{"id":19866598,"url":"https://github.com/mitre-attack/attack-workbench-taxii-server","last_synced_at":"2025-05-02T06:30:38.228Z","repository":{"id":43231989,"uuid":"501802788","full_name":"mitre-attack/attack-workbench-taxii-server","owner":"mitre-attack","description":"An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT\u0026CK® knowledge base. This repository contains a TAXII 2.1 API integration for the ATT\u0026CK Workbench application.","archived":false,"fork":false,"pushed_at":"2024-11-18T14:52:00.000Z","size":6843,"stargazers_count":35,"open_issues_count":6,"forks_count":10,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-04-06T23:13:24.016Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mitre-attack.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"docs/CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-06-09T20:42:17.000Z","updated_at":"2025-04-04T14:19:24.000Z","dependencies_parsed_at":"2024-04-23T20:54:39.488Z","dependency_job_id":"90dc6c6e-dc9f-4bbe-a079-d680588ae8da","html_url":"https://github.com/mitre-attack/attack-workbench-taxii-server","commit_stats":null,"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre-attack%2Fattack-workbench-taxii-server","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre-attack%2Fattack-workbench-taxii-server/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre-attack%2Fattack-workbench-taxii-server/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre-attack%2Fattack-workbench-taxii-server/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mitre-attack","download_url":"https://codeload.github.com/mitre-attack/attack-workbench-taxii-server/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251998047,"owners_count":21677916,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-12T15:26:32.387Z","updated_at":"2025-05-02T06:30:37.845Z","avatar_url":"https://github.com/mitre-attack.png","language":"TypeScript","readme":"# ATT\u0026CK Workbench TAXII Server\n\nThe ATT\u0026CK Workbench TAXII server is a Node.js server designed to serve STIX 2.1 content through a\n[TAXII 2.1](https://docs.oasis-open.org/cti/taxii/v2.1/csprd02/taxii-v2.1-csprd02.html) compliant REST API. It\nruns as part of the overarching [ATT\u0026CK Workbench project](https://medium.com/mitre-engenuity/att-ck-workbench-a-tool-for-extending-att-ck-e1718cbfe0ef).\nThe ATT\u0026CK Workbench is an application allowing users to **explore**, **create**, **annotate**, and **share** extensions\nof the MITRE ATT\u0026CK® knowledge base.\n\nThe following resources provide supporting documentation about the TAXII protocol and use cases:\n- [Introduction to TAXII](https://oasis-open.github.io/cti-documentation/taxii/intro.html)\n- [TAXII 2.1 Specification](https://docs.oasis-open.org/cti/taxii/v2.1/os/taxii-v2.1-os.html)\n- [OASIS Open TAXII Resources](https://oasis-open.github.io/cti-documentation/resources.html#taxii-21-specification)\n\nThe ATT\u0026CK Workbench application requires additional components for full operation. \nThe [ATT\u0026CK Workbench Frontend](https://github.com/center-for-threat-informed-defense/attack-workbench-frontend) \nrepository contains the full documentation of the scope and function of the project. See the [install and run](#install-and-run) \ninstructions for more details about setting up the entire project.\n\n## API Roots\n\nThis application exposes contents of the local ATT\u0026CK Workbench knowledge base through TAXII 2.1 [Collections](https://docs.oasis-open.org/cti/taxii/v2.1/os/taxii-v2.1-os.html#_Toc31107500). \nCurrently, one [API Root](https://docs.oasis-open.org/cti/taxii/v2.1/os/taxii-v2.1-os.html#_Toc31107498) is used to \nlogically group the available STIX collections and their associated endpoints. Users can see which API roots are available\nthrough the server's [discovery endpoint](https://docs.oasis-open.org/cti/taxii/v2.1/os/taxii-v2.1-os.html#_q0a03pfr5x7n) (`/taxii2/`).\n\n### Workbench Collections\n\nThe collections API root (`{api-root}/collections/`) provides access to Workbench data segregated by \n[Workbench collection](https://github.com/center-for-threat-informed-defense/attack-workbench-frontend/blob/master/docs/collections.md). \nEach version of each collection within the knowledge base, including both locally-created and imported collections, is \nmade available through this API Root. In addition, the most recent version of each collection is made available under a \nstatic ID alias such that when a new version is created/imported the corresponding TAXII endpoint does not change. The \nfollowing diagram demonstrates this feature:\n\n```\nTAXII Collection ID                            Workbench Collection\n────────────────────────────────────           ───────────────────────────────────\n4c936680-22bc-4e68-8037-ca7670493eef ◄───────┐ Enterprise ATT\u0026CK (current version)\n                                             │\nbacf402e-b767-45bc-ae06-f0620d38ff15 ◄───────┴──── Enterprise ATT\u0026CK v9\ncda0f120-c30c-4499-a7f2-3bf859c876c3 ◄──────────── Enterprise ATT\u0026CK v8\n9cdda5dd-a8b7-41df-97e5-4fc01608dd26 ◄──────────── Enterprise ATT\u0026CK v7\n\nc7beaddb-f5a0-4602-bbb5-3383c1448de9 ◄───────┐ Mobile ATT\u0026CK (current version)\n                                             │\nfde5d877-6f13-4694-b5c6-85d3f689f068 ◄───────┴──── Mobile ATT\u0026CK v9\n44f5bd59-ad8a-4103-8315-9cbb759c7a96 ◄──────────── Mobile ATT\u0026CK v8\n596f2f85-790e-4c37-97b7-cf68caa91f43 ◄──────────── Mobile ATT\u0026CK v7\n```\n\n## TAXII Server Documentation\nThe application uses Swagger UI module to dynamically document the available REST API endpoints. The Swagger report can \nbe accessed at the path: `/api-docs`.\n\nThe [docs](/docs/README.md) folder contains additional documentation about using the TAXII Server:\n- [SETUP](/docs/SETUP.md): Includes advanced details and instructions for setting up the TAXII Server.\n- [USAGE](/docs/USAGE.md): User Guide on how to query/use the TAXII 2.1 REST API.\n- [CONTRIBUTING](/docs/CONTRIBUTING.md): information about how to contribute to this project.\n\n## Install and run\n\nBy default, the TAXII Server is not required to use the ATT\u0026CK Workbench, but the ATT\u0026CK Workbench is required to use \nthe TAXII server. The ATT\u0026CK Workbench consists of the following software components:\n\n- [ATT\u0026CK Workbench Frontend](https://github.com/center-for-threat-informed-defense/attack-workbench-frontend): The front-end user interface for the ATT\u0026CK Workbench tool, and the primary interface through which the knowledge base is accessed.\n- [ATT\u0026CK Workbench REST API](https://github.com/center-for-threat-informed-defense/attack-workbench-rest-api): REST API service for storing, querying and editing ATT\u0026CK objects.\n- [ATT\u0026CK Workbench Collection Manager](https://github.com/center-for-threat-informed-defense/attack-workbench-collection-manager): REST API service for managing collections, collection indexes, and collection subscriptions. The collection manager is **not** required to be installed to use the ATT\u0026CK Workbench, but is **highly recommended**.\n\nEach of the aforementioned repositories contains their own respective deployment instructions. However, the easiest way\nto deploy the entire ATT\u0026CK Workbench is via the [Docker Compose](https://github.com/center-for-threat-informed-defense/attack-workbench-frontend/blob/master/docs/docker-compose.md) contained in the front-end repository.\n\n### Docker\n#### Container Registry\nThe ATT\u0026CK Workbench TAXII server is packaged as a Docker image in the GitHub Container registry:\n```shell\n$ docker pull ghcr.io/mitre-attack/attack-workbench-taxii-server:latest\n```\n\n#### Build from source\n\nIf you wish to build a Docker image from source, a [shell script](./run.sh) is provided to ease the process. It handles\nthe following:\n- loading environment variables from a specified dotenv file\n- building a Docker image from source\n- creating and starting a container instance\n\nThe script requires two environment variables:\n- `TAXII_ENV`: used to determine the name of the dotenv configuration file\n- `TAXII_APP_PORT`: used in the `docker run` command to expose the desired port\n```shell\n$ export TAXII_ENV=prod | dev | local\n$ export TAXII_APP_PORT=443\n$ ./run.sh\n```\n### Manual Installation\n\n#### Requirements\n\n- [Node.js](https://nodejs.org) version `14.20.0` or greater\n- [Node.js](https://nodejs.org) version must support `AsyncLocalStorage`\n \n#### Installation\n\n##### Step 1. Clone the git repository\n\n```\ngit clone git@github.com:mitre-attack/attack-workbench-taxii-server.git\ncd attack-workbench-taxii-server\n```\n\n##### Step 2. Install the dependencies\n\nThe ATT\u0026CK Workbench TAXII Server installs all dependencies within the project.\nIt doesn't depend on the global installation of any modules.\n\n```\nnpm install\n```\n\n##### Step 3. Configure the system\n\nThe app is configured using environment variables loaded from a dotenv file. A template is provided for your convenience. \nSee the [SETUP](./docs/SETUP.md#environment-variables) document for a list of supported environment variables and usage descriptions. \n\nStore the dotenv file in the root `config/` directory, and ensure that the `TAXII_ENV` environment variable reflects the dotenv file name. `TAXII_ENV` determines the name of the environment variable which gets loaded by the server. For example:\n- If `TAXII_ENV` is equal to `dev`, then the server attempts to load `config/dev.env`.\n- If `TAXII_ENV` is equal to `prod`, then the server attempts to load `config/prod.env`.\n\nExample:\n```shell\n$ export TAXII_ENV=dev\n$ cp config/template.env config/${TAXII_ENV}.env\n$ # modify the dev.env file \n$ # done!\n```\n##### Step 4. Run the app\n\nTo run the production-mode server with Swagger enabled:\n```shell\n$ npm run build\n$ npm run start\n```\nTo run the server with hot-reload enabled (such that the server automatically reloads when you make a change to a file):\n```shell\n$ npm run start:dev\n```\n\n## Notice \n\nCopyright 2021 The MITRE Corporation\n\nApproved for Public Release; Distribution Unlimited. Case Number 21-2703.\n\nLicensed under the Apache License, Version 2.0 (the \"License\"); you may not use this file except in compliance with the License. You may obtain a copy of the License at \n\nhttp://www.apache.org/licenses/LICENSE-2.0 \n\nUnless required by applicable law or agreed to in writing, software distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. \n\nThis project makes use of ATT\u0026CK®\n\n[ATT\u0026CK Terms of Use](https://attack.mitre.org/resources/terms-of-use/)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmitre-attack%2Fattack-workbench-taxii-server","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmitre-attack%2Fattack-workbench-taxii-server","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmitre-attack%2Fattack-workbench-taxii-server/lists"}