https://github.com/omergunal/Attacker-Group-Predictor
Tool to predict attacker groups from the techniques and software used
https://github.com/omergunal/Attacker-Group-Predictor
apt-groups mitre-attack security-tools
Last synced: 4 months ago
JSON representation
Tool to predict attacker groups from the techniques and software used
- Host: GitHub
- URL: https://github.com/omergunal/Attacker-Group-Predictor
- Owner: omergunal
- License: apache-2.0
- Created: 2020-05-31T14:14:19.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2021-08-04T16:13:05.000Z (over 4 years ago)
- Last Synced: 2024-11-21T14:38:45.508Z (12 months ago)
- Topics: apt-groups, mitre-attack, security-tools
- Language: Python
- Homepage:
- Size: 73.2 KB
- Stars: 49
- Watchers: 8
- Forks: 11
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - omergunal/Attacker-Group-Predictor - Tool to predict attacker groups from the techniques and software used (Python)
README
# Attacker-Group-Predictor
The tool predicts attacker groups from techniques and softwares used. It searches based on the MITRE ATT&CK™ framework
### How it works?
* 1- Collect data from https://attack.mitre.org/ about attacker groups
* 2- Get data from user about attack
* 3- Compare data and create result
### Installation
```
git clone https://github.com/omergunal/Attacker-Group-Predictor.git
cd Attacker-Group-Predictor/
pip3 install -r requirements.txt
```
### Usage
```
python3 main.py
Fill the inputs
```
### Update Attacker Groups Data
```
cd updater
python3 update.py
```
### Example
```
python3 main.py
Techniques used (ID or Name) (Seperate with comma):Brute Force,Commonly used port,connection proxy,Credential dumping
Softwares used (ID or Name) (Seperate with comma):Bankshot,mimikatz,Rawdisk
Most probable groups:
Lazarus Group
APT33
menuPass
Threat Group-3390
APT41
```
### Screenhot
