Export All Techniques to CSV

Import Libraries

from attackcti import attack_client
from pandas import *
import json

import logging
logging.getLogger('taxii2client').setLevel(logging.CRITICAL)

Initialize Attack client

lift = attack_client()

Get All Techniques STIX Format

all_techniques = lift.get_techniques()
len(all_techniques)
736

Export CSV File

techniques = []
for t in all_techniques:
    techniques.append(json.loads(t.serialize()))
df = pandas.json_normalize(techniques)
df.head()
type id created_by_ref created modified name description kill_chain_phases external_references object_marking_refs ... x_mitre_permissions_required x_mitre_platforms x_mitre_version x_mitre_remote_support x_mitre_system_requirements x_mitre_network_requirements x_mitre_effective_permissions x_mitre_impact_type x_mitre_tactic_type x_mitre_old_attack_id
0 attack-pattern attack-pattern--b22e5153-ac28-4cc6-865c-2054e3... identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5 2021-10-12T20:02:31.866Z 2021-10-16T01:50:40.276Z Resource Forking Adversaries may abuse resource forks to hide m... [{'kill_chain_name': 'mitre-attack', 'phase_na... [{'source_name': 'mitre-attack', 'url': 'https... [marking-definition--fa42a846-8d90-4e51-bc29-7... ... [User] [macOS] 1.0 NaN NaN NaN NaN NaN NaN NaN
1 attack-pattern attack-pattern--824add00-99a1-4b15-9a2d-6c5683... identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5 2021-10-08T14:06:28.212Z 2021-10-15T00:48:06.723Z Downgrade Attack Adversaries may downgrade or use a version of ... [{'kill_chain_name': 'mitre-attack', 'phase_na... [{'source_name': 'mitre-attack', 'url': 'https... [marking-definition--fa42a846-8d90-4e51-bc29-7... ... [User] [Windows, Linux, macOS] 1.0 NaN NaN NaN NaN NaN NaN NaN
2 attack-pattern attack-pattern--84601337-6a55-4ad7-9c35-79e0d1... identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5 2021-10-05T21:26:15.081Z 2021-10-18T16:36:37.042Z Login Items Adversaries may add login items to execute upo... [{'kill_chain_name': 'mitre-attack', 'phase_na... [{'source_name': 'mitre-attack', 'url': 'https... [marking-definition--fa42a846-8d90-4e51-bc29-7... ... [User] [macOS] 1.0 NaN NaN NaN NaN NaN NaN NaN
3 attack-pattern attack-pattern--4933e63b-9b77-476e-ab29-761bc5... identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5 2021-10-05T01:15:06.293Z 2021-11-01T18:09:09.670Z Reflective Code Loading Adversaries may reflectively load code into a ... [{'kill_chain_name': 'mitre-attack', 'phase_na... [{'source_name': 'mitre-attack', 'url': 'https... [marking-definition--fa42a846-8d90-4e51-bc29-7... ... [User] [macOS, Linux, Windows] 1.0 NaN NaN NaN NaN NaN NaN NaN
4 attack-pattern attack-pattern--8565825b-21c8-4518-b75e-cbc4c7... identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5 2021-10-01T17:58:26.445Z 2021-10-07T18:19:25.352Z Cloud Storage Object Discovery Adversaries may enumerate objects in cloud sto... [{'kill_chain_name': 'mitre-attack', 'phase_na... [{'source_name': 'mitre-attack', 'url': 'https... [marking-definition--fa42a846-8d90-4e51-bc29-7... ... NaN [IaaS] 1.0 NaN NaN NaN NaN NaN NaN NaN

5 rows × 25 columns

df.to_csv('all_techniques_stix.csv', index=False)

Get All Techniques Non-STIX Format

all_techniques = lift.get_techniques(stix_format=False)
len(all_techniques)
736
df = pandas.json_normalize(all_techniques)
df.head()
kill_chain_phases external_references x_mitre_version type id created_by_ref created modified technique technique_description ... platform remote_support capec_id capec_url system_requirements network_requirements effective_permissions impact_type tactic_type x_mitre_old_attack_id
0 [{'kill_chain_name': 'mitre-attack', 'phase_na... [{'source_name': 'mitre-attack', 'url': 'https... 1.0 attack-pattern attack-pattern--b22e5153-ac28-4cc6-865c-2054e3... identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5 2021-10-12T20:02:31.866Z 2021-10-16T01:50:40.276Z Resource Forking Adversaries may abuse resource forks to hide m... ... [macOS] NaN NaN NaN NaN NaN NaN NaN NaN NaN
1 [{'kill_chain_name': 'mitre-attack', 'phase_na... [{'source_name': 'mitre-attack', 'url': 'https... 1.0 attack-pattern attack-pattern--824add00-99a1-4b15-9a2d-6c5683... identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5 2021-10-08T14:06:28.212Z 2021-10-15T00:48:06.723Z Downgrade Attack Adversaries may downgrade or use a version of ... ... [Windows, Linux, macOS] NaN NaN NaN NaN NaN NaN NaN NaN NaN
2 [{'kill_chain_name': 'mitre-attack', 'phase_na... [{'source_name': 'mitre-attack', 'url': 'https... 1.0 attack-pattern attack-pattern--84601337-6a55-4ad7-9c35-79e0d1... identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5 2021-10-05T21:26:15.081Z 2021-10-18T16:36:37.042Z Login Items Adversaries may add login items to execute upo... ... [macOS] NaN NaN NaN NaN NaN NaN NaN NaN NaN
3 [{'kill_chain_name': 'mitre-attack', 'phase_na... [{'source_name': 'mitre-attack', 'url': 'https... 1.0 attack-pattern attack-pattern--4933e63b-9b77-476e-ab29-761bc5... identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5 2021-10-05T01:15:06.293Z 2021-11-01T18:09:09.670Z Reflective Code Loading Adversaries may reflectively load code into a ... ... [macOS, Linux, Windows] NaN NaN NaN NaN NaN NaN NaN NaN NaN
4 [{'kill_chain_name': 'mitre-attack', 'phase_na... [{'source_name': 'mitre-attack', 'url': 'https... 1.0 attack-pattern attack-pattern--8565825b-21c8-4518-b75e-cbc4c7... identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5 2021-10-01T17:58:26.445Z 2021-10-07T18:19:25.352Z Cloud Storage Object Discovery Adversaries may enumerate objects in cloud sto... ... [IaaS] NaN NaN NaN NaN NaN NaN NaN NaN NaN

5 rows × 31 columns

Export CSV File

df.to_csv('all_techniques_non_stix.csv', index=False)