2.8 KiB

Raw Blame History

attckr

Analyze Adversary Tactics and Techniques Using the MITRE ATT&CK CTI Corpus

Description

MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. Tools are provided to analyze adversary tactics and techniques, build incident metrics, and identify high level program gaps using the MITRE ATT&CK CTI Corpus.

What’s Inside The Tin

The following functions are implemented:

enterprise_attack: Enterprise Attack Taxonomy
fct_tactic: Make an ordered Tactics factor with optional better labelling
mobile_attack: Mobile Attack Taxonomy
pre_attack: Pre-Attack Taxonomy
read_events: Read in ATT&CK events from a file
tidy_attack: Combined ATT&CK Matricies Tactics, Techniques and Technique detail
validate_tactics: Validate Tactics strings against MITRE authoritative source
validate_technique_ids: Validate Technique IDs
validate_techniques: Validate Techniques strings against MITRE authoritative source

Installation

remotes::install_git("https://git.rud.is/hrbrmstr/attckr.git")
# or
remotes::install_git("https://git.sr.ht/~hrbrmstr/attckr")
# or
remotes::install_gitlab("hrbrmstr/attckr")
# or
remotes::install_bitbucket("hrbrmstr/attckr")

NOTE: To use the ‘remotes’ install options you will need to have the {remotes} package installed.

Usage

library(attckr)

# current version
packageVersion("attckr")
## [1] '0.1.0'

attckr Metrics

Lang	# Files	(%)	LoC	(%)	Blank lines	(%)	# Lines	(%)
R	10	0.91	168	0.95	50	0.77	72	0.74
Rmd	1	0.09	8	0.05	15	0.23	25	0.26

Code of Conduct

Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.

2.8 KiB Raw Blame History