Setting up local data files
dssangan opened this issue · comments
Describe the bug
I'm want to run the pyattck in an air-gapped environment (no internet access). Primarily focusing on enterprise attack json file.
I'm locally testing by downloading the enterprise attack JSON file, but running into following error: TypeError: pyattck_data.attack.MitreAttck() argument after ** must be a mapping, not NoneType
Not sure entirely on how to resolve this. Feel free to close the issue, if there is a simpler solution for this.
Here is the code utilized:
from pyattck import Attck
attack = Attck(
data_path="C:/Users/630039/Downloads/Git Repos - Not work/testing/mitre_data",
enterprise_attck_json = "enterprise-attack.json"
)
for technique in attack.preattack.techniques:
# if you want to return individual properties of this object you call them directly
print(technique.id)
for technique in attack.enterprise.techniques:
print(technique.id)
print(technique.name)
for subtechnique in technique.techniques:
print(subtechnique.id)
print(subtechnique.name)
Update on this issue for anyone who might come across this. So, Swimlane hosts their own JSON file at: https://swimlane-pyattck.s3.us-west-2.amazonaws.com/merged_enterprise_attck_v1.json which looks following:
I got my files through MITRE CTI repo hosted in github at: https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json. The JSON structure is different from one hosted by swimlane. Which looks as following:
It seems python have issues reading/opening the json file available on Github MITRE CTI. Basically we need to format the JSON file in similar manner as Swimlane has done