• Stars
    star
    451
  • Rank 96,968 (Top 2 %)
  • Language
    HTML
  • License
    Apache License 2.0
  • Created about 6 years ago
  • Updated 8 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

MITRE ATT&CK Website

MITRE ATT&CK® Website

See the live site at attack.mitre.org!

This repository contains the source code used to generate the MITRE ATT&CK® website as seen at attack.mitre.org. The source code is flexible to allow users to generate the site with custom content.

Usage

The Install and Run section below explains how to set up a local version of the site. You can also visit the live site at attack.mitre.org. If you want to extend the style, content or functionality of this site, please see our Customizing the ATT&CK Website document for tips and tricks.

Use our Github Issue Tracker to let us know of any bugs or other issues you encounter. We also encourage pull requests if you've extended the site in a cool way and want to share back to the community!

If you find errors or typos in the site content, please let us know by sending an email to [email protected] with the subject Website Content Error, and make sure to include both a description of the error and the URL at which it can be found.

See CONTRIBUTING.md for more information on making contributions to the ATT&CK website.

Requirements

Install and Build

Install requirements

  1. Create a virtual environment:
    • macOS and Linux: python3 -m venv env
    • Windows: py -m venv env
  2. Activate the virtual environment:
    • macOS and Linux: source env/bin/activate
    • Windows: env/Scripts/activate.bat
  3. Install requirement packages: pip3 install -r requirements.txt

Build and serve the local site

  1. Update ATT&CK markdown from the STIX content, and generate the output HTML from the markdown: python3 update-attack.py. Note: update-attack.py, has many optional command line arguments which affect the behavior of the build. Run python3 update-attack.py -h for a list of arguments and an explanation of their functionality.
  2. Serve the HTML to localhost:8000:
    1. Ensure you are in the root of the repository, e.g. path/to/attack-website
    2. pelican -l

(Optional) Build the search module

  1. Install Node.js. This is required in order to compile the search service webpack bundle.
  2. Generate the search service webpack bundle to enable search functionality:
    cd attack-search/
    npm install # installs all third-party dependencies
    npm run build # generates the webpack bundle
    npm run copy # copies the resultant bundle to the Pelican server output directory

Installing, building, and serving the site via Docker

  1. Build the docker image:
    • docker build -t <your_preferred_image_name> .
  2. Run a docker container:
    • docker run --name <your_preferred_container_name> -d -p <your_preferred_port>:80 <image_name_from_build_command>
  3. View the site on your preferred localhost port

Related MITRE Work

ATT&CK STIX Data

Data representing the ATT&CK Catalog can be found on the following repositories:

ATT&CK Navigator

The ATT&CK Navigator is an open-source tool providing basic navigation and annotation of ATT&CK matrices, something that people are already doing today in tools like Excel. It is designed to be simple and generic - you can use the Navigator to visualize your defensive coverage, your red/blue team planning, the frequency of detected techniques, and more.

https://github.com/mitre-attack/attack-navigator

STIX

Structured Threat Information Expression (STIXâ„¢) is a language and serialization format used to exchange cyber threat intelligence (CTI).

STIX enables organizations to share CTI with one another in a consistent and machine readable manner, allowing security communities to better understand what computer-based attacks they are most likely to see and to anticipate and/or respond to those attacks faster and more effectively.

STIX is designed to improve many different capabilities, such as collaborative threat analysis, automated threat exchange, automated detection and response, and more.

https://oasis-open.github.io/cti-documentation/

Notice

Copyright 2015-2023 The MITRE Corporation

Approved for Public Release; Distribution Unlimited. Case Number 19-3504.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

This project makes use of ATT&CK®

ATT&CK Terms of Use

More Repositories

1

attack-navigator

Web app that provides basic navigation and annotation of ATT&CK matrices
TypeScript
1,983
star
2

car

Cyber Analytics Repository
Python
889
star
3

attack-scripts

Scripts and a (future) library to improve users' interactions with the ATT&CK content
Python
570
star
4

bzar

A set of Zeek scripts to detect ATT&CK techniques.
Zeek
522
star
5

attack-arsenal

A collection of red team and adversary emulation resources developed and released by MITRE.
PowerShell
475
star
6

attack-datasources

This content is analysis and research of the data sources currently listed in ATT&CK.
Jupyter Notebook
395
star
7

mitreattack-python

A python module for working with ATT&CK
Python
360
star
8

tram

Threat Report ATT&CKâ„¢ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.
JavaScript
345
star
9

attack-stix-data

STIX data representing MITRE ATT&CK
Python
276
star
10

joystick

Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances in the results.
Python
64
star
11

attack-evals

ATT&CK Evaluations website (DEPRECATED)
HTML
58
star
12

evals_caldera

A CALDERA plugin for ATT&CK Evaluations Round 1
PowerShell
32
star
13

attack-datasources-stix-beta

Mock STIX data demonstrating the new data source representation
16
star
14

attack-workbench-taxii-server

An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains a TAXII 2.1 API integration for the ATT&CK Workbench application.
TypeScript
9
star
15

attack-archives

Previous ATT&CK releases as seen at https://attack.mitre.org/resources/previous-versions/
HTML
7
star
16

attack-workbench-deployment

1
star