Elemental - An MITRE ATTACK Threat Library
This platform was conceived as a capstone project for University of California Berkeley's Master of Information and Cybersecurity program. We look forward to community feedback for new ideas and improvements. This instance of Elemental is experimental and not configured for production deployment. Please see Django documentation on configuring a production server.
Features
- View ATT&CK Technique information
- View Atomic Red Team tests in Markdown and Yaml
- View Sigma rules in Yaml
- Add new ATT&CK Techniques (currently only available from Django Admin panel)
- Upload new Sigma rules (currently only available from Django Admin panel)
Screenshots
Main Elements View
Technique View
Atomics View
Sigma Rules View
Installation
git clone https://github.com/Elemental-attack/Elemental.git
cd Elemental/elemental
pip install -r requirements.txt
python manage.py runserver
Default Django admin page crendentials: user: elemental | password: berkelium
Thanks
Mitre ATT&CK - https://github.com/mitre/cti
Atomic Red Team - https://github.com/redcanaryco/atomic-red-team
ATT&CK Python Client - https://github.com/hunters-forge/ATTACK-Python-Client
Sigma - https://github.com/Neo23x0/sigma
TODO
- Log Source mapping for Techniques and Sigma rules
- Custom Techniques add
- Custom Sigma Rules upload
- Sigmac to convert rules to desired SIEM
- Filter capabilities on Elements page
- Integrate update functionality for ATT&CK, Atomic Red Team, and Sigma rules repo
Authors
- Josh Hakala (exec-bypass)
- Steve Rice (sdrice)
- Aaron Crouch (TTwoONEsiXX)
- Erick Pasco (epasco5)
Elemental - An MITRE ATTACK Threat Library
Reviewed by Zion3R
on
5:30 PM
Rating:
Reviewed by Zion3R
on
5:30 PM
Rating:
