Maps APT threat actors' TTPs to MITRE ATT&CK using attackcti Python library and Navigator. Queries STIX/TAXII for organization-technique associations, generates visualization layers, and compares defense coverage.
npx claudepluginhub killvxk/cybersecurity-skills-zhThis skill uses the workspace's default tool permissions.
MITRE ATT&CK Navigator 是一款用于标注和可视化 ATT&CK 矩阵的 Web 应用。结合 attackcti Python 库(通过 TAXII 查询 ATT&CK STIX 数据),分析人员可以以编程方式生成 Navigator 层文件,映射特定威胁组织的 TTP,比较多个组织,并评估针对已知对手的检测覆盖差距。
Maps threat actor TTPs to MITRE ATT&CK framework using Python libraries, generates ATT&CK Navigator heatmaps, identifies detection gaps, and creates reports linking IOCs to Enterprise/Mobile/ICS techniques.
Maps APT group TTPs to MITRE ATT&CK using attackcti Python library. Queries STIX/TAXII data, generates Navigator layer files for visualization, and assesses defensive coverage gaps.
Maps APT group TTPs to MITRE ATT&CK using attackcti Python library and ATT&CK Navigator. Queries STIX/TAXII data, generates layer files for visualization, analyzes defensive coverage.
Share bugs, ideas, or general feedback.
MITRE ATT&CK Navigator 是一款用于标注和可视化 ATT&CK 矩阵的 Web 应用。结合 attackcti Python 库(通过 TAXII 查询 ATT&CK STIX 数据),分析人员可以以编程方式生成 Navigator 层文件,映射特定威胁组织的 TTP,比较多个组织,并评估针对已知对手的检测覆盖差距。
{
"name": "APT29 TTPs",
"domain": "enterprise-attack",
"techniques": [
{"techniqueID": "T1566.001", "score": 1, "comment": "Spearphishing Attachment"},
{"techniqueID": "T1059.001", "score": 1, "comment": "PowerShell"}
]
}