{"id":19866607,"url":"https://github.com/mitre-attack/mitreattack-python","last_synced_at":"2025-05-14T10:06:58.045Z","repository":{"id":37948876,"uuid":"320590779","full_name":"mitre-attack/mitreattack-python","owner":"mitre-attack","description":"A python module for working with ATT\u0026CK","archived":false,"fork":false,"pushed_at":"2025-01-13T16:11:26.000Z","size":9203,"stargazers_count":535,"open_issues_count":35,"forks_count":120,"subscribers_count":27,"default_branch":"master","last_synced_at":"2025-04-04T08:33:41.543Z","etag":null,"topics":["cti","cyber-threat-intelligence","cybersecurity","mitre-attack","mitre-corporation","python"],"latest_commit_sha":null,"homepage":"https://mitreattack-python.readthedocs.io/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mitre-attack.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"docs/CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-12-11T14:05:58.000Z","updated_at":"2025-04-01T22:47:47.000Z","dependencies_parsed_at":"2023-11-13T23:24:32.464Z","dependency_job_id":"cb4ef4fc-d399-46ab-a77c-bf360cc6d6bd","html_url":"https://github.com/mitre-attack/mitreattack-python","commit_stats":{"total_commits":325,"total_committers":15,"mean_commits":"21.666666666666668","dds":0.6276923076923078,"last_synced_commit":"3954bc4c29fe4e30db7850c31d1564e50de3d5e0"},"previous_names":[],"tags_count":58,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre-attack%2Fmitreattack-python","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre-attack%2Fmitreattack-python/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre-attack%2Fmitreattack-python/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre-attack%2Fmitreattack-python/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mitre-attack","download_url":"https://codeload.github.com/mitre-attack/mitreattack-python/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248420018,"owners_count":21100292,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cti","cyber-threat-intelligence","cybersecurity","mitre-attack","mitre-corporation","python"],"created_at":"2024-11-12T15:26:34.353Z","updated_at":"2025-04-11T14:38:26.432Z","avatar_url":"https://github.com/mitre-attack.png","language":"Python","readme":"# mitreattack-python\n\nThis repository contains a library of Python tools and utilities for working with ATT\u0026CK data. For more information,\nsee the [full documentation](https://mitreattack-python.readthedocs.io/) on ReadTheDocs.\n\n## Install\n\nTo use this package, install the mitreattack-python library with [pip](https://pip.pypa.io/en/stable/):\n\n```shell\npip install mitreattack-python\n```\n\nNote: the library requires [python3](https://www.python.org/).\n\n## MitreAttackData Library\n\nThe ``MitreAttackData`` library is used to read in and work with MITRE ATT\u0026CK STIX 2.0 content. This library provides \nthe ability to query the dataset for objects and their related objects. This is the main content of mitreattack-python;\nyou can read more about other modules in this library under \"Additional Modules\".\n\n## Additional Modules\n\nMore detailed information and examples about the specific usage of the additional modules in this package can be found in the individual README files for each module linked below.\n\n| module | description | documentation |\n|:------------|:------------|:--------------|\n| [navlayers](https://github.com/mitre-attack/mitreattack-python/tree/master/mitreattack/navlayers) | A collection of utilities for working with [ATT\u0026CK Navigator](https://github.com/mitre-attack/attack-navigator) layers. Provides the ability to import, export, and manipulate layers. Layers can be read in from the filesystem or python dictionaries, combined and edited, and then exported to excel or SVG images. | Further documentation can be found [here](https://github.com/mitre-attack/mitreattack-python/blob/master/mitreattack/navlayers/README.md).|\n| [attackToExcel](https://github.com/mitre-attack/mitreattack-python/tree/master/mitreattack/attackToExcel) | A collection of utilities for converting [ATT\u0026CK STIX data](https://github.com/mitre/cti) to Excel spreadsheets. It also provides access to [Pandas](https://pandas.pydata.org/) DataFrames representing the dataset for use in data analysis. | Further documentation can be found [here](https://github.com/mitre-attack/mitreattack-python/blob/master/mitreattack/attackToExcel/README.md).|\n| [collections](https://github.com/mitre-attack/mitreattack-python/tree/master/mitreattack/collections) | A set of utilities for working with [ATT\u0026CK Collections and Collection Indexes](https://github.com/center-for-threat-informed-defense/attack-workbench-frontend/blob/master/docs/collections.md). Provides functionalities for converting and summarizing data in collections and collection indexes, as well as generating a collection from a raw stix bundle input. | Further documentation can be found [here](https://github.com/mitre-attack/mitreattack-python/blob/master/mitreattack/collections/README.md).|\n| [diffStix](https://github.com/mitre-attack/mitreattack-python/tree/master/mitreattack/diffStix) | Create markdown, HTML, JSON and/or ATT\u0026CK Navigator layers reporting on the changes between two versions of the STIX2 bundles representing the ATT\u0026CK content. Run `diff_stix -h` for full usage instructions. | Further documentation can be found [here](https://github.com/mitre-attack/mitreattack-python/blob/master/mitreattack/diffStix/README.md).|\n\n\n## Related MITRE Work\n\n### CTI\n\n[Cyber Threat Intelligence repository](https://github.com/mitre/cti) of the ATT\u0026CK catalog expressed in STIX 2.0 JSON.\nThis repository also contains [our USAGE document](https://github.com/mitre/cti/blob/master/USAGE.md) which includes\nadditional examples of accessing and parsing our dataset in Python.\n\n### ATT\u0026CK\n\nATT\u0026CK® is a curated knowledge base and model for cyber adversary behavior, reflecting the various phases of\nan adversary’s lifecycle, and the platforms they are known to target.\nATT\u0026CK is useful for understanding security risk against known adversary behavior,\nfor planning security improvements, and verifying defenses work as expected.\n\n\u003chttps://attack.mitre.org\u003e\n\n### STIX\n\nStructured Threat Information Expression (STIX\u003csup\u003e™\u003c/sup\u003e) is a language and serialization format used to exchange cyber threat intelligence (CTI).\n\nSTIX enables organizations to share CTI with one another in a consistent and machine-readable manner,\nallowing security communities to better understand what computer-based attacks they are most likely to\nsee and to anticipate and/or respond to those attacks faster and more effectively.\n\nSTIX is designed to improve many capabilities, such as collaborative threat analysis, automated threat exchange, automated detection and response, and more.\n\n\u003chttps://oasis-open.github.io/cti-documentation/\u003e\n\n### ATT\u0026CK scripts\n\nOne-off scripts and code examples you can use as inspiration for how to work with ATT\u0026CK programmatically. Many of the functionalities found in the mitreattack-python package were originally posted on attack-scripts.\n\n\u003chttps://github.com/mitre-attack/attack-scripts\u003e\n\n\n## Contributing\n\nTo contribute to this project, either through a bug report, feature request, or merge request,\nplease see the [Contributors Guide](https://github.com/mitre-attack/mitreattack-python/blob/master/docs/CONTRIBUTING.md).\n\n## Notice\n\nCopyright 2025 The MITRE Corporation\n\nApproved for Public Release; Distribution Unlimited. Case Number 19-0486.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n   \u003chttp://www.apache.org/licenses/LICENSE-2.0\u003e\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n\nThis project makes use of ATT\u0026CK®\n\n[ATT\u0026CK Terms of Use](https://attack.mitre.org/resources/terms-of-use/)\n","funding_links":[],"categories":["HTML"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmitre-attack%2Fmitreattack-python","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmitre-attack%2Fmitreattack-python","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmitre-attack%2Fmitreattack-python/lists"}