3 releases (breaking)
0.3.0 | Apr 16, 2021 |
---|---|
0.2.0 | Apr 16, 2021 |
0.1.0 | Apr 14, 2021 |
#248 in #representation
3.5MB
1K
SLoC
attck
Crate for working with MITRE ATT&CK matrices in Rust.
This crate includes the schema and data for each MITRE ATT&CK matrix.
Usage
// initialize the matrix once; this parses JSON so it can be expensive.
let enterprise = attck::enterprise();
let threat = enterprise
.intrusion_sets()
.find(|int_set| int_set.name() == "BRONZE BUTLER")
.unwrap();
// For the example only look at the attack patterns whose IDs resolve in the collection.
// STIX data will not always be so clean, so the extra call to `resolve` enables graph
// traversal without panicking in those cases.
for pat in threat.uses_attack_patterns().filter_map(|r| r.resolve()) {
println!("{}", pat.name());
// Every SRO relationship is expressed as a pair of methods for forward and backward
// traversal, making typesafe navigation easy.
for mitigation in pat
.mitigated_by_courses_of_action()
.filter_map(|r| r.resolve())
{
println!(" - {}", mitigation.name());
}
}
Dependencies
~8.5MB
~139K SLoC