• Stars
    star
    111
  • Rank 314,510 (Top 7 %)
  • Language
    Python
  • License
    BSD 3-Clause "New...
  • Created about 5 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage

attack2jira

The MITRE ATT&CK Framework is a great tool security teams can leverage to, among many other things, measure the security posture of an organization against tactics and techniques used in the wild by real threat actors.

At the time of writing, ATT&CK covers 266 Techniques across 12 Tactics. If done manually, tracking this posture's state over time can become a tedious and challenging task. Blue/Purple teams require the proper tools that allow them to efficiently tackle this challenge and focus on whats important.

attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage. No more spreadsheets !

Visit the Wiki to view the Demos. attack2jira was first presented at ATT&CKCon 2.0. For more context, read this blog post.

To allow the community to experiment with this approach, I created a Jira instance hosting the ATTACK project with attack2jira: https://attack.atlassian.net/jira/software/c/projects/ATTACK/issues/

attack2jira was designed to be used with Jira Cloud. Specifically, Jira Software.

Tested on Kali Linux 2018.4 and Windows 10 1830 under Python 3.6 and Python 3.7.

Quick Start Guide

Installation

$ git clone https://github.com/mvelazc0/attack2jira.git
$ pip3 install -r attack2jira/requirements.txt

Jira Software

Usage

Print the help menu

$ python3 attack2jira.py -h

Create the Jira ATTACK project and issues

$ python3 attack2jira.py -url https://yourjiracloud.atlassian.net -u [email protected] -a initialize

Create the Jira ATTACK project with custom project and key

$ python3 attack2jira.py -url https://yourjiracloud.atlassian.net -u [email protected] -a initialize -p 'ATTACK Coverage' -k ATT

Export an ATTACK Navigator JSON layer

$ python3 attack2jira.py -url https://yourjiracloud.atlassian.net -u [email protected] -a export

$ python3 attack2jira.py -url https://yourjiracloud.atlassian.net -u [email protected] -a export -hide

Demo

Demo1 @att&ckcon 2019

Acknoledgments

Authors

License

This project is licensed under the BSD 3-Clause License - see the LICENSE file for details

More Repositories

1

defcon27_csharp_workshop

Writing custom backdoor payloads with C# - Defcon 27 Workshop
C#
912
star
2

PurpleSharp

PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments
C#
716
star
3

BadZure

BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack paths.
PowerShell
327
star
4

Oriana

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Python
175
star
5

PurpleTeamPlaybook

Active Directory Purple Team Playbook
92
star
6

PurpleSpray

PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpose of generating attack telemetry in properly monitored Windows enterprise environments
Python
47
star
7

Invoke-SMBLogin

Validates username & password combination(s) across a host or group of hosts using the SMB protocol.
PowerShell
13
star
8

SharpShareFinder

SharpShareFinder is a minimalistic network share discovery POC designed to enumerate shares in Windows Active Directory networks leveraging .NET parallelism.
C#
11
star
9

Talks-Presentations

Resource links (video, slides & code) for my conference talks | presentations | workshops
8
star
10

SharpSnake

SharpSnake
C#
3
star
11

mvelazc0

1
star