You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
However, right now Hayabusa outputs MITRE techniques in a single string separated by the broken pipe but would be better to output as an array of strings. Issue here: Yamato-Security/hayabusa#1230
So we may want to update hayabusa first before implementing this.
The legacy sigmatools has a command named sigma2attack that creates a navigator coverage map from sigma rules that can be used as a reference: https://pypi.org/project/sigmatools/
When Hayabusa saves results with JSONL and a profile with
%MitreTags%, I want to extract those technique IDs create a JSON file to import into ATT&CK Navigator.Something similar to this: https://github.com/olafhartong/sysmon-modular/blob/master/attack_matrix/Sysmon-modular.json
and this: https://github.com/olafhartong/sysmon-modular/tree/master/attack_matrix
Navigator: https://mitre-attack.github.io/attack-navigator/
However, right now Hayabusa outputs MITRE techniques in a single string separated by the broken pipe but would be better to output as an array of strings. Issue here: Yamato-Security/hayabusa#1230
So we may want to update hayabusa first before implementing this.
The legacy sigmatools has a command named
sigma2attackthat creates a navigator coverage map from sigma rules that can be used as a reference: https://pypi.org/project/sigmatools/@fukusuket Are you interested in this?
The text was updated successfully, but these errors were encountered: