Elemental : An ATT&CK Threat Library

Elemental is a centralized threat library of MITRE ATT&CK techniques, Atomic Red Team tests, and over 280 Sigma rules. It provides an alternative way to explore the ATT&CK dataset, mapping relevant Atomic Red Team tests and Sigma rules to their respective technique.

It allows defenders to create custom ATT&CK Techniques and upload Sigma Rules. The ATT&CK dataset was collected via the hunters-forge attackcti Python client. Atomic Red Team tests were imported from the Atomic Red Team GitHub repository. Sigma rules were imported from Sigma’s GitHub rule collection if they contained ATT&CK tags.

This platform was conceived as a capstone project for University of California Berkeley’s Master of Information and Cybersecurity program. We look forward to community feedback for new ideas and improvements.

This instance of Elemental is experimental and not configured for production deployment. Please see Django documentation on configuring a production server.

Features

• View ATT&CK Technique information
• View Atomic Red Team tests in Markdown and Yaml
• View Sigma rules in Yaml
• Add new ATT&CK Techniques (currently only available from Django Admin panel)
• Upload new Sigma rules (currently only available from Django Admin panel)

Installation

$git clone https://github.com/Elemental-attack/Elemental.git
$cd Elemental/elemental
$pip install -r requirements.txt
$python manage.py runserver
$Default Django admin page crendentials: user: elemental | password: berkelium

Also Read – Should-I-Trust : OSINT Tool To Evaluate Trustworthiness Of A Company

Screenshots

• Main Elements View

• Technique View

• Atomics View

• Sigma Rules View