mitreattack-python icon indicating copy to clipboard operation
mitreattack-python copied to clipboard

Published 20 hours ago verified publisher icon mitre-attack

[Request] ATT&CK stix2 classes

Open lilyjw opened this issue 3 years ago • 1 comments

Is your feature request related to a problem?

No, but for background, I've rolled custom STIX and Navigator layer generation scripts for use with an ATT&CK Navigator fork.

Describe the solution you'd like

My "to-stix" Python script includes the definition of ATT&CK stix2.v20 classes for the creation of tactics and matrices. Would it be useful to have these classes as a utility in this repository for broader use?

Describe alternatives you've considered

Looked through this repo for similar classes, but didn't find a match.

Additional context

Happy to chat about other functionality overlaps and ways to contribute back to ATT&CK.

lilyjw avatar Mar 24 '22 18:03 lilyjw

Thanks for the suggestion! I think this would be a good place to add that sort of functionality. Feel free to add a pull request referencing this issue. I think a halfway decent spot to put them might be something like

|-- mitreattack/
    |-- stix/
        |-- __init__.py
        |-- README.md
        |-- v20.py
        |   |-- AttackTactic()
        |   |-- AttackMatrix()
        |   |-- AttackTechnique()
        |   |-- <etc.>
        |-- v21.py
            |-- AttackTactic()
            |-- AttackMatrix()
            |-- AttackTechnique()
            |-- <etc.>

Since they wouldn't be used immediately by anyone, i'm open to suggestions on structure of where they would fit in the library as well.

jondricek avatar Apr 01 '22 20:04 jondricek