Skip to content

buzzer-re/DeepSecurity-2-ATTCK

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
screenshoots
screenshoots
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
api_loader.py
api_loader.py
 
 
ds.conf
ds.conf
 
 
dsattck.py
dsattck.py
 
 

Repository files navigation

Deep Security to ATT&CK

What this do ?

This tool create an MITRE ATT&CK matrix using all rules that are installed in your Deep Security that has a ATT&CK flag.

Which modules are available ?

Right now it only pull Integrity Monitoring and Intrusion Prevention rules (that are the only one that has ATT&CK)

Screenshoot (DSaaS):

Deep Security SaSS

Installation

  • Download and install the last Python SDK
  • Generate an Api key with at least view permission at Intrusion prevention, Integrity monitoring and Computers, tutorial.
  • Fill ds.conf with your api route and key

Usage

Just:

  python dsattck.py

If you filled the config file correctly, everything should work! This will generate 2 json files, enviroment and applied rules, an matrix with ALL rules and a matrix with the applied rules only, you can submit this files at ATT&CK Navigator

Please contact about any bug that you may found, the API/SDK change a LOT!

About

Pull your DS rules and build a ATT&CK matrix

Topics

blueteam mitre-attack deep-security threathunting

Resources

Readme
Activity

Stars

7 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages