metta icon indicating copy to clipboard operation
metta copied to clipboard
verified publisher icon uber-common

Call MITRE ATT&CK Techniques by their T number

Open carnal0wnage opened this issue 8 years ago • 1 comments

Metta should be able to take a list of ATT&CK T-numbers and execute baseline actions that correspond to those T-numbers.

Why? it could then read in the T numbers assigned to any APT group from: https://attack.mitre.org/wiki/Groups (or the json that supports that data in unfetter)

and then execute those actions.

Wishlist; your pentest group could provide you a list of things they did by T-number and you could reproduce in your environment via Metta

carnal0wnage avatar Nov 15 '17 21:11 carnal0wnage

  • [ ] Add T-number option to the yaml
  • [ ] Create default actions (1 ?) for each T-number
  • [ ] Figure out how Metta will find the above files (most likely a specific folder?)
  • [ ] Modify the code to accept a list of T-numbers and execute the relevant file

carnal0wnage avatar Nov 15 '17 21:11 carnal0wnage