cti
cti copied to clipboard
mitre
Cyber Threat Intelligence Repository expressed in STIX 2.0
I was trying to use the latest copy of https://github.com/vmapps/attack2neo project to load MITRE Enterprise ATT&CK into a Neo4j database, and received numerous errors. 1) There are embedded Unicode characters...
Feature request: Sub directories for each version of MITRE ATT&CK® released, to allow to pull older versions when specifying a version. I.E: * Instead of: https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json * Becomes: https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/11.1/enterprise-attack.json So...
After seeing https://github.com/mitre/cti/issues/24 I would have a question. Is it possible, in the future, that a technique that revoked(replaced) another to also be "revoked-by" another technique ? Thank you
Hello, I noticed that some techniques and sub-techniques in the enterprise collection are missing the `x_mitre_is_subtechnique` key / flag. I've been using the TAXII server via this URL `https://cti-taxii.mitre.org/stix/collections/95ecc380-afe9-11e4-9b6c-751b66dd541e/` along...
There might be some typo errors in ATT&CK attack-pattern. First, in 'T1553.005' ('id': 'attack-pattern--7e7c2fba-7cca-486c-9582-4c1bb2851961'), during analysis of individual technique, in 'x_mitre_defense_bypassed', ``` 'x_mitre_defense_bypassed': ['Anti-virus, Application control'] ``` It has two...
hi, after parsed stix json, I found there are 2 cobalt strikes flagged as type "tool" and "malware".
Hello I have a question I am currently seeing that a couple of urls' are throwing a 404 end point denial of service https://cti-taxii.mitre.org/stix/collections/95ecc380-afe9-11e4-9b6c-751b66dd541e/objects/attack-pattern--01d5c7e7-1c74-4b20-9e43-548c5f4de113 Event Triggered Execution https://cti-taxii.mitre.org/stix/collections/95ecc380-afe9-11e4-9b6c-751b66dd541e/objects/attack-pattern--ccb9c607-8bfe-4141-8843-356453179da7 These were...
The microlibrary described in the USAGE.md document is slightly out of sync with the one defined in https://github.com/mitre-attack/attack-stix-data, especially since [this issue](https://github.com/mitre-attack/attack-stix-data/issues/12) pointed out a discrepancy in how the relationships...
`ServicesFile` should be updated to `Services File` in the following section of stix-capec.json: ```json { "source_name": "ATTACK", "description": "Hijack Execution Flow: ServicesFile Permissions Weakness", "url": "https://attack.mitre.org/wiki/Technique/T1574/010", "external_id": "T1574.010" } ```...
