• This repository has been archived on 06/Oct/2021
  • Stars
    star
    345
  • Rank 122,750 (Top 3 %)
  • Language
    JavaScript
  • License
    Apache License 2.0
  • Created almost 5 years ago
  • Updated about 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.

TRAM Has Moved!

TRAM has been moved to https://github.com/center-for-threat-informed-defense/tram/. This repository is no longer being actively maintained.

Thank you to the community who helped prove TRAM's value and advance the start of the art.

TRAM v0.5

Threat Report ATT&CK® Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK. TRAM is currently in its beta phase and is actively being developed. ​

Requirements

  • python3 (3.7+)
  • Google Chrome is our only supported/tested browser

Installation

Start by cloning this repository.

git clone https://github.com/mitre-attack/tram.git

From the root of this project, install the PIP requirements.

pip install -r requirements.txt

Then start the server.

python tram.py

Once the server has started, point your browser to localhost:9999, and you can then enter a URL on the home page. It currently takes several minutes to analyze a report, so please do not leave the page while it processes.

Configuration defaults can be changed here

Intended Use

Please note that TRAM is currently intended to be used as a local, single user application. We are aware of the benefit of using the application in a centralized location for multiple analysts to access at once, and will work in the future to add features to make this viable.

How do I contribute?

We welcome all the help we can get in making TRAM a more useful tool for the community. We have made a working prototype and acknowledge that there will need to be increased efforts in the future to maintain and improve it.

Read CONTRIBUTING.md to better understand what we're looking for. There's also a Developer Certificate of Origin that you'll need to sign off on. ​

Notice

Copyright 2020 The MITRE Corporation

Approved for Public Release; Distribution Unlimited. Case Number 19-3429.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

This project makes use of ATT&CK®

ATT&CK® Terms of Use - https://attack.mitre.org/resources/terms-of-use/

More Repositories

1

attack-navigator

Web app that provides basic navigation and annotation of ATT&CK matrices
TypeScript
1,983
star
2

car

Cyber Analytics Repository
Python
889
star
3

attack-scripts

Scripts and a (future) library to improve users' interactions with the ATT&CK content
Python
570
star
4

bzar

A set of Zeek scripts to detect ATT&CK techniques.
Zeek
522
star
5

attack-arsenal

A collection of red team and adversary emulation resources developed and released by MITRE.
PowerShell
475
star
6

attack-website

MITRE ATT&CK Website
HTML
451
star
7

attack-datasources

This content is analysis and research of the data sources currently listed in ATT&CK.
Jupyter Notebook
395
star
8

mitreattack-python

A python module for working with ATT&CK
Python
360
star
9

attack-stix-data

STIX data representing MITRE ATT&CK
Python
276
star
10

joystick

Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances in the results.
Python
64
star
11

attack-evals

ATT&CK Evaluations website (DEPRECATED)
HTML
58
star
12

evals_caldera

A CALDERA plugin for ATT&CK Evaluations Round 1
PowerShell
32
star
13

attack-datasources-stix-beta

Mock STIX data demonstrating the new data source representation
16
star
14

attack-workbench-taxii-server

An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains a TAXII 2.1 API integration for the ATT&CK Workbench application.
TypeScript
9
star
15

attack-archives

Previous ATT&CK releases as seen at https://attack.mitre.org/resources/previous-versions/
HTML
7
star
16

attack-workbench-deployment

1
star