attck
| Crates.io | attck |
| lib.rs | attck |
| version | 0.3.0 |
| created_at | 2021-04-14 00:58:42.16678+00 |
| updated_at | 2021-04-16 16:01:23.379957+00 |
| description | Structure representation of MITRE ATT&CK matrices |
| homepage | |
| repository | https://github.com/TedDriggs/cti |
| max_upload_size | |
| id | 383188 |
| size | 22,407,527 |
Ted Driggs (TedDriggs)
documentation
https://docs.rs/attck/0.3.0
README
attck
Crate for working with MITRE ATT&CK matrices in Rust.
This crate includes the schema and data for each MITRE ATT&CK matrix.
Usage
// initialize the matrix once; this parses JSON so it can be expensive.
let enterprise = attck::enterprise();
let threat = enterprise
.intrusion_sets()
.find(|int_set| int_set.name() == "BRONZE BUTLER")
.unwrap();
// For the example only look at the attack patterns whose IDs resolve in the collection.
// STIX data will not always be so clean, so the extra call to `resolve` enables graph
// traversal without panicking in those cases.
for pat in threat.uses_attack_patterns().filter_map(|r| r.resolve()) {
println!("{}", pat.name());
// Every SRO relationship is expressed as a pair of methods for forward and backward
// traversal, making typesafe navigation easy.
for mitigation in pat
.mitigated_by_courses_of_action()
.filter_map(|r| r.resolve())
{
println!(" - {}", mitigation.name());
}
}