'):
                technique_list.append(AttckTechnique(attck_obj=self.attck, **technique))
        return technique_list
github swimlane / pyattck / pyattck / tactic.py View on Github external
def techniques(self):
        '''Returns all techniques as a list that are related to this tactic'''
        from .technique import AttckTechnique
        technique_list = []
        for item in self.attck_obj['objects']:
            if 'kill_chain_phases' in item:
                for prop in item['kill_chain_phases']:
                    if str(prop['phase_name']).lower() == str(self.short_name).lower():
                        technique_list.append(AttckTechnique(**item))
        return technique_list
github swimlane / pyattck / pyattck / mitigation.py View on Github external
def techniques(self):
        '''Returns all technique objects as a list that are related to this mitigation object'''
        from .technique import AttckTechnique
        technique_list = []
        for item in self.attck_obj['objects']:
            if 'source_ref' in item:
                if self.stix in item['source_ref']:
                    for o in self.attck_obj['objects']:
                        if item['target_ref'] in o['id']:
                            technique_list.append(AttckTechnique(**o))
        return technique_list
github swimlane / pyattck / pyattck / malware.py View on Github external
def techniques(self):
        '''Returns all technique objects as a list that are documented as using this malware'''
        from .technique import AttckTechnique
        technique_list = []
        for item in self.attck_obj['objects']:
            if 'source_ref' in item:
                if self.stix in item['source_ref']:
                    for o in self.attck_obj['objects']:
                        if item['target_ref'] in o['id']:
                            technique_list.append(AttckTechnique(**o))
        return technique_list
github swimlane / pyattck / pyattck / actor.py View on Github external
def techniques(self):
        '''Returns all technique objects as a list that are documented as being used by an Actor or Group'''
        from .technique import AttckTechnique
        technique_list = []
        for item in self.attck_obj['objects']:
            if 'source_ref' in item:
                if self.stix in item['source_ref']:
                    for o in self.attck_obj['objects']:
                        if o['type'] == 'attack-pattern':
                            if item['target_ref'] in o['id']:
                                technique_list.append(AttckTechnique(**o))
        return technique_list
github swimlane / pyattck / pyattck / technique.py View on Github external
self.platforms = super(AttckTechnique, self)._set_list_items(kwargs, 'x_mitre_platforms')
        self.permissions = super(AttckTechnique, self)._set_list_items(kwargs, 'x_mitre_permissions_required')
        self.bypass = super(AttckTechnique, self)._set_list_items(kwargs, 'x_mitre_defense_bypassed')
        self.effective_permissions = super(AttckTechnique, self)._set_list_items(kwargs, 'x_mitre_effective_permissions')
        self.network = super(AttckTechnique, self)._set_attribute(kwargs, 'x_mitre_network_requirements')
        self.remote = super(AttckTechnique, self)._set_attribute(kwargs, 'x_mitre_remote_support')
        self.system_requirements = super(AttckTechnique, self)._set_attribute(kwargs, 'x_mitre_system_requirements')
        self.detection = super(AttckTechnique, self)._set_attribute(kwargs, 'x_mitre_detection')
        self.data_source = super(AttckTechnique, self)._set_list_items(kwargs, 'x_mitre_data_sources')
        self.created = super(AttckTechnique, self)._set_attribute(kwargs, 'created')
        self.modified = super(AttckTechnique, self)._set_attribute(kwargs, 'modified')
        self.contributors = super(AttckTechnique, self)._set_list_items(kwargs, 'contributor')
        self.stix = super(AttckTechnique, self)._set_attribute(kwargs, 'id')

        self.wiki = super(AttckTechnique, self)._set_wiki(kwargs)
        self.external_references = super(AttckTechnique, self)._set_reference(kwargs)

        self.tactic = kwargs
github swimlane / pyattck / pyattck / actor.py View on Github external
from .attckobject import AttckObject

class AttckActor(AttckObject):
    """A child class of AttckObject
       Creates objects that are categorized as Mitre ATT&CK Actors or Groups (e.g. APT1, APT32, etc.)
    
    Arguments:
        attck_obj (json) -- Takes the raw Mitre ATT&CK Json object
        AttckObject (dict) -- Takes the Mitre ATT&CK Json object as a kwargs values
    """

    def __init__(self, attck_obj = None, **kwargs):

        self.attck_obj = attck_obj

        self.id = super(AttckActor, self)._set_id(kwargs)
        self.created_by_ref = super(AttckActor, self)._set_attribute(kwargs, 'created_by_ref')
        self.revoked = super(AttckActor, self)._set_attribute(kwargs, 'revoked')
        self.name = super(AttckActor, self)._set_attribute(kwargs, 'name')
github swimlane / pyattck / pyattck / tools.py View on Github external
from .attckobject import AttckObject

class AttckTools(AttckObject):
    """A child class of AttckObject
       Creates objects which have been categorized as software used in attacks
    
    Arguments:
        AttckObject (dict) -- Takes the Mitre ATT&CK Json object as a kwargs values
    """

    def __init__(self, attck_obj = None, **kwargs):
        """Creates an AttckTools object.  
           The AttckTools object is based on software which have been categorized as software used in attacks
        """

        self.attck_obj = attck_obj

        self.id = super(AttckTools, self)._set_id(kwargs)
        self.name = super(AttckTools, self)._set_attribute(kwargs, 'name')
github swimlane / pyattck / pyattck / technique.py View on Github external
from .attckobject import AttckObject

class AttckTechnique(AttckObject):
    """A child class of AttckObject
       Creates objects which have been categorized as a technique used by attackers
    
    Arguments:
        AttckObject (dict) -- Takes the Mitre ATT&CK Json object as a kwargs values
    """

    def __init__(self, attck_obj = None, **kwargs):
        """Creates an AttckTechnique object.  
           The AttckTechnique object is a technique used by attackers.
        """

        self.attck_obj = attck_obj

        self.created_by_reference = super(AttckTechnique, self)._set_attribute(kwargs, 'created_by_ref')
        self.id = super(AttckTechnique, self)._set_id(kwargs)

pyattck

A Python package to interact with the Mitre ATT&CK Frameworks

MIT
Latest version published 3 months ago

Package Health Score

70 / 100
Full package analysis

Similar packages