Archive for the ‘netsec’ Category

pyattck: A Python package to interact with the Mitre ATT&CK Framework

July 11th, 2019

Hey all, I just released a new Python package called pyattck. This package enables you to retrieve data from the Mitre ATT&CK Framework, as well as relationship data points (e.g. Actors -> Their Tools, Malware, & Techniques).

Here is some sample code on how to use pyattck:

```python from pyattck import Attck

attack = Attck()

accessing actors

for actor in attack.actors: print(actor)

# accessing malware used by an actor or group for malware in actor.malware: print(malware) # accessing tools used by an actor or group for tool in actor.tools: print(tool) # accessing techniques used by an actor or group for technique in actor.techniques: print(technique) 

accessing malware

for malware in attack.malwares: print(malware)

# accessing actor or groups using this malware for actor in malware.actors: print(actor) # accessing techniques that this malware is used in for technique in malware.techniques: print(technique) 

accessing mitigation

for mitigation in attack.mitigations: print(mit)

# accessing techniques related to mitigation recommendations for technique in mitigation.techniques: print(technique) 

accessing tactics

for tactic in attack.tactics: print(tactic)

# accessing techniques related to this tactic for technique in tactic.techniques: print(technique) 

accessing techniques

for technique in attack.techniques: print(technique)

# accessing tactics that this technique belongs to for tactic in technique.tactics: print(tactic) # accessing mitigation recommendations for this technique for mitigation in technique.mitigation: print(mitigation) # accessing actors using this technique for actor in technique.actors: print(actor) 

accessing tools

for tool in attack.tools: print(tool)

# accessing techniques this tool is used in for technique in tool.techniques: print(technique) # accessing actor or groups using this tool for actor in tool.actors: print(actor) 

```

Check it out and let me know what you think!

Blog: https://swimlane.com/blog/swimlane-research-team-open-sources-pyattack/

Docs: https://pyattck.readthedocs.io/en/latest/

Repo: https://github.com/swimlane/pyattck

submitted by /u/_Unas_
[link] [comments]

Posted in netsec | Comments (0)

Fuzzing DNS zone parsers

July 11th, 2019
submitted by /u/pimterry
[link] [comments]

Posted in netsec | Comments (0)

Citrix (NetScaler) SD-WAN Multiple RCE + Auth bypass to RCE

July 11th, 2019
submitted by /u/lynerc
[link] [comments]

Posted in netsec | Comments (0)

Second order SQL injection in ZoneMinder

July 11th, 2019
submitted by /u/Sjoerder
[link] [comments]

Posted in netsec | Comments (0)

Discovering CVE-2019-13504, CVE-2019-13503 and the Importance of API Fuzzimg

July 11th, 2019
submitted by /u/jekapats
[link] [comments]

Posted in netsec | Comments (0)

CVE-2019-0888: Use-After-Free in Windows ActiveX Data Objects (ADO)

July 10th, 2019
submitted by /u/Sophos_FloSupport
[link] [comments]

Posted in netsec | Comments (0)

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry

July 10th, 2019
submitted by /u/marketingversprite
[link] [comments]

Posted in netsec | Comments (0)

Detecting Phishing with SPF Macros

July 10th, 2019
submitted by /u/jwcrux
[link] [comments]

Posted in netsec | Comments (0)

disasm.ninja: A realtime, multi-arch assembler and disassembler for shellcoding.

July 10th, 2019
submitted by /u/ret2got
[link] [comments]

Posted in netsec | Comments (0)

Security Advisory: Targeting AD FS With External Brute-Force Attacks

July 10th, 2019
submitted by /u/borisdan
[link] [comments]

Posted in netsec | Comments (0)