Skip to content
/ sigma-tactics-organizer Public

Script that organize Sigma rules by MITRE | ATT&CK tactics and techniques.

3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dan21san/sigma-tactics-organizer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits

.gitignore

.gitignore

 
 

README.md

README.md

 
 

RulesMitreOrganizer.py

RulesMitreOrganizer.py

 
 

Repository files navigation

sigma-tactics-organizer

Script that organize Sigma rules by MITRE | ATT&CK tactics and techniques.

Download the Sigma rules from the awesome public project SigmaHQ (https://github.com/SigmaHQ/sigma/tree/master/rules) then with this simple script you will have all the rules organized in 2 main folders (tactics and techniques) and many sub-folders for different typology.

mitre
  --> tactics
          --> TA0043_reconnaissance
          --> TA0042_resource_development
          --> ...
  --> techniques
          --> T1002
          --> T1006
          --> ...

image

The script considers as input path ../sigma/rules/ and as the output path .../sigma/rules/mitre. This can be easily modified by changing the following lines of the scripts

root_directory = script_directory+'/sigma/rules/windows'
destination_base_directory = script_directory+'/sigma/rules/mitre'

Example

from shell:

$ python3 RulesMitreOrganizer.py

References

https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json

https://github.com/SigmaHQ/sigma

About

Script that organize Sigma rules by MITRE | ATT&CK tactics and techniques.

Topics

organizer mitre-attack sigma-rules

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages