Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Call MITRE ATT&CK Techniques by their T number #1

Open
carnal0wnage opened this issue Nov 15, 2017 · 1 comment
Open

Call MITRE ATT&CK Techniques by their T number #1

carnal0wnage opened this issue Nov 15, 2017 · 1 comment
Assignees
@carnal0wnage

Comments

@carnal0wnage
Copy link
Contributor

Metta should be able to take a list of ATT&CK T-numbers and execute baseline actions that correspond to those T-numbers.

Why? it could then read in the T numbers assigned to any APT group from: https://attack.mitre.org/wiki/Groups (or the json that supports that data in unfetter)

and then execute those actions.

Wishlist; your pentest group could provide you a list of things they did by T-number and you could reproduce in your environment via Metta
@carnal0wnage carnal0wnage self-assigned this Nov 15, 2017
@carnal0wnage
Copy link
Contributor Author

carnal0wnage commented Nov 15, 2017
edited
Loading

  • Add T-number option to the yaml
  • Create default actions (1 ?) for each T-number
  • Figure out how Metta will find the above files (most likely a specific folder?)
  • Modify the code to accept a list of T-numbers and execute the relevant file

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@carnal0wnage carnal0wnage

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@carnal0wnage